$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/TlRTPFExpGamd1MetE6bzVGVcZE.roa File: TlRTPFExpGamd1MetE6bzVGVcZE.roa (raw, json) Hash identifier: oIbcd+15MEbStKH0+/RUnxebNUB1szVIhzFaCxxU3fk= Subject key identifier: 4E:54:53:3C:51:31:A4:66:A6:77:53:1E:B4:4E:9B:CD:51:95:71:91 Certificate issuer: /CN=B2C11A2BBD411878ED1B44D79F137D9689C86840 Certificate serial: 02AA Authority key identifier: B2:C1:1A:2B:BD:41:18:78:ED:1B:44:D7:9F:13:7D:96:89:C8:68:40 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ssEaK71BGHjtG0TXnxN9lonIaEA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/TlRTPFExpGamd1MetE6bzVGVcZE.roa Signing time: Fri 22 Aug 2025 08:56:48 +0000 ROA not before: Fri 22 Aug 2025 08:56:48 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131652 IP address blocks: 103.160.224.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/ssEaK71BGHjtG0TXnxN9lonIaEA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/ssEaK71BGHjtG0TXnxN9lonIaEA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ssEaK71BGHjtG0TXnxN9lonIaEA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 682 (0x2aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B2C11A2BBD411878ED1B44D79F137D9689C86840 Validity Not Before: Aug 22 08:56:48 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=4E54533C5131A466A677531EB44E9BCD51957191 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:01:80:26:d7:23:82:93:ac:c2:27:be:27:3b: 24:29:13:a1:46:5e:11:a8:6f:75:fb:cb:ba:de:d5: 61:5f:3a:33:82:a7:76:1f:20:fc:28:06:fa:20:a6: f2:a8:99:6b:a4:2f:a7:3c:65:2a:4b:f4:5d:2d:4d: b9:65:39:a4:79:4e:60:69:da:b0:8f:4e:c2:ec:a4: c8:22:74:45:13:39:f6:00:0d:98:db:ea:ab:11:24: 9d:66:7d:a8:8d:09:86:bd:ca:35:5e:11:ce:e9:5f: 40:c9:5e:66:27:55:83:f7:c3:8b:0f:41:9a:23:d1: ea:95:51:a5:1d:10:7e:d3:fb:99:86:b5:b1:e6:8a: 51:c7:4d:6c:2e:6a:76:17:70:3a:be:4c:8e:9e:02: 63:c3:65:28:4c:a9:31:fa:a6:91:13:a4:2f:e4:b5: 99:7f:8f:89:d5:23:dc:c6:55:4f:ce:b2:be:7d:25: 36:6b:3b:d7:3d:b0:14:03:0e:dc:04:79:3e:c8:2f: 31:0e:ba:86:e1:d5:c8:46:f8:df:30:a9:e8:d8:fe: 45:e9:aa:95:74:ce:2a:d1:75:0e:41:43:f1:ba:f7: d3:43:fe:a3:e9:51:f3:6b:e3:38:c4:01:a7:1d:91: 84:da:34:90:b7:15:4b:95:ac:34:fc:60:ee:1f:8f: 55:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:54:53:3C:51:31:A4:66:A6:77:53:1E:B4:4E:9B:CD:51:95:71:91 X509v3 Authority Key Identifier: keyid:B2:C1:1A:2B:BD:41:18:78:ED:1B:44:D7:9F:13:7D:96:89:C8:68:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/ssEaK71BGHjtG0TXnxN9lonIaEA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ssEaK71BGHjtG0TXnxN9lonIaEA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/TlRTPFExpGamd1MetE6bzVGVcZE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.160.224.0/23 Signature Algorithm: sha256WithRSAEncryption b9:c0:1a:f6:7a:4c:8d:21:e3:67:02:50:5d:d7:09:49:0e:37: bc:9e:ad:93:a8:bb:7e:f2:f9:9a:48:c3:d0:f7:63:d3:73:a7: d8:5d:e4:e1:08:4a:09:7a:e9:f2:79:97:8c:3a:bb:82:ca:cd: 57:34:55:cd:3d:f8:45:b5:52:f6:52:1d:0f:8a:81:b0:88:5b: 83:0c:c6:b1:44:8f:aa:98:56:6b:37:ff:4c:3e:73:8c:5f:d5: e6:79:7c:66:3d:5a:d6:7f:07:4b:0a:0d:34:67:99:d6:e2:0e: f4:e4:a3:c3:60:5d:ad:57:c0:bd:14:80:0c:75:a0:ce:58:85: ab:6c:86:07:e2:a0:b3:97:f0:95:44:af:fe:4e:c3:c4:62:5c: 52:76:f7:be:5a:38:77:ef:45:b6:e5:79:12:f4:7d:27:b7:87: ac:e6:04:03:25:e7:9b:e2:56:1e:14:f1:0e:32:3f:eb:e4:cb: 8f:75:33:4d:1d:49:9a:20:ed:aa:07:c7:ac:12:af:16:af:f4: b2:8e:af:a6:3b:68:7b:02:94:46:d0:1a:56:31:6b:8b:bf:91: c2:be:58:d1:c5:66:f7:20:c7:a4:f5:04:b5:75:b3:f9:b8:97: 26:ba:8b:62:f2:f1:3a:ca:a0:22:ae:f4:91:4a:2d:3b:c5:7e: 1f:6d:2b:c4 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICAqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjJD MTFBMkJCRDQxMTg3OEVEMUI0NEQ3OUYxMzdEOTY4OUM4Njg0MDAeFw0yNTA4MjIw ODU2NDhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDRFNTQ1MzNDNTEzMUE0 NjZBNjc3NTMxRUI0NEU5QkNENTE5NTcxOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbAYAm1yOCk6zCJ74nOyQpE6FGXhGob3X7y7re1WFfOjOCp3Yf IPwoBvogpvKomWukL6c8ZSpL9F0tTbllOaR5TmBp2rCPTsLspMgidEUTOfYADZjb 6qsRJJ1mfaiNCYa9yjVeEc7pX0DJXmYnVYP3w4sPQZoj0eqVUaUdEH7T+5mGtbHm ilHHTWwuanYXcDq+TI6eAmPDZShMqTH6ppETpC/ktZl/j4nVI9zGVU/Osr59JTZr O9c9sBQDDtwEeT7ILzEOuobh1chG+N8wqejY/kXpqpV0zirRdQ5BQ/G699ND/qPp UfNr4zjEAacdkYTaNJC3FUuVrDT8YO4fj1UtAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUTlRTPFExpGamd1MetE6bzVGVcZEwHwYDVR0jBBgwFoAUssEaK71BGHjtG0TX nxN9lonIaEAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkVUR1VB UkQvc3NFYUs3MUJHSGp0RzBUWG54Tjlsb25JYUVBLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9zc0VhSzcxQkdIanRHMFRYbnhOOWxvbklhRUEuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ORVRHVUFSRC9UbFJUUEZFeHBHYW1k MU1ldEU2YnpWR1ZjWkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6DgMA0GCSqGSIb3DQEBCwUAA4IBAQC5wBr2ekyNIeNnAlBd1wlJDje8nq2T qLt+8vmaSMPQ92PTc6fYXeThCEoJeunyeZeMOruCys1XNFXNPfhFtVL2Uh0PioGw iFuDDMaxRI+qmFZrN/9MPnOMX9XmeXxmPVrWfwdLCg00Z5nW4g705KPDYF2tV8C9 FIAMdaDOWIWrbIYH4qCzl/CVRK/+TsPEYlxSdve+Wjh370W25XkS9H0nt4es5gQD Jeeb4lYeFPEOMj/r5MuPdTNNHUmaIO2qB8esEq8Wr/Syjq+mO2h7ApRG0BpWMWuL v5HCvljRxWb3IMek9QS1dbP5uJcmuoti8vE6yqAirvSRSi07xX4fbSvE -----END CERTIFICATE-----Generated at Sun Aug 24 13:35:57 2025 by rpki-client