$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/dAu6xDFFtlWLJFDtkyBK_Z2gqGA.roa File: dAu6xDFFtlWLJFDtkyBK_Z2gqGA.roa (raw, json) Hash identifier: WQHtXkfdQl/7FLdk32F3wHpSkTJtqsjLQY+6Oo7A0L4= Subject key identifier: 74:0B:BA:C4:31:45:B6:55:8B:24:50:ED:93:20:4A:FD:9D:A0:A8:60 Certificate issuer: /CN=3730D9A195AB710286722CE5CCA467CFBA5BD494 Certificate serial: 021B Authority key identifier: 37:30:D9:A1:95:AB:71:02:86:72:2C:E5:CC:A4:67:CF:BA:5B:D4:94 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/dAu6xDFFtlWLJFDtkyBK_Z2gqGA.roa Signing time: Fri 22 Aug 2025 08:52:18 +0000 ROA not before: Fri 22 Aug 2025 08:52:18 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 31972 IP address blocks: 64.78.160.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 539 (0x21b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3730D9A195AB710286722CE5CCA467CFBA5BD494 Validity Not Before: Aug 22 08:52:18 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=740BBAC43145B6558B2450ED93204AFD9DA0A860 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:6c:fd:53:b6:bc:cd:50:5e:68:fc:84:c8:f3: 1e:3c:36:1e:e9:f5:fd:ae:d6:b0:31:14:fe:54:f2: 1d:55:ea:bf:cd:92:30:af:73:8f:ef:cb:dc:9e:64: 6f:48:a5:0c:af:1f:d2:78:1d:59:0d:1e:cd:5b:80: 5c:2b:72:fd:c7:06:05:db:4e:ea:a9:7e:3b:6e:34: 07:c3:b7:7d:6f:aa:21:8b:92:68:93:7c:54:09:37: 71:e9:25:51:79:cf:08:17:5e:fc:c5:23:d4:67:c8: b2:bf:ff:9e:d1:93:3f:ae:00:e5:fa:5f:ca:7c:40: 46:1e:e0:02:2e:96:1a:11:59:8a:9a:51:ac:ed:a5: 6e:f1:d7:ca:5d:01:58:6d:29:5c:d4:c3:56:e2:47: b0:56:18:28:44:52:ce:4a:68:1d:80:c1:1e:52:68: f5:8c:7d:0d:c3:79:95:05:8b:2f:b4:3c:60:31:c2: df:d0:0a:32:1b:7c:c6:bf:1c:cd:f9:5d:28:61:c4: ca:e0:b8:80:8b:71:3f:39:0e:7c:62:51:25:19:83: cf:d3:bb:e4:63:64:55:39:2f:ca:3d:dc:6f:a4:ef: 28:b1:d9:b4:bf:e6:eb:ba:8b:89:a6:75:84:91:fb: 46:38:6c:35:5d:b6:27:3d:d7:35:8e:dc:01:59:57: 90:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:0B:BA:C4:31:45:B6:55:8B:24:50:ED:93:20:4A:FD:9D:A0:A8:60 X509v3 Authority Key Identifier: keyid:37:30:D9:A1:95:AB:71:02:86:72:2C:E5:CC:A4:67:CF:BA:5B:D4:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/dAu6xDFFtlWLJFDtkyBK_Z2gqGA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 64.78.160.0/20 Signature Algorithm: sha256WithRSAEncryption 95:18:6e:92:8e:a6:26:b1:5e:52:f2:f7:4b:26:4b:34:b6:24: 0e:25:dd:d2:35:61:19:4b:79:4f:86:f2:de:04:f5:1d:71:2d: 34:6d:e0:ec:84:07:69:45:a3:39:01:0a:57:46:5a:80:b0:2e: 25:20:57:c9:71:5f:b1:18:f7:9b:b4:1a:9e:2c:af:a7:14:b3: 3e:ac:44:02:43:00:0a:68:49:ba:66:df:34:f1:5a:cc:f1:c0: b3:28:38:f2:07:10:75:2d:e0:9f:71:6c:61:e8:3d:4c:24:d4: ec:f9:25:4b:2b:a8:7c:a4:1e:f6:17:33:7e:4e:7a:0c:2e:a9: bd:19:bc:42:a0:77:2c:53:e9:ab:16:cc:62:a9:e6:9c:9e:21: 08:fd:a4:59:36:6d:99:b4:b4:0e:48:08:45:a5:90:ec:8f:dc: 54:89:46:e1:d0:24:d8:65:b1:20:0a:76:b6:b5:5a:1b:b2:2f: 2b:5a:bd:a5:a2:1d:a3:db:a1:05:25:6e:ab:23:ce:d8:45:5c: d3:60:3f:b4:ba:18:f8:c8:9c:1b:69:66:b7:bc:df:7c:ff:b1: a9:da:3f:e7:fe:41:32:ba:d5:b5:08:3f:2e:1c:e6:9f:04:1e: 4b:37:85:04:27:08:7f:44:f3:fc:44:b0:ee:da:e7:86:d6:4c: 75:dd:2d:aa -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICAhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzcz MEQ5QTE5NUFCNzEwMjg2NzIyQ0U1Q0NBNDY3Q0ZCQTVCRDQ5NDAeFw0yNTA4MjIw ODUyMThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDc0MEJCQUM0MzE0NUI2 NTU4QjI0NTBFRDkzMjA0QUZEOURBMEE4NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvbP1TtrzNUF5o/ITI8x48Nh7p9f2u1rAxFP5U8h1V6r/NkjCv c4/vy9yeZG9IpQyvH9J4HVkNHs1bgFwrcv3HBgXbTuqpfjtuNAfDt31vqiGLkmiT fFQJN3HpJVF5zwgXXvzFI9RnyLK//57Rkz+uAOX6X8p8QEYe4AIulhoRWYqaUazt pW7x18pdAVhtKVzUw1biR7BWGChEUs5KaB2AwR5SaPWMfQ3DeZUFiy+0PGAxwt/Q CjIbfMa/HM35XShhxMrguICLcT85DnxiUSUZg8/Tu+RjZFU5L8o93G+k7yix2bS/ 5uu6i4mmdYSR+0Y4bDVdtic91zWO3AFZV5CXAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUdAu6xDFFtlWLJFDtkyBK/Z2gqGAwHwYDVR0jBBgwFoAUNzDZoZWrcQKGcizl zKRnz7pb1JQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVT Q09NL056RFpvWldyY1FLR2Npemx6S1JuejdwYjFKUS5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvTnpEWm9aV3JjUUtHY2l6bHpLUm56N3BiMUpRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVTQ09NL2RBdTZ4REZGdGxX TEpGRHRreUJLX1oyZ3FHQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBARATqAwDQYJKoZIhvcNAQELBQADggEBAJUYbpKOpiaxXlLy90smSzS2JA4l 3dI1YRlLeU+G8t4E9R1xLTRt4OyEB2lFozkBCldGWoCwLiUgV8lxX7EY95u0Gp4s r6cUsz6sRAJDAApoSbpm3zTxWszxwLMoOPIHEHUt4J9xbGHoPUwk1Oz5JUsrqHyk HvYXM35Oegwuqb0ZvEKgdyxT6asWzGKp5pyeIQj9pFk2bZm0tA5ICEWlkOyP3FSJ RuHQJNhlsSAKdra1WhuyLytavaWiHaPboQUlbqsjzthFXNNgP7S6GPjInBtpZre8 33z/sanaP+f+QTK61bUIPy4c5p8EHks3hQQnCH9E8/xEsO7a54bWTHXdLao= -----END CERTIFICATE-----Generated at Sun Aug 24 11:14:26 2025 by rpki-client