$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NSS/Nu9kfBG45SfjRnXx-L36f_kkoKc.roa File: Nu9kfBG45SfjRnXx-L36f_kkoKc.roa (raw, json) Hash identifier: AOf1i6lAsY72ipiK1L1N4ztYIvJwzCvDYiNXZtbIcjo= Subject key identifier: 36:EF:64:7C:11:B8:E5:27:E3:46:75:F1:F8:BD:FA:7F:F9:24:A0:A7 Certificate issuer: /CN=7957076E29BFC1648EFF71A398BAAC4A9E886820 Certificate serial: 0D6C Authority key identifier: 79:57:07:6E:29:BF:C1:64:8E:FF:71:A3:98:BA:AC:4A:9E:88:68:20 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/eVcHbim_wWSO_3GjmLqsSp6IaCA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/Nu9kfBG45SfjRnXx-L36f_kkoKc.roa Signing time: Fri 22 Aug 2025 09:04:05 +0000 ROA not before: Fri 22 Aug 2025 09:04:05 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131626 IP address blocks: 2403:f3c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/eVcHbim_wWSO_3GjmLqsSp6IaCA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/eVcHbim_wWSO_3GjmLqsSp6IaCA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/eVcHbim_wWSO_3GjmLqsSp6IaCA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3436 (0xd6c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7957076E29BFC1648EFF71A398BAAC4A9E886820 Validity Not Before: Aug 22 09:04:05 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=36EF647C11B8E527E34675F1F8BDFA7FF924A0A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:18:f2:b9:83:8e:88:00:60:ad:0a:7a:67:6c: e4:52:3d:e0:25:62:59:4c:34:4d:59:c6:7f:c6:b4: da:b3:4e:05:ac:ca:ee:30:0d:c0:69:fc:c9:fe:f6: a2:1a:96:75:e9:14:4f:8b:04:9e:2e:99:26:86:88: cd:8e:3e:47:c2:c6:1e:1e:42:ca:57:24:d8:c1:0b: ba:90:45:44:08:e9:4a:f2:68:e6:4d:e7:06:e5:16: 5c:14:68:be:af:18:90:55:a3:4c:74:b0:21:25:3a: 73:7f:1e:b5:a9:81:07:5e:36:e1:29:55:69:8c:3d: 85:0f:b9:ff:db:87:3c:e7:59:ff:57:66:54:3f:7a: c4:85:67:e8:24:3f:b8:ff:db:c7:01:79:87:52:1f: ce:c1:81:be:10:55:c6:06:42:45:02:b4:fa:04:1c: 2b:c8:96:eb:5a:e7:d4:69:d1:9a:a4:89:f9:d3:ad: 38:35:c5:a0:29:d5:51:d0:27:93:d8:68:c4:3a:a6: 93:d6:2c:ad:b7:84:22:67:84:a7:3c:a0:e1:f1:c5: d4:26:b4:a0:39:5a:e8:03:da:f5:0b:5c:51:b7:f9: 7d:13:fc:c9:b1:6b:fe:d0:75:4d:9c:52:64:88:9b: 98:8a:3c:d9:87:57:0e:8b:f9:45:05:28:af:9d:1e: b0:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:EF:64:7C:11:B8:E5:27:E3:46:75:F1:F8:BD:FA:7F:F9:24:A0:A7 X509v3 Authority Key Identifier: keyid:79:57:07:6E:29:BF:C1:64:8E:FF:71:A3:98:BA:AC:4A:9E:88:68:20 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/eVcHbim_wWSO_3GjmLqsSp6IaCA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/eVcHbim_wWSO_3GjmLqsSp6IaCA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/Nu9kfBG45SfjRnXx-L36f_kkoKc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:f3c0::/32 Signature Algorithm: sha256WithRSAEncryption ab:3f:4e:88:a9:66:a1:2b:35:6b:e6:08:3c:bf:41:73:c6:59: d9:e5:b5:ef:6e:9a:00:a0:41:69:11:6b:cd:93:68:97:20:71: 76:a4:9a:1a:66:ae:59:b0:b7:e6:1a:00:ed:7a:aa:56:ee:e8: 47:d6:c0:f0:4e:8e:3d:3b:5c:bc:f3:91:1e:2f:75:df:b1:91: c1:d5:01:3f:a9:71:64:48:1b:75:0c:37:a5:8c:78:93:1d:1b: a6:ed:f1:03:2c:1d:75:2b:67:22:56:2c:97:c9:50:0c:b3:c7: c4:32:b9:b0:3f:05:74:2c:37:52:de:b7:f5:3e:39:fd:43:0c: c6:a8:80:4d:9c:67:5b:f4:48:d4:53:2b:a5:38:b1:15:9a:4b: f5:b2:49:24:66:18:d1:18:81:75:00:41:b8:d9:30:fe:65:54: 7e:a5:0b:d3:86:38:93:d7:bb:8f:40:f7:5a:28:0f:a0:b3:cf: e1:b7:ae:e5:b9:06:70:28:2f:c3:d6:e5:cd:1c:69:6e:c8:00: 4b:31:a5:7c:98:86:e0:c1:95:07:b1:ca:b5:ae:ae:2c:4c:20: d2:3e:db:67:ee:bc:43:b5:01:55:24:c1:39:0b:89:5c:fb:3a: de:c2:46:7f:7f:e4:ab:06:3c:88:5e:07:9b:fc:e2:2f:ab:f3: d0:26:33:3c -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICDWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzk1 NzA3NkUyOUJGQzE2NDhFRkY3MUEzOThCQUFDNEE5RTg4NjgyMDAeFw0yNTA4MjIw OTA0MDVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM2RUY2NDdDMTFCOEU1 MjdFMzQ2NzVGMUY4QkRGQTdGRjkyNEEwQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCGPK5g46IAGCtCnpnbORSPeAlYllMNE1Zxn/GtNqzTgWsyu4w DcBp/Mn+9qIalnXpFE+LBJ4umSaGiM2OPkfCxh4eQspXJNjBC7qQRUQI6UryaOZN 5wblFlwUaL6vGJBVo0x0sCElOnN/HrWpgQdeNuEpVWmMPYUPuf/bhzznWf9XZlQ/ esSFZ+gkP7j/28cBeYdSH87Bgb4QVcYGQkUCtPoEHCvIluta59Rp0ZqkifnTrTg1 xaAp1VHQJ5PYaMQ6ppPWLK23hCJnhKc8oOHxxdQmtKA5WugD2vULXFG3+X0T/Mmx a/7QdU2cUmSIm5iKPNmHVw6L+UUFKK+dHrBhAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUNu9kfBG45SfjRnXx+L36f/kkoKcwHwYDVR0jBBgwFoAUeVcHbim/wWSO/3Gj mLqsSp6IaCAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlNTL2VW Y0hiaW1fd1dTT18zR2ptTHFzU3A2SWFDQS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev ZVZjSGJpbV93V1NPXzNHam1McXNTcDZJYUNBLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvTlNTL051OWtmQkc0NVNmalJuWHgtTDM2Zl9r a29LYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkA/PAMA0G CSqGSIb3DQEBCwUAA4IBAQCrP06IqWahKzVr5gg8v0FzxlnZ5bXvbpoAoEFpEWvN k2iXIHF2pJoaZq5ZsLfmGgDteqpW7uhH1sDwTo49O1y885EeL3XfsZHB1QE/qXFk SBt1DDeljHiTHRum7fEDLB11K2ciViyXyVAMs8fEMrmwPwV0LDdS3rf1Pjn9QwzG qIBNnGdb9EjUUyulOLEVmkv1skkkZhjRGIF1AEG42TD+ZVR+pQvThjiT17uPQPda KA+gs8/ht67luQZwKC/D1uXNHGluyABLMaV8mIbgwZUHscq1rq4sTCDSPttn7rxD tQFVJME5C4lc+zrewkZ/f+SrBjyIXgeb/OIvq/PQJjM8 -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:18 2025 by rpki-client