$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/Zp_zK3yrpptl8yExI7ivKZWT6yM.roa File: Zp_zK3yrpptl8yExI7ivKZWT6yM.roa (raw, json) Hash identifier: Zd3y1rYmCImc+X1REx1omkY972AZTE3lvPFRqs70r2w= Subject key identifier: 66:9F:F3:2B:7C:AB:A6:9B:65:F3:21:31:23:B8:AF:29:95:93:EB:23 Certificate issuer: /CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2 Certificate serial: 5A7E Authority key identifier: B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/Zp_zK3yrpptl8yExI7ivKZWT6yM.roa Signing time: Fri 22 Aug 2025 08:55:54 +0000 ROA not before: Fri 22 Aug 2025 08:55:54 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38851 IP address blocks: 43.227.26.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23166 (0x5a7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2 Validity Not Before: Aug 22 08:55:54 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=669FF32B7CABA69B65F3213123B8AF299593EB23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:27:ec:aa:62:7b:ee:20:a4:01:88:03:53:1a: 94:c0:1b:db:ce:95:65:3f:85:a6:d4:fe:cb:1b:00: d0:15:4f:64:89:78:1e:09:04:a0:6c:cf:56:7e:5a: a4:5b:2b:cb:d8:7e:c3:a5:99:18:4d:5f:d4:c4:19: a0:8a:f2:e5:81:b1:ce:cc:3e:07:bc:59:26:c0:4b: b3:7d:2b:75:18:53:6c:df:d0:21:fb:d4:33:70:eb: 19:7c:88:0f:eb:6c:bf:78:2e:21:1e:2d:3a:e6:5a: 47:93:f7:ae:08:d8:b9:60:f2:48:19:f0:66:96:be: d2:66:52:95:13:0b:8b:ed:16:66:a1:23:ff:cc:2a: b4:bb:8b:93:74:fa:39:65:4e:c5:a8:86:f2:fa:a5: a9:18:26:3e:ae:73:26:03:9b:6f:36:dc:df:f0:a3: 0f:7e:4f:08:e3:6b:e7:97:0f:3c:01:7a:d8:4d:80: c1:65:ba:06:40:47:d6:4e:82:f9:46:e2:44:2e:8d: fe:c2:a5:4f:e1:db:45:c2:65:d4:f5:0a:bf:b6:6a: 91:dc:95:f7:2a:9f:b2:08:57:f7:45:3a:14:fd:a7: cc:a3:67:00:ae:17:9f:f6:60:8e:a2:75:01:80:f2: 45:ea:94:9b:f8:7b:2e:7b:b8:e7:46:59:48:52:cc: cb:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:9F:F3:2B:7C:AB:A6:9B:65:F3:21:31:23:B8:AF:29:95:93:EB:23 X509v3 Authority Key Identifier: keyid:B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/Zp_zK3yrpptl8yExI7ivKZWT6yM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.227.26.0/23 Signature Algorithm: sha256WithRSAEncryption 5c:2d:4f:9b:3d:83:3a:03:89:cc:df:af:49:65:d4:a8:38:bb: db:3f:07:23:20:cf:a4:9d:89:12:ce:f0:18:56:64:0e:6c:b8: 5d:24:14:24:39:9a:9d:5b:8e:ef:bb:df:8d:7d:9a:b8:f5:35: 25:00:72:1e:8d:ba:8d:7c:31:66:c1:6f:ec:5b:ca:36:c0:b7: 09:86:2b:e6:72:16:a2:64:de:9d:12:aa:9a:2e:58:4a:32:e8: 7d:5a:ad:c7:d0:8a:d9:f6:a3:18:3b:c1:b8:17:48:a1:e9:57: e7:2d:14:45:c6:26:4d:56:25:c1:e1:dc:d1:08:97:07:22:66: 75:58:c8:2c:f4:49:cb:ca:be:35:0d:87:de:fc:dc:9f:65:44: b4:f2:a8:c8:27:13:4a:5e:77:08:3d:c2:e9:b5:c2:63:82:a1: 3f:20:83:73:3f:99:10:6d:68:70:0e:4a:23:ba:68:a6:54:89: 15:7e:d0:9c:2e:8c:55:8e:53:81:a0:aa:15:7e:f2:5d:83:d6: 6b:ca:0f:f2:a6:c5:63:95:b9:dc:39:cf:59:ed:a9:0c:f8:6e: 25:67:b8:66:34:ce:7f:fc:d2:07:08:3e:38:f9:da:0c:a4:fb: 22:c5:ad:da:be:ee:1a:5c:d1:e0:27:13:1d:52:0c:6d:eb:2e: ce:5f:ec:98 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICWn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjQz MjBGRDc4REZCNkE0RDFDOTIzMjJGNzk0OTY2Qjg1MjVERkREMjAeFw0yNTA4MjIw ODU1NTRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY2OUZGMzJCN0NBQkE2 OUI2NUYzMjEzMTIzQjhBRjI5OTU5M0VCMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqJ+yqYnvuIKQBiANTGpTAG9vOlWU/habU/ssbANAVT2SJeB4J BKBsz1Z+WqRbK8vYfsOlmRhNX9TEGaCK8uWBsc7MPge8WSbAS7N9K3UYU2zf0CH7 1DNw6xl8iA/rbL94LiEeLTrmWkeT964I2Llg8kgZ8GaWvtJmUpUTC4vtFmahI//M KrS7i5N0+jllTsWohvL6pakYJj6ucyYDm2823N/wow9+Twjja+eXDzwBethNgMFl ugZAR9ZOgvlG4kQujf7CpU/h20XCZdT1Cr+2apHclfcqn7IIV/dFOhT9p8yjZwCu F5/2YI6idQGA8kXqlJv4ey57uOdGWUhSzMuJAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUZp/zK3yrpptl8yExI7ivKZWT6yMwHwYDVR0jBBgwFoAUtDIP1437ak0ckjIv eUlmuFJd/dIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlRDQ0FU Vi90RElQMTQzN2FrMGNrakl2ZVVsbXVGSmRfZEkuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL3RESVAxNDM3YWswY2tqSXZlVWxtdUZKZF9kSS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05UQ0NBVFYvWnBfekszeXJwcHRsOHlF eEk3aXZLWldUNnlNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME ASvjGjANBgkqhkiG9w0BAQsFAAOCAQEAXC1Pmz2DOgOJzN+vSWXUqDi72z8HIyDP pJ2JEs7wGFZkDmy4XSQUJDmanVuO77vfjX2auPU1JQByHo26jXwxZsFv7FvKNsC3 CYYr5nIWomTenRKqmi5YSjLofVqtx9CK2fajGDvBuBdIoelX5y0URcYmTVYlweHc 0QiXByJmdVjILPRJy8q+NQ2H3vzcn2VEtPKoyCcTSl53CD3C6bXCY4KhPyCDcz+Z EG1ocA5KI7poplSJFX7QnC6MVY5TgaCqFX7yXYPWa8oP8qbFY5W53DnPWe2pDPhu JWe4ZjTOf/zSBwg+OPnaDKT7IsWt2r7uGlzR4CcTHVIMbesuzl/smA== -----END CERTIFICATE-----Generated at Sun Aug 24 07:04:40 2025 by rpki-client