$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NTUSTCCADM/bzc0gVLUnOY1fcZCfkE25RGv5xM.roa File: bzc0gVLUnOY1fcZCfkE25RGv5xM.roa (raw, json) Hash identifier: DFQVjNuS8WTDkMYOULIjEXBW4hmHFrvxbGcaHR1ee4o= Subject key identifier: 6F:37:34:81:52:D4:9C:E6:35:7D:C6:42:7E:41:36:E5:11:AF:E7:13 Certificate issuer: /CN=AEF6D09D9C14A108AA2051743C1379ED8FF25B48 Certificate serial: 032C Authority key identifier: AE:F6:D0:9D:9C:14:A1:08:AA:20:51:74:3C:13:79:ED:8F:F2:5B:48 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/rvbQnZwUoQiqIFF0PBN57Y_yW0g.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NTUSTCCADM/bzc0gVLUnOY1fcZCfkE25RGv5xM.roa Signing time: Fri 22 Aug 2025 08:51:54 +0000 ROA not before: Fri 22 Aug 2025 08:51:54 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 63899 IP address blocks: 103.191.22.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NTUSTCCADM/rvbQnZwUoQiqIFF0PBN57Y_yW0g.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NTUSTCCADM/rvbQnZwUoQiqIFF0PBN57Y_yW0g.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/rvbQnZwUoQiqIFF0PBN57Y_yW0g.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 812 (0x32c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AEF6D09D9C14A108AA2051743C1379ED8FF25B48 Validity Not Before: Aug 22 08:51:54 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=6F37348152D49CE6357DC6427E4136E511AFE713 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:02:c5:f0:86:54:47:9e:b3:46:cf:6f:2f:99: 9a:e2:c7:10:6c:99:9a:cc:e5:0e:0f:f1:04:02:db: f1:98:ee:29:46:9e:92:59:9d:31:d2:a0:fd:cf:e9: e8:3b:75:f9:34:d5:e9:e4:cd:56:73:d2:66:2b:9d: 21:3e:bc:d6:97:d1:6c:aa:85:89:e2:d3:bb:d9:05: ab:3f:5d:3a:24:dd:a8:e7:5e:34:c4:69:dd:27:dc: 32:f6:57:b4:9d:94:3a:6b:6f:cd:eb:2f:99:29:80: 3b:c9:3d:93:ea:05:30:00:2f:63:38:af:73:11:ab: be:41:10:47:b1:27:c0:a7:ec:d3:06:d4:45:8f:ee: 67:5e:20:d1:31:9d:d2:75:7f:b3:10:3f:3c:cd:86: a4:dc:15:e7:bf:fb:24:e1:68:fc:8b:8d:be:b0:03: b8:16:90:f4:bf:01:1e:4a:bd:1a:91:8d:7a:b6:69: 6c:c8:df:2c:27:35:b7:72:f6:c0:3a:ac:80:52:05: e9:1d:c8:54:91:e0:36:7e:85:7d:d8:3a:f4:c3:3c: da:26:5c:c3:e0:7f:97:87:90:11:68:73:0c:48:80: 5c:06:6f:e4:35:55:9f:bf:6c:71:b8:1a:e6:6d:1c: a2:c3:21:d1:99:1d:55:66:1b:5c:15:86:bd:08:dc: 63:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:37:34:81:52:D4:9C:E6:35:7D:C6:42:7E:41:36:E5:11:AF:E7:13 X509v3 Authority Key Identifier: keyid:AE:F6:D0:9D:9C:14:A1:08:AA:20:51:74:3C:13:79:ED:8F:F2:5B:48 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTUSTCCADM/rvbQnZwUoQiqIFF0PBN57Y_yW0g.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/rvbQnZwUoQiqIFF0PBN57Y_yW0g.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTUSTCCADM/bzc0gVLUnOY1fcZCfkE25RGv5xM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.191.22.0/23 Signature Algorithm: sha256WithRSAEncryption 57:80:24:70:f4:66:33:9e:ab:44:6e:5e:07:24:37:ec:73:f5: 04:f1:f1:30:a4:e8:3d:08:76:30:6c:49:1f:35:34:18:90:2b: 9f:e3:43:1f:ba:6a:b2:c7:7d:ba:ed:80:62:6a:6a:36:1b:67: 08:0a:51:b4:7e:1a:29:d8:c5:da:81:ea:03:da:4f:97:53:5a: 1a:9b:c6:70:82:e2:d7:71:33:22:a6:4c:24:82:7d:3e:f6:28: 06:2f:51:ca:95:5b:89:fc:e8:1e:2f:90:13:51:e0:f9:f7:3c: 5c:d5:2e:b8:d4:a2:60:d4:dc:32:4e:e0:87:7e:9e:3d:8f:08: 36:7a:06:5f:4d:4d:d9:7b:7d:e9:99:3d:c8:dd:2d:1d:1f:9c: e2:63:5d:ca:47:10:c5:7f:c0:04:7e:18:33:c2:48:4a:4d:f1: 0a:e3:76:c0:c8:c0:a8:b4:7f:68:a4:ce:21:90:57:23:14:66: 68:0f:5c:7c:29:b8:f9:dd:aa:ae:f0:9d:4c:ee:9e:34:eb:dd: b1:f1:ac:fa:3a:79:cd:c0:a8:f4:52:b4:19:cc:c8:8d:0f:ad: 02:0d:2a:4c:ac:d7:13:a3:c3:6f:28:26:66:ae:1a:bf:4b:84: 9b:ef:61:25:4f:52:6c:35:41:f2:0c:b6:41:df:c2:c7:d0:72: 13:2b:79:a6 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAywwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUVG NkQwOUQ5QzE0QTEwOEFBMjA1MTc0M0MxMzc5RUQ4RkYyNUI0ODAeFw0yNTA4MjIw ODUxNTRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDZGMzczNDgxNTJENDlD RTYzNTdEQzY0MjdFNDEzNkU1MTFBRkU3MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPAsXwhlRHnrNGz28vmZrixxBsmZrM5Q4P8QQC2/GY7ilGnpJZ nTHSoP3P6eg7dfk01enkzVZz0mYrnSE+vNaX0WyqhYni07vZBas/XTok3ajnXjTE ad0n3DL2V7SdlDprb83rL5kpgDvJPZPqBTAAL2M4r3MRq75BEEexJ8Cn7NMG1EWP 7mdeINExndJ1f7MQPzzNhqTcFee/+yThaPyLjb6wA7gWkPS/AR5KvRqRjXq2aWzI 3ywnNbdy9sA6rIBSBekdyFSR4DZ+hX3YOvTDPNomXMPgf5eHkBFocwxIgFwGb+Q1 VZ+/bHG4GuZtHKLDIdGZHVVmG1wVhr0I3GMlAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUbzc0gVLUnOY1fcZCfkE25RGv5xMwHwYDVR0jBBgwFoAUrvbQnZwUoQiqIFF0 PBN57Y/yW0gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlRVU1RD Q0FETS9ydmJRblp3VW9RaXFJRkYwUEJONTdZX3lXMGcuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL3J2YlFuWndVb1FpcUlGRjBQQk41N1lfeVcwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL05UVVNUQ0NBRE0vYnpjMGdWTFVu T1kxZmNaQ2ZrRTI1Ukd2NXhNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAWe/FjANBgkqhkiG9w0BAQsFAAOCAQEAV4AkcPRmM56rRG5eByQ37HP1 BPHxMKToPQh2MGxJHzU0GJArn+NDH7pqssd9uu2AYmpqNhtnCApRtH4aKdjF2oHq A9pPl1NaGpvGcILi13EzIqZMJIJ9PvYoBi9RypVbifzoHi+QE1Hg+fc8XNUuuNSi YNTcMk7gh36ePY8INnoGX01N2Xt96Zk9yN0tHR+c4mNdykcQxX/ABH4YM8JISk3x CuN2wMjAqLR/aKTOIZBXIxRmaA9cfCm4+d2qrvCdTO6eNOvdsfGs+jp5zcCo9FK0 GczIjQ+tAg0qTKzXE6PDbygmZq4av0uEm+9hJU9SbDVB8gy2Qd/Cx9ByEyt5pg== -----END CERTIFICATE-----Generated at Sun Aug 24 11:14:29 2025 by rpki-client