$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/gXhzYd6AcN0SBoeS3fYi7wRa6wA.roa File: gXhzYd6AcN0SBoeS3fYi7wRa6wA.roa (raw, json) Hash identifier: 0qFzULhUi8BdMnWn+w7z2ay/URGQ6gl3EpRtNkDMwSk= Subject key identifier: 81:78:73:61:DE:80:70:DD:12:06:87:92:DD:F6:22:EF:04:5A:EB:00 Certificate issuer: /CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB Certificate serial: 0997 Authority key identifier: 2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/gXhzYd6AcN0SBoeS3fYi7wRa6wA.roa Signing time: Fri 22 Aug 2025 08:51:50 +0000 ROA not before: Fri 22 Aug 2025 08:51:50 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131677 IP address blocks: 2405:e4c0::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2455 (0x997) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB Validity Not Before: Aug 22 08:51:50 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=81787361DE8070DD12068792DDF622EF045AEB00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d3:f5:9f:ea:9e:80:68:88:ca:47:48:e2:bb: ed:5b:9a:c1:61:75:50:2f:e0:3b:48:ff:d9:fd:9b: 77:df:7c:0d:c1:3f:e6:ff:6f:a5:59:32:7e:ca:f2: 6e:77:9e:d4:b5:81:e7:ad:1c:8b:f3:94:e2:d1:17: 59:73:82:54:93:6a:a6:ec:77:23:c4:4a:0d:ff:2a: be:f4:77:9d:a2:15:93:25:aa:2a:21:6b:31:09:5b: a2:2a:c4:8e:72:5a:ce:4b:56:19:ee:6f:3e:82:6b: 70:3d:4f:44:4d:0d:48:ea:d5:ea:76:9c:78:05:9b: 01:f5:50:6f:df:71:d1:a6:79:1d:05:59:a6:d4:e6: b3:31:4e:f8:2c:b1:46:06:ca:ab:6c:10:bc:32:12: 5a:2d:76:f0:dd:d8:de:aa:b4:ed:71:6b:c8:f4:fe: 38:0e:a0:0d:2a:ae:ee:3b:79:fd:44:90:15:f9:a6: a3:1e:b7:5d:fe:58:a5:c2:c7:28:7b:8e:36:fc:c1: 5c:ef:d2:26:7e:3a:79:ab:e1:06:07:61:c2:61:88: f9:d8:b9:d9:56:8f:44:7f:92:95:21:86:54:57:76: a7:54:b7:1d:4b:b7:86:8b:36:74:dd:e0:01:16:45: f9:cd:99:b9:c7:80:04:d8:26:23:3e:c5:6e:a7:cb: c9:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:78:73:61:DE:80:70:DD:12:06:87:92:DD:F6:22:EF:04:5A:EB:00 X509v3 Authority Key Identifier: keyid:2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/gXhzYd6AcN0SBoeS3fYi7wRa6wA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:e4c0::/32 Signature Algorithm: sha256WithRSAEncryption 0c:a0:d2:5d:a6:dc:d3:ba:39:b8:cc:32:2c:30:cb:25:4b:48: 91:b7:35:7a:40:a9:95:82:36:9c:03:33:8b:a6:4e:52:83:61: e4:26:40:75:94:5c:8e:76:5d:5d:03:3a:1b:a7:1e:6d:68:5d: f8:4b:52:90:44:2f:e8:29:5a:ea:2e:47:e2:c0:b6:22:da:8c: 75:c9:4c:b9:b3:77:64:21:41:74:ba:7d:57:68:3c:26:77:5d: 20:c8:e6:d5:e4:fa:4d:2b:94:23:24:e7:4d:fe:06:2b:ed:1e: f2:b6:0d:18:ef:3b:f8:e1:f2:a7:3d:5f:20:46:b9:0a:0f:da: fb:cf:6f:7b:fa:4c:62:5a:24:17:6a:56:61:20:a4:39:02:b6: d1:da:bd:e7:9f:7f:39:0a:6e:18:10:c4:86:60:40:9d:52:a0: 28:86:8c:0a:e0:ee:31:04:5b:bc:87:2f:0f:2b:95:0c:d0:17: f5:b7:f9:4d:29:fe:f8:5e:4d:78:73:46:19:22:c6:25:be:db: 6b:f2:5a:7e:50:50:84:b0:50:ba:52:d5:b6:8a:c2:8e:0a:d6: 41:72:f2:c3:c3:47:cb:4b:4a:ba:16:e8:fe:41:85:a7:0f:b2: 36:1a:86:26:ab:25:4c:cd:7b:f3:61:09:24:c5:e5:ed:e1:b7: 7e:5e:c9:91 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF RjJCM0MzQTlBMUI1M0MxNkMxQzcwRTU1MTFBRDU5MDMyODRGQjAeFw0yNTA4MjIw ODUxNTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDgxNzg3MzYxREU4MDcw REQxMjA2ODc5MkRERjYyMkVGMDQ1QUVCMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDR0/Wf6p6AaIjKR0jiu+1bmsFhdVAv4DtI/9n9m3fffA3BP+b/ b6VZMn7K8m53ntS1geetHIvzlOLRF1lzglSTaqbsdyPESg3/Kr70d52iFZMlqioh azEJW6IqxI5yWs5LVhnubz6Ca3A9T0RNDUjq1ep2nHgFmwH1UG/fcdGmeR0FWabU 5rMxTvgssUYGyqtsELwyElotdvDd2N6qtO1xa8j0/jgOoA0qru47ef1EkBX5pqMe t13+WKXCxyh7jjb8wVzv0iZ+Onmr4QYHYcJhiPnYudlWj0R/kpUhhlRXdqdUtx1L t4aLNnTd4AEWRfnNmbnHgATYJiM+xW6ny8mzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUgXhzYd6AcN0SBoeS3fYi7wRa6wAwHwYDVR0jBBgwFoAULe8rPDqaG1PBbBxw 5VEa1ZAyhPswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTkZP Ui9MZThyUERxYUcxUEJiQnh3NVZFYTFaQXloUHMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0xlOHJQRHFhRzFQQmJCeHc1VkVhMVpBeWhQcy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL09QRU5GT1IvZ1hoellkNkFjTjBTQm9l UzNmWWk3d1JhNndBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF ACQF5MAwDQYJKoZIhvcNAQELBQADggEBAAyg0l2m3NO6ObjMMiwwyyVLSJG3NXpA qZWCNpwDM4umTlKDYeQmQHWUXI52XV0DOhunHm1oXfhLUpBEL+gpWuouR+LAtiLa jHXJTLmzd2QhQXS6fVdoPCZ3XSDI5tXk+k0rlCMk503+BivtHvK2DRjvO/jh8qc9 XyBGuQoP2vvPb3v6TGJaJBdqVmEgpDkCttHaveeffzkKbhgQxIZgQJ1SoCiGjArg 7jEEW7yHLw8rlQzQF/W3+U0p/vheTXhzRhkixiW+22vyWn5QUISwULpS1baKwo4K 1kFy8sPDR8tLSroW6P5BhacPsjYahiarJUzNe/NhCSTF5e3ht35eyZE= -----END CERTIFICATE-----Generated at Sun Aug 24 16:15:27 2025 by rpki-client