$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/io97XGT_JwKkFGWhDLIzaXFDSyc.roa File: io97XGT_JwKkFGWhDLIzaXFDSyc.roa (raw, json) Hash identifier: yLouX6YG88xv1XTphWgiNVjz/U4orJtREtX8Lj+xwGM= Subject key identifier: 8A:8F:7B:5C:64:FF:27:02:A4:14:65:A1:0C:B2:33:69:71:43:4B:27 Certificate issuer: /CN=8477B4B9FE729925D912C66D00B681DDA10A2A01 Certificate serial: 0D7D Authority key identifier: 84:77:B4:B9:FE:72:99:25:D9:12:C6:6D:00:B6:81:DD:A1:0A:2A:01 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/hHe0uf5ymSXZEsZtALaB3aEKKgE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/io97XGT_JwKkFGWhDLIzaXFDSyc.roa Signing time: Fri 22 Aug 2025 08:56:10 +0000 ROA not before: Fri 22 Aug 2025 08:56:10 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131627 IP address blocks: 103.117.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/hHe0uf5ymSXZEsZtALaB3aEKKgE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/hHe0uf5ymSXZEsZtALaB3aEKKgE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/hHe0uf5ymSXZEsZtALaB3aEKKgE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3453 (0xd7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8477B4B9FE729925D912C66D00B681DDA10A2A01 Validity Not Before: Aug 22 08:56:10 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8A8F7B5C64FF2702A41465A10CB2336971434B27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:91:4d:4b:48:de:28:77:7c:8e:35:b0:b4:02: c3:5a:06:b7:f6:12:fa:69:0c:f6:58:6b:20:96:49: d8:98:05:95:df:5a:78:74:ad:fa:d9:5a:7d:24:26: 61:d4:69:33:b3:ff:89:c1:4e:9c:2d:55:9d:c1:1e: 08:5c:bf:01:5d:0b:a0:fa:8c:3c:70:45:c9:cd:c5: bc:7c:36:ce:b0:e8:c2:2e:65:e2:95:d7:8a:f1:56: 10:47:ae:ad:34:1a:10:27:83:d6:3c:fc:7e:04:08: 67:3c:34:a9:be:9e:df:35:79:58:4e:40:12:46:f7: ed:57:37:d5:da:05:d9:c6:98:b2:f7:a4:f2:dd:30: b3:6e:b7:d6:0d:41:68:0c:6d:2d:a7:6a:23:ac:c2: 9a:12:cd:e8:b0:5f:d1:41:94:3e:2a:70:69:14:1e: 48:8f:4a:0f:3b:57:7e:f2:dd:6c:c7:2c:31:13:93: 96:b2:71:41:d2:61:54:03:4d:f2:d6:69:1b:00:82: 78:18:bc:fb:13:bb:db:3f:10:d5:de:04:4b:e3:b9: 03:78:b9:eb:0c:d4:b7:a1:d1:c1:ba:04:28:ec:4c: a9:63:f3:3c:97:e2:47:7e:e9:4e:8b:00:75:b7:0b: 29:ab:5d:17:42:bc:84:92:af:b8:25:f9:d5:60:c5: 4a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:8F:7B:5C:64:FF:27:02:A4:14:65:A1:0C:B2:33:69:71:43:4B:27 X509v3 Authority Key Identifier: keyid:84:77:B4:B9:FE:72:99:25:D9:12:C6:6D:00:B6:81:DD:A1:0A:2A:01 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/hHe0uf5ymSXZEsZtALaB3aEKKgE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/hHe0uf5ymSXZEsZtALaB3aEKKgE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PEICITY260/io97XGT_JwKkFGWhDLIzaXFDSyc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.117.224.0/22 Signature Algorithm: sha256WithRSAEncryption 45:76:09:bf:b3:35:e2:63:9a:d2:78:69:7d:76:82:a3:7a:83: 2d:33:06:93:fc:0b:66:05:48:ae:f5:3e:22:62:70:97:56:d1: d0:bf:6c:58:07:71:55:2c:8a:89:fd:d8:fb:4b:13:6f:d1:2c: f3:83:18:a0:63:e7:1c:9f:ba:25:bf:73:5d:cf:d1:94:7a:01: 0c:19:e8:f7:cb:e2:3e:bd:9e:5d:05:39:ca:dc:15:f6:c7:fd: d7:4c:59:f1:e1:4b:d1:12:5f:89:bf:2b:00:ef:e8:d3:5d:88: ed:db:78:a8:22:a9:60:ee:ea:83:15:40:b5:c3:36:10:39:30: d7:2f:f0:c5:32:e0:18:7a:da:36:7f:c3:41:2a:99:1e:c4:af: 6e:21:b9:31:34:8b:ff:85:5d:13:ae:4c:f9:b7:8b:9a:fe:8f: e2:08:2b:08:ad:0a:33:e8:5d:79:15:4a:4d:15:f4:f0:e2:ff: 14:19:9f:bc:92:a2:45:9e:7f:78:ab:8e:cd:20:ee:9c:9f:cf: 1e:5b:30:01:90:59:ab:10:91:1e:ca:a2:e8:03:85:48:ea:27: 31:aa:85:02:5b:f3:65:cb:06:75:7d:ca:c1:81:6a:f1:e0:2c: ab:4b:ad:4b:94:8a:65:0d:68:35:76:61:ea:78:bc:b9:d9:d5: 5d:25:ae:a8 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODQ3 N0I0QjlGRTcyOTkyNUQ5MTJDNjZEMDBCNjgxRERBMTBBMkEwMTAeFw0yNTA4MjIw ODU2MTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDhBOEY3QjVDNjRGRjI3 MDJBNDE0NjVBMTBDQjIzMzY5NzE0MzRCMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTkU1LSN4od3yONbC0AsNaBrf2EvppDPZYayCWSdiYBZXfWnh0 rfrZWn0kJmHUaTOz/4nBTpwtVZ3BHghcvwFdC6D6jDxwRcnNxbx8Ns6w6MIuZeKV 14rxVhBHrq00GhAng9Y8/H4ECGc8NKm+nt81eVhOQBJG9+1XN9XaBdnGmLL3pPLd MLNut9YNQWgMbS2naiOswpoSzeiwX9FBlD4qcGkUHkiPSg87V37y3WzHLDETk5ay cUHSYVQDTfLWaRsAgngYvPsTu9s/ENXeBEvjuQN4uesM1Leh0cG6BCjsTKlj8zyX 4kd+6U6LAHW3CymrXRdCvISSr7gl+dVgxUqtAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUio97XGT/JwKkFGWhDLIzaXFDSycwHwYDVR0jBBgwFoAUhHe0uf5ymSXZEsZt ALaB3aEKKgEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUEVJQ0lU WTI2MC9oSGUwdWY1eW1TWFpFc1p0QUxhQjNhRUtLZ0UuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL2hIZTB1ZjV5bVNYWkVzWnRBTGFCM2FFS0tnRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BFSUNJVFkyNjAvaW85N1hHVF9K d0trRkdXaERMSXphWEZEU3ljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAmd14DANBgkqhkiG9w0BAQsFAAOCAQEARXYJv7M14mOa0nhpfXaCo3qD LTMGk/wLZgVIrvU+ImJwl1bR0L9sWAdxVSyKif3Y+0sTb9Es84MYoGPnHJ+6Jb9z Xc/RlHoBDBno98viPr2eXQU5ytwV9sf910xZ8eFL0RJfib8rAO/o012I7dt4qCKp YO7qgxVAtcM2EDkw1y/wxTLgGHraNn/DQSqZHsSvbiG5MTSL/4VdE65M+beLmv6P 4ggrCK0KM+hdeRVKTRX08OL/FBmfvJKiRZ5/eKuOzSDunJ/PHlswAZBZqxCRHsqi 6AOFSOonMaqFAlvzZcsGdX3KwYFq8eAsq0utS5SKZQ1oNXZh6ni8udnVXSWuqA== -----END CERTIFICATE-----Generated at Sun Aug 24 13:40:22 2025 by rpki-client