$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PIINET/CqZDXXKCiUmrL0r5sHOM2SsnlYg.roa File: CqZDXXKCiUmrL0r5sHOM2SsnlYg.roa (raw, json) Hash identifier: lNOl87iEZzYinUqNMvUxBczb2jf8xp6Ztl9V0nUmOs0= Subject key identifier: 0A:A6:43:5D:72:82:89:49:AB:2F:4A:F9:B0:73:8C:D9:2B:27:95:88 Certificate issuer: /CN=69797BDE8D0581FA299D8E1420ED2957C4208A07 Certificate serial: 0D71 Authority key identifier: 69:79:7B:DE:8D:05:81:FA:29:9D:8E:14:20:ED:29:57:C4:20:8A:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/aXl73o0FgfopnY4UIO0pV8Qgigc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PIINET/CqZDXXKCiUmrL0r5sHOM2SsnlYg.roa Signing time: Fri 22 Aug 2025 08:44:25 +0000 ROA not before: Fri 22 Aug 2025 08:44:25 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17710 IP address blocks: 150.107.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PIINET/aXl73o0FgfopnY4UIO0pV8Qgigc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PIINET/aXl73o0FgfopnY4UIO0pV8Qgigc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/aXl73o0FgfopnY4UIO0pV8Qgigc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3441 (0xd71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69797BDE8D0581FA299D8E1420ED2957C4208A07 Validity Not Before: Aug 22 08:44:25 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0AA6435D72828949AB2F4AF9B0738CD92B279588 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:cc:33:d1:94:b1:3e:54:b7:f2:44:bb:83:50: db:c8:4d:e9:1d:12:45:9f:5e:54:81:e6:d0:df:b5: e1:f7:39:a4:50:ac:ec:33:e7:8d:4b:f9:68:0f:98: b5:a4:66:1f:f7:3b:4c:25:83:23:ef:df:b4:74:f8: 9e:28:fb:ad:2b:e2:78:e0:3c:6c:64:95:46:a7:e1: bb:98:fb:41:0e:c9:3c:7a:97:c1:58:06:04:7d:df: 15:b3:97:76:a2:bf:00:3c:5f:f5:9c:c4:1c:9e:b0: f1:39:69:9b:4c:b9:1b:f6:b2:d1:f0:4a:5f:ca:d6: 29:e0:17:b5:ea:89:6c:42:5b:4c:65:70:82:70:b2: 2f:a6:f1:74:3b:dd:c9:e4:bc:3f:ad:8c:d3:86:0d: 99:38:ba:2e:fb:c5:01:90:81:6e:9d:4a:71:20:24: 8a:e5:9a:c6:16:97:f2:b4:50:65:18:65:8b:32:e5: 6b:ea:1c:41:be:05:f3:fe:bb:bf:92:df:59:79:6a: f8:b1:ef:77:c7:f7:a9:16:1c:7e:36:cd:d2:eb:4f: 3e:11:02:7c:df:3e:bc:6b:9f:c1:6a:aa:06:ad:13: 4e:85:14:94:02:32:5f:83:86:36:1a:45:7b:6e:8c: 2c:9f:6a:fb:a0:57:2c:52:e1:2c:ad:85:7b:c1:be: 57:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:A6:43:5D:72:82:89:49:AB:2F:4A:F9:B0:73:8C:D9:2B:27:95:88 X509v3 Authority Key Identifier: keyid:69:79:7B:DE:8D:05:81:FA:29:9D:8E:14:20:ED:29:57:C4:20:8A:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIINET/aXl73o0FgfopnY4UIO0pV8Qgigc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/aXl73o0FgfopnY4UIO0pV8Qgigc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIINET/CqZDXXKCiUmrL0r5sHOM2SsnlYg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.107.64.0/22 Signature Algorithm: sha256WithRSAEncryption 98:c4:5e:66:78:43:87:36:4e:51:f4:aa:a2:74:fa:51:1d:d0: b5:85:2d:af:7d:a0:93:97:30:5d:a9:ab:28:90:ba:11:4b:2e: 95:a4:d1:bf:c8:5c:28:c3:10:c0:b7:b4:13:b4:c6:bc:8c:21: 14:a5:67:a5:3e:0d:5b:ac:93:9b:b9:97:c9:23:0c:bb:13:12: 6d:17:77:73:4c:84:70:14:97:d8:fa:5e:88:c7:f0:c0:bd:7e: d3:a4:6b:26:a1:f4:e4:c9:1e:e6:f9:43:2b:4e:f5:bf:27:4d: 79:c4:e7:8c:23:6b:4f:0e:73:f7:ac:e0:10:63:2f:10:51:04: 6f:0b:03:98:de:54:93:6b:bf:17:aa:f0:be:23:d0:5f:4f:df: d1:0a:37:cf:bc:e7:a5:95:5f:75:f2:4d:fd:a6:56:28:22:1d: 60:6c:63:34:39:da:42:5a:3a:03:ff:39:18:41:73:5b:3e:d8: 17:d2:c0:f4:fc:fb:c1:fd:93:28:c6:8c:48:69:fb:1e:2a:49: ac:ac:65:7f:4f:b4:3c:40:33:76:69:8b:be:90:4a:95:4b:9f: 3b:35:c9:98:cc:63:69:b8:9b:07:56:24:d6:fd:62:b3:20:83: 2a:33:98:20:03:2f:75:a3:9e:9a:00:bb:94:81:41:fe:cf:00: f4:b2:e4:9f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk3 OTdCREU4RDA1ODFGQTI5OUQ4RTE0MjBFRDI5NTdDNDIwOEEwNzAeFw0yNTA4MjIw ODQ0MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBBQTY0MzVENzI4Mjg5 NDlBQjJGNEFGOUIwNzM4Q0Q5MkIyNzk1ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAzDPRlLE+VLfyRLuDUNvITekdEkWfXlSB5tDfteH3OaRQrOwz 541L+WgPmLWkZh/3O0wlgyPv37R0+J4o+60r4njgPGxklUan4buY+0EOyTx6l8FY BgR93xWzl3aivwA8X/WcxByesPE5aZtMuRv2stHwSl/K1ingF7XqiWxCW0xlcIJw si+m8XQ73cnkvD+tjNOGDZk4ui77xQGQgW6dSnEgJIrlmsYWl/K0UGUYZYsy5Wvq HEG+BfP+u7+S31l5avix73fH96kWHH42zdLrTz4RAnzfPrxrn8FqqgatE06FFJQC Ml+DhjYaRXtujCyfavugVyxS4SythXvBvlcjAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUCqZDXXKCiUmrL0r5sHOM2SsnlYgwHwYDVR0jBBgwFoAUaXl73o0FgfopnY4U IO0pV8QgigcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElJTkVU L2FYbDczbzBGZ2ZvcG5ZNFVJTzBwVjhRZ2lnYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvYVhsNzNvMEZnZm9wblk0VUlPMHBWOFFnaWdjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElJTkVUL0NxWkRYWEtDaVVtckwwcjVz SE9NMlNzbmxZZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKW a0AwDQYJKoZIhvcNAQELBQADggEBAJjEXmZ4Q4c2TlH0qqJ0+lEd0LWFLa99oJOX MF2pqyiQuhFLLpWk0b/IXCjDEMC3tBO0xryMIRSlZ6U+DVusk5u5l8kjDLsTEm0X d3NMhHAUl9j6XojH8MC9ftOkayah9OTJHub5QytO9b8nTXnE54wja08Oc/es4BBj LxBRBG8LA5jeVJNrvxeq8L4j0F9P39EKN8+856WVX3XyTf2mVigiHWBsYzQ52kJa OgP/ORhBc1s+2BfSwPT8+8H9kyjGjEhp+x4qSaysZX9PtDxAM3Zpi76QSpVLnzs1 yZjMY2m4mwdWJNb9YrMggyozmCADL3WjnpoAu5SBQf7PAPSy5J8= -----END CERTIFICATE-----Generated at Sun Aug 24 15:36:32 2025 by rpki-client