$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/10jgPozZQEbjbro14JngxlLtI7o.roa File: 10jgPozZQEbjbro14JngxlLtI7o.roa (raw, json) Hash identifier: LgBwvm8ugesVa5hRkQXMWEz04UYmxZGw1QO1onax4DA= Subject key identifier: D7:48:E0:3E:8C:D9:40:46:E3:6E:BA:35:E0:99:E0:C6:52:ED:23:BA Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Certificate serial: 0FDB Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/10jgPozZQEbjbro14JngxlLtI7o.roa Signing time: Fri 22 Aug 2025 08:50:29 +0000 ROA not before: Fri 22 Aug 2025 08:50:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38843 IP address blocks: 223.27.40.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4059 (0xfdb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Validity Not Before: Aug 22 08:50:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D748E03E8CD94046E36EBA35E099E0C652ED23BA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:fd:50:36:79:6a:cb:c7:13:58:03:83:85:03: 5e:83:57:13:fd:b6:22:ec:c7:ea:0e:27:e5:bb:c2: 91:03:61:13:9a:73:2b:d1:20:89:ce:64:cc:23:34: 5d:9c:f3:0a:27:2e:01:d6:bc:ee:60:1f:37:dd:b2: ac:38:c1:ad:d4:bd:db:b4:34:0b:44:79:6c:68:d9: 51:bc:ae:58:8c:2c:9b:27:0f:8d:59:86:dd:e8:7b: 38:91:2d:38:67:55:a1:46:01:6f:98:74:d3:a7:f3: 45:88:f9:19:18:0b:7b:16:e8:88:17:b2:29:b5:1e: 92:b9:a3:4b:fc:c3:a4:05:47:fc:00:7c:67:5e:a6: 06:de:2c:f4:9b:88:4b:b4:56:7b:8e:5d:d6:92:f1: ab:71:a4:89:a5:4c:5c:9d:26:56:23:0e:50:72:91: f8:14:24:9d:13:87:6e:d4:af:55:d3:5d:b3:ff:a1: 2a:5b:79:67:c4:c6:23:ef:c6:f2:e1:c0:44:81:85: c5:4c:d4:95:d6:9b:a9:8f:33:49:d0:29:f0:0e:b8: 13:8a:bf:a7:6b:59:41:c4:d1:e7:fc:e5:fd:6d:88: eb:4f:2a:d3:6c:3a:dc:14:57:dd:42:7a:c9:a9:8d: 6a:b2:0c:01:c0:29:6e:81:55:61:23:d7:67:82:87: b2:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:48:E0:3E:8C:D9:40:46:E3:6E:BA:35:E0:99:E0:C6:52:ED:23:BA X509v3 Authority Key Identifier: keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/10jgPozZQEbjbro14JngxlLtI7o.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.27.40.0/21 Signature Algorithm: sha256WithRSAEncryption 19:0d:d7:32:d1:aa:bc:fc:6f:6a:46:ba:b5:7d:b1:13:0b:7c: 68:e5:b1:50:bc:d9:64:04:17:ce:5d:33:72:95:82:b0:a9:35: d4:c1:c9:3f:ec:50:fc:88:a3:4f:5a:24:93:a8:b5:02:1f:a4: b9:8e:e1:a5:3f:c0:18:4c:4e:73:48:a0:34:60:2e:e0:5d:2c: f3:c3:cb:d1:6b:7c:13:0b:97:c8:63:8f:7a:7d:a1:45:6e:9a: a9:e7:3f:c1:91:a2:b6:db:a3:48:c8:d6:53:57:9b:2f:61:47: 59:dd:3f:84:6b:8a:ba:a5:24:d3:16:70:30:97:03:c4:57:f4: ed:bf:f5:e7:1a:a9:d9:8e:f2:16:8a:4c:d7:8e:a3:fe:40:a9: 5f:59:a7:4c:b2:96:70:fa:10:56:ef:cc:ad:94:e1:db:9e:41: b0:00:dd:83:da:be:09:e2:35:37:84:5c:a8:7f:ae:61:92:bd: cc:db:d1:19:da:93:30:7d:fa:ef:f8:17:90:a1:c4:08:d1:bd: 0e:98:a9:a3:db:cf:bd:6c:c6:35:22:2a:ed:f7:7f:6a:ad:d4: 4c:f4:54:76:95:20:df:8c:de:22:31:c5:df:63:0f:99:7c:7a: b4:56:e9:0b:3c:69:0d:47:14:fd:cb:a9:87:7c:45:1e:83:e7: 5f:30:94:c7 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD9swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTA4MjIw ODUwMjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQ3NDhFMDNFOENEOTQw NDZFMzZFQkEzNUUwOTlFMEM2NTJFRDIzQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDg/VA2eWrLxxNYA4OFA16DVxP9tiLsx+oOJ+W7wpEDYROacyvR IInOZMwjNF2c8wonLgHWvO5gHzfdsqw4wa3Uvdu0NAtEeWxo2VG8rliMLJsnD41Z ht3oeziRLThnVaFGAW+YdNOn80WI+RkYC3sW6IgXsim1HpK5o0v8w6QFR/wAfGde pgbeLPSbiEu0VnuOXdaS8atxpImlTFydJlYjDlBykfgUJJ0Th27Ur1XTXbP/oSpb eWfExiPvxvLhwESBhcVM1JXWm6mPM0nQKfAOuBOKv6drWUHE0ef85f1tiOtPKtNs OtwUV91CesmpjWqyDAHAKW6BVWEj12eCh7IDAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU10jgPozZQEbjbro14JngxlLtI7owHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80 sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vMTBqZ1BvelpRRWJqYnJvMTRKbmd4 bEx0STdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA98bKDAN BgkqhkiG9w0BAQsFAAOCAQEAGQ3XMtGqvPxvaka6tX2xEwt8aOWxULzZZAQXzl0z cpWCsKk11MHJP+xQ/IijT1okk6i1Ah+kuY7hpT/AGExOc0igNGAu4F0s88PL0Wt8 EwuXyGOPen2hRW6aqec/wZGittujSMjWU1ebL2FHWd0/hGuKuqUk0xZwMJcDxFf0 7b/15xqp2Y7yFopM146j/kCpX1mnTLKWcPoQVu/MrZTh255BsADdg9q+CeI1N4Rc qH+uYZK9zNvRGdqTMH367/gXkKHECNG9Dpipo9vPvWzGNSIq7fd/aq3UTPRUdpUg 34zeIjHF32MPmXx6tFbpCzxpDUcU/cuph3xFHoPnXzCUxw== -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:48 2025 by rpki-client