$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/KwzOiTbl_m-5pXHHxQWmFAmE8yk.roa File: KwzOiTbl_m-5pXHHxQWmFAmE8yk.roa (raw, json) Hash identifier: Fxy0bnpGo00yjWDk4PG+Eryatp+qml9i6rcWrCzQNFY= Subject key identifier: 2B:0C:CE:89:36:E5:FE:6F:B9:A5:71:C7:C5:05:A6:14:09:84:F3:29 Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Certificate serial: 0FD4 Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/KwzOiTbl_m-5pXHHxQWmFAmE8yk.roa Signing time: Fri 22 Aug 2025 08:50:28 +0000 ROA not before: Fri 22 Aug 2025 08:50:28 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38843 IP address blocks: 223.27.52.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4052 (0xfd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Validity Not Before: Aug 22 08:50:28 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=2B0CCE8936E5FE6FB9A571C7C505A6140984F329 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:d2:c5:cc:8c:23:ec:15:6a:ba:01:e5:a5:00: c2:b5:18:78:ae:08:d3:b3:79:28:c7:e8:34:e8:69: 81:e7:e9:eb:f5:70:88:cf:8b:1d:12:b5:c4:21:49: 21:9f:97:31:fa:19:63:83:1f:c7:63:61:45:71:5c: 01:d1:c1:84:04:ff:4f:ea:f0:6f:f1:50:45:89:ca: 8d:64:94:6b:c1:12:61:e7:4b:25:f8:85:96:77:d7: 93:87:c0:d5:53:5d:fc:29:98:3b:9d:b4:e0:5c:61: 3e:b8:2d:d0:5c:fe:31:80:32:21:ec:5c:b3:1c:f7: c0:65:f3:84:61:50:7e:10:d3:00:eb:01:5e:49:1d: 97:6a:11:85:fb:d2:64:37:65:1c:6e:90:86:14:df: 9f:78:15:4d:9a:61:59:7b:78:2a:7a:42:94:73:ae: 6c:d6:88:9d:ef:25:d4:91:0b:df:58:1b:8a:e4:93: d0:71:b7:6f:eb:59:da:cb:2f:2f:4b:18:cb:ae:ae: 36:f1:3f:98:3d:d0:cf:84:0e:bd:a4:64:ec:b8:7a: ad:aa:8e:92:ea:1c:bb:a4:47:0b:03:07:d7:96:c9: ed:21:a9:e5:6a:43:5b:0e:23:0a:17:c2:81:e9:97: 2b:56:f7:db:fd:da:b6:b7:81:70:65:84:fd:e2:90: 8e:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:0C:CE:89:36:E5:FE:6F:B9:A5:71:C7:C5:05:A6:14:09:84:F3:29 X509v3 Authority Key Identifier: keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/KwzOiTbl_m-5pXHHxQWmFAmE8yk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.27.52.0/22 Signature Algorithm: sha256WithRSAEncryption 94:98:71:d0:66:df:e9:71:75:20:ff:77:82:40:38:d5:e9:90: 40:6c:8b:60:b3:b5:9a:6e:1a:64:7e:ef:92:14:55:d4:50:84: 81:d1:00:93:9b:13:05:27:54:31:20:a6:f1:fa:87:4d:d2:cc: 81:bf:cd:d3:db:9c:2e:ff:eb:96:92:99:20:56:d9:8f:c7:01: 28:d5:46:07:ef:a7:f9:7d:4b:a5:8c:62:5d:63:aa:b2:ff:ad: 55:f9:a8:67:89:92:fa:fe:b2:37:fc:00:4e:11:6a:73:e7:ce: 4e:b4:72:99:8c:3f:d7:b5:27:41:78:8c:02:78:06:e3:f3:0c: fb:7b:08:31:48:47:8e:ad:14:65:a1:35:bd:14:0b:96:c9:29: a7:93:64:0c:99:b9:13:8f:3f:7e:0f:42:cd:02:99:d9:5f:12: 00:ad:8c:05:2d:b3:70:74:45:3f:38:1a:4b:3b:18:ed:5c:13: 3f:c7:52:24:87:80:5b:be:7d:32:7f:a3:63:4c:42:e4:c9:7c: 88:67:b7:35:83:bf:e7:f9:9f:58:36:11:2b:e4:1d:61:39:4a: 08:2d:cc:6e:61:70:fd:87:49:62:ab:b6:15:3c:39:1d:54:d2: 29:1b:23:f3:84:01:c5:f4:c3:e1:be:70:d5:80:27:ff:0f:b7: 16:b4:75:4d -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTA4MjIw ODUwMjhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDJCMENDRTg5MzZFNUZF NkZCOUE1NzFDN0M1MDVBNjE0MDk4NEYzMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCz0sXMjCPsFWq6AeWlAMK1GHiuCNOzeSjH6DToaYHn6ev1cIjP ix0StcQhSSGflzH6GWODH8djYUVxXAHRwYQE/0/q8G/xUEWJyo1klGvBEmHnSyX4 hZZ315OHwNVTXfwpmDudtOBcYT64LdBc/jGAMiHsXLMc98Bl84RhUH4Q0wDrAV5J HZdqEYX70mQ3ZRxukIYU3594FU2aYVl7eCp6QpRzrmzWiJ3vJdSRC99YG4rkk9Bx t2/rWdrLLy9LGMuurjbxP5g90M+EDr2kZOy4eq2qjpLqHLukRwsDB9eWye0hqeVq Q1sOIwoXwoHplytW99v92ra3gXBlhP3ikI7PAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUKwzOiTbl/m+5pXHHxQWmFAmE8ykwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80 sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vS3d6T2lUYmxfbS01cFhISHhRV21G QW1FOHlrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8bNDAN BgkqhkiG9w0BAQsFAAOCAQEAlJhx0Gbf6XF1IP93gkA41emQQGyLYLO1mm4aZH7v khRV1FCEgdEAk5sTBSdUMSCm8fqHTdLMgb/N09ucLv/rlpKZIFbZj8cBKNVGB++n +X1LpYxiXWOqsv+tVfmoZ4mS+v6yN/wAThFqc+fOTrRymYw/17UnQXiMAngG4/MM +3sIMUhHjq0UZaE1vRQLlskpp5NkDJm5E48/fg9CzQKZ2V8SAK2MBS2zcHRFPzga SzsY7VwTP8dSJIeAW759Mn+jY0xC5Ml8iGe3NYO/5/mfWDYRK+QdYTlKCC3MbmFw /YdJYqu2FTw5HVTSKRsj84QBxfTD4b5w1YAn/w+3FrR1TQ== -----END CERTIFICATE-----Generated at Sun Aug 24 09:43:15 2025 by rpki-client