$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/OLIHGwIuwSCyRVFNyxYRSVtX9QM.roa File: OLIHGwIuwSCyRVFNyxYRSVtX9QM.roa (raw, json) Hash identifier: iL7FZXdbI27B9j7N3qU26xfKnejR0afRR3/Q6O/LbAA= Subject key identifier: 38:B2:07:1B:02:2E:C1:20:B2:45:51:4D:CB:16:11:49:5B:57:F5:03 Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Certificate serial: 0FC5 Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/OLIHGwIuwSCyRVFNyxYRSVtX9QM.roa Signing time: Fri 22 Aug 2025 08:50:24 +0000 ROA not before: Fri 22 Aug 2025 08:50:24 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38843 IP address blocks: 223.27.34.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4037 (0xfc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Validity Not Before: Aug 22 08:50:24 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=38B2071B022EC120B245514DCB1611495B57F503 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:40:c6:fc:b7:dd:a9:5f:dc:9e:cb:4a:21:13: 03:b9:2f:8d:41:1e:5c:bc:ae:4f:82:1a:ae:ad:d4: 2b:6a:5f:cf:ae:d8:fe:d3:e0:6b:bc:77:03:70:39: 43:c5:7f:51:6c:e1:65:4f:48:f6:41:3e:e6:a5:d4: 39:56:d9:59:90:58:af:2a:e6:82:81:0f:5e:48:c6: 87:6c:b9:5f:22:66:e1:c3:9b:19:d9:f6:03:09:e6: 97:02:2e:3d:59:6a:54:73:08:ca:45:5f:c4:7c:e2: 1d:a2:3f:81:fc:b0:b9:44:2f:17:6b:36:c1:7c:3e: 1c:53:e2:4d:b9:b9:56:f0:18:3a:41:12:cd:25:be: 17:53:b6:07:b1:7a:47:6b:00:28:57:23:3b:64:0a: 54:f5:ee:07:3a:f8:c9:96:84:5f:c7:75:47:5d:ed: 17:3e:98:b8:50:aa:d1:80:74:3d:2e:da:b0:7f:05: 9a:f8:cf:e4:fa:55:c8:6f:78:8c:eb:28:7d:59:80: 34:09:70:b7:48:da:e5:d1:42:c0:70:ad:af:5b:71: f5:bc:01:b0:0d:3a:33:25:65:1c:90:b6:89:d3:6c: 64:4d:b1:36:a7:d7:0a:ef:ae:95:67:8c:05:f7:dd: 23:60:29:a0:93:54:ea:99:c1:44:42:cf:f2:5f:51: 50:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:B2:07:1B:02:2E:C1:20:B2:45:51:4D:CB:16:11:49:5B:57:F5:03 X509v3 Authority Key Identifier: keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/OLIHGwIuwSCyRVFNyxYRSVtX9QM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.27.34.0/24 Signature Algorithm: sha256WithRSAEncryption 16:3f:38:69:a4:3b:fe:f3:0e:ef:90:d1:7e:a3:9f:42:98:4e: 49:c7:f5:1f:c7:31:f5:78:d0:ac:b7:72:66:1f:95:48:c8:41: 17:97:2a:1b:1e:c1:f6:a1:e4:e7:26:39:6e:fa:20:22:88:75: d3:7e:7f:f8:7d:00:e0:2c:1d:07:10:16:ca:6f:d5:5e:b1:0f: 75:76:b5:c6:50:4a:37:70:11:d2:8f:c4:58:0e:1a:09:09:bd: 3c:14:5d:de:ab:35:db:ca:e3:ea:38:b0:d4:a0:0d:f8:66:be: f7:0a:54:a4:27:a3:a9:50:50:4e:da:b2:ed:5e:bc:c5:7c:fd: 1e:91:4d:55:31:bb:97:c0:94:21:a1:30:00:a5:41:e8:0e:1e: 2b:cb:02:1d:e9:c6:03:4f:b1:45:63:7e:00:aa:d4:9a:09:e7: 3a:8f:18:e7:7c:6d:bb:22:6b:e3:2a:ac:06:2b:1f:03:77:19: 7a:e1:59:2d:30:ff:cf:63:e6:85:72:ef:08:78:2e:62:30:9a: 6c:fa:5c:ed:af:51:13:5c:3b:3f:0c:97:7c:f3:78:b7:df:e9: 2d:9c:44:4a:ff:05:b7:d2:42:10:77:45:18:11:8d:ce:56:fa: ff:a8:15:e6:71:c4:6e:c6:bf:7c:d7:0b:81:ee:61:a2:c2:cf: 0e:b9:c9:80 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD8UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTA4MjIw ODUwMjRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM4QjIwNzFCMDIyRUMx MjBCMjQ1NTE0RENCMTYxMTQ5NUI1N0Y1MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDuQMb8t92pX9yey0ohEwO5L41BHly8rk+CGq6t1CtqX8+u2P7T 4Gu8dwNwOUPFf1Fs4WVPSPZBPual1DlW2VmQWK8q5oKBD15IxodsuV8iZuHDmxnZ 9gMJ5pcCLj1ZalRzCMpFX8R84h2iP4H8sLlELxdrNsF8PhxT4k25uVbwGDpBEs0l vhdTtgexekdrAChXIztkClT17gc6+MmWhF/HdUdd7Rc+mLhQqtGAdD0u2rB/BZr4 z+T6VchveIzrKH1ZgDQJcLdI2uXRQsBwra9bcfW8AbANOjMlZRyQtonTbGRNsTan 1wrvrpVnjAX33SNgKaCTVOqZwURCz/JfUVA/AgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUOLIHGwIuwSCyRVFNyxYRSVtX9QMwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80 sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vT0xJSEd3SXV3U0N5UlZGTnl4WVJT VnRYOVFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bIjAN BgkqhkiG9w0BAQsFAAOCAQEAFj84aaQ7/vMO75DRfqOfQphOScf1H8cx9XjQrLdy Zh+VSMhBF5cqGx7B9qHk5yY5bvogIoh1035/+H0A4CwdBxAWym/VXrEPdXa1xlBK N3AR0o/EWA4aCQm9PBRd3qs128rj6jiw1KAN+Ga+9wpUpCejqVBQTtqy7V68xXz9 HpFNVTG7l8CUIaEwAKVB6A4eK8sCHenGA0+xRWN+AKrUmgnnOo8Y53xtuyJr4yqs BisfA3cZeuFZLTD/z2PmhXLvCHguYjCabPpc7a9RE1w7PwyXfPN4t9/pLZxESv8F t9JCEHdFGBGNzlb6/6gV5nHEbsa/fNcLge5hosLPDrnJgA== -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:58 2025 by rpki-client