$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/sxKM250td1eI_lh_YSFV71NaCBs.roa File: sxKM250td1eI_lh_YSFV71NaCBs.roa (raw, json) Hash identifier: whxddYckJKzzyPas1o8Vtccr29cWmZBcF0hxtSTbIOM= Subject key identifier: B3:12:8C:DB:9D:2D:77:57:88:FE:58:7F:61:21:55:EF:53:5A:08:1B Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Certificate serial: 0FCB Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/sxKM250td1eI_lh_YSFV71NaCBs.roa Signing time: Fri 22 Aug 2025 08:50:25 +0000 ROA not before: Fri 22 Aug 2025 08:50:25 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38843 IP address blocks: 223.27.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4043 (0xfcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Validity Not Before: Aug 22 08:50:25 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=B3128CDB9D2D775788FE587F612155EF535A081B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ee:fc:ba:1e:c4:5b:37:99:b2:b5:80:37:9a: 6f:bd:66:51:a7:a8:81:0f:65:95:a1:5f:8a:78:c4: 8d:38:f6:40:ce:05:2e:56:5b:8d:12:a2:75:ef:42: 51:8e:eb:d9:2e:a4:e0:57:82:78:11:c6:24:30:e1: fe:58:79:e5:cb:e2:2f:a3:90:3e:e7:28:ee:33:ed: 23:2c:be:8c:f4:22:32:66:8e:e7:ea:49:02:75:2f: ca:20:2e:90:a8:b3:6e:75:10:6d:e1:29:1c:3f:67: 2a:61:e8:fd:b1:e1:e2:88:f7:1f:59:c0:ed:f1:b5: ce:75:32:aa:a5:2b:11:44:34:27:bd:5d:87:c4:f1: a7:54:65:b7:fe:84:d6:5f:fa:bd:47:0e:47:30:9e: 5a:95:3f:bb:2a:61:60:4b:4a:78:c6:4b:6d:2c:d1: b4:7f:27:2d:f8:10:f6:8e:98:7b:69:0a:8e:5a:3c: 5f:9e:b7:3a:23:13:c6:11:a4:90:85:63:8d:40:0d: 61:4b:37:b5:10:78:a7:1f:36:db:ab:ee:0f:2e:e8: 07:20:87:c7:e2:87:12:ec:de:21:fd:e0:02:aa:45: a5:3a:de:19:a2:d2:05:40:ac:49:3a:6a:c9:32:3a: 07:f9:47:02:95:b8:7c:7c:97:f4:2d:db:cb:bc:df: 58:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:12:8C:DB:9D:2D:77:57:88:FE:58:7F:61:21:55:EF:53:5A:08:1B X509v3 Authority Key Identifier: keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/sxKM250td1eI_lh_YSFV71NaCBs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.27.41.0/24 Signature Algorithm: sha256WithRSAEncryption 9f:66:8b:a3:1a:48:66:ef:c5:35:d1:94:e2:63:28:a2:fb:5f: 63:7e:22:69:3d:64:75:bd:1e:e7:6c:be:6a:ed:2c:7c:43:cf: e6:49:ee:53:5f:0c:c1:0a:ff:54:ba:54:5e:00:fe:8f:53:fe: 17:4d:49:be:c3:9c:e7:85:b9:d1:c2:f1:45:43:c3:cf:4d:dd: 8b:fc:b5:fd:6e:d4:0a:dc:1d:b9:28:ab:14:32:33:54:be:02: 02:4d:f3:c9:38:c9:b8:1f:82:14:86:95:64:a5:f8:91:66:e6: 69:40:c9:cc:3c:35:05:97:cd:8a:36:d9:2b:f3:98:54:ad:8c: 9b:0f:4f:4c:3a:f1:bd:85:d1:3f:a4:6b:da:10:09:89:e8:14: 7c:4f:e0:8f:c2:79:c6:ef:c9:99:bd:4e:29:51:5a:18:0b:05: 85:ed:91:55:08:a9:ad:7f:70:6a:50:20:13:ee:69:51:ad:58: 85:e1:19:14:d5:9b:e8:83:89:cd:ae:74:cf:e5:43:b2:65:e6: b5:0c:d4:52:be:da:15:c4:7d:e2:d7:23:be:67:00:99:e0:dd: 4e:c7:a0:6b:04:b3:00:f6:d4:e9:12:dc:86:1a:3d:2c:a1:d8: 41:d6:4b:90:fd:91:4a:cf:d2:79:31:f1:7f:db:86:70:f3:10: 1b:38:11:1b -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD8swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTA4MjIw ODUwMjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEIzMTI4Q0RCOUQyRDc3 NTc4OEZFNTg3RjYxMjE1NUVGNTM1QTA4MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDA7vy6HsRbN5mytYA3mm+9ZlGnqIEPZZWhX4p4xI049kDOBS5W W40SonXvQlGO69kupOBXgngRxiQw4f5YeeXL4i+jkD7nKO4z7SMsvoz0IjJmjufq SQJ1L8ogLpCos251EG3hKRw/Zyph6P2x4eKI9x9ZwO3xtc51MqqlKxFENCe9XYfE 8adUZbf+hNZf+r1HDkcwnlqVP7sqYWBLSnjGS20s0bR/Jy34EPaOmHtpCo5aPF+e tzojE8YRpJCFY41ADWFLN7UQeKcfNtur7g8u6Acgh8fihxLs3iH94AKqRaU63hmi 0gVArEk6askyOgf5RwKVuHx8l/Qt28u831hLAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUsxKM250td1eI/lh/YSFV71NaCBswHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80 sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vc3hLTTI1MHRkMWVJX2xoX1lTRlY3 MU5hQ0JzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKTAN BgkqhkiG9w0BAQsFAAOCAQEAn2aLoxpIZu/FNdGU4mMoovtfY34iaT1kdb0e52y+ au0sfEPP5knuU18MwQr/VLpUXgD+j1P+F01JvsOc54W50cLxRUPDz03di/y1/W7U CtwduSirFDIzVL4CAk3zyTjJuB+CFIaVZKX4kWbmaUDJzDw1BZfNijbZK/OYVK2M mw9PTDrxvYXRP6Rr2hAJiegUfE/gj8J5xu/Jmb1OKVFaGAsFhe2RVQiprX9walAg E+5pUa1YheEZFNWb6IOJza50z+VDsmXmtQzUUr7aFcR94tcjvmcAmeDdTsegawSz APbU6RLchho9LKHYQdZLkP2RSs/SeTHxf9uGcPMQGzgRGw== -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:42 2025 by rpki-client