$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/Da1isXUZPbA8qNa23Y0Pgw043XQ.roa File: Da1isXUZPbA8qNa23Y0Pgw043XQ.roa (raw, json) Hash identifier: QWUk4Xgvoa4yYeoUIHti7c6FVkVwiKS4XMqm8w7neug= Subject key identifier: 0D:AD:62:B1:75:19:3D:B0:3C:A8:D6:B6:DD:8D:0F:83:0D:38:DD:74 Certificate issuer: /CN=01A53261B2001FA7EB57793E2E579B7322F8E76A Certificate serial: 0E5E Authority key identifier: 01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/Da1isXUZPbA8qNa23Y0Pgw043XQ.roa Signing time: Fri 22 Aug 2025 08:44:35 +0000 ROA not before: Fri 22 Aug 2025 08:44:35 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9676 IP address blocks: 61.63.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3678 (0xe5e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01A53261B2001FA7EB57793E2E579B7322F8E76A Validity Not Before: Aug 22 08:44:35 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0DAD62B175193DB03CA8D6B6DD8D0F830D38DD74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8e:1e:fb:85:40:70:6f:7d:e5:f1:36:71:c7: 6e:99:a6:65:5a:5d:ea:93:45:14:d9:cd:92:63:ba: 41:2a:e8:f8:99:dd:a9:fe:43:4e:85:22:52:46:f2: 38:56:f2:9e:50:de:89:2e:8f:61:d3:c5:bd:f6:c3: 77:7c:58:ee:ac:c7:a6:b9:45:7c:e8:e5:96:4d:fd: be:28:4e:c8:c6:b7:89:9a:7e:53:c3:7b:de:59:de: 4b:e5:06:ee:34:6b:c1:79:db:49:43:ad:2b:9a:db: 53:2f:b4:b0:91:d0:c9:3d:18:06:80:ce:2d:cf:3e: e4:59:72:91:dc:1c:34:c4:ac:cf:d6:39:d5:3d:d2: a2:75:fb:c9:9f:4d:a4:92:2f:9f:72:de:13:c6:c5: 2e:ab:6a:59:5b:db:50:cb:79:d1:90:61:78:9d:30: 83:2b:f2:c8:52:40:6c:ad:2d:81:1d:bc:b2:64:3b: 5a:5c:04:a5:12:b9:65:23:60:62:3c:10:7a:cf:45: 60:40:eb:c9:a6:ce:17:f9:55:73:79:d6:7a:a4:49: b4:0a:19:04:5b:17:af:dc:91:26:bc:09:c6:b0:75: b3:71:8d:80:f3:82:7e:c2:1e:ff:5b:c1:00:8c:2a: 61:a0:b6:23:19:5e:be:23:60:b4:02:ce:c4:cd:2f: fb:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:AD:62:B1:75:19:3D:B0:3C:A8:D6:B6:DD:8D:0F:83:0D:38:DD:74 X509v3 Authority Key Identifier: keyid:01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/Da1isXUZPbA8qNa23Y0Pgw043XQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.63.192.0/18 Signature Algorithm: sha256WithRSAEncryption c1:71:d9:a6:14:64:2b:36:32:a5:9b:70:5e:b2:00:88:d3:43: 9c:0b:38:08:c4:e0:48:ef:4d:a9:be:9e:61:0a:65:af:30:a9: 3c:4a:54:4d:81:c4:2f:3c:0d:2d:16:17:41:6e:35:72:d5:8a: fc:46:8a:96:01:d0:57:d6:98:82:a3:4b:57:ca:b9:09:6f:08: 88:1d:07:52:64:45:22:49:d7:36:e4:8a:a6:71:aa:fb:09:a0: 2c:2a:77:0c:38:96:be:4e:d2:60:e8:5f:59:1b:d3:cc:35:a2: 97:d4:51:cb:0d:3f:a0:0f:33:12:5f:40:4c:47:b4:7c:0d:2f: f2:b9:49:55:79:85:e2:0f:56:5d:d7:15:fd:41:b6:c3:5b:8f: d7:54:1c:b9:f9:c6:61:5d:9f:27:5b:74:10:6e:4e:ff:22:8b: 26:c1:9e:af:0b:9f:63:11:83:cf:15:d3:49:93:ab:37:ba:65: a8:96:10:16:a6:42:11:be:30:c5:62:e1:20:b9:1f:45:a7:e3: 26:9a:e5:b2:27:50:ad:56:4f:ed:d7:e6:81:c2:3d:14:ff:88: 9e:e4:61:01:ba:d4:2a:29:52:35:98:ca:34:e3:43:ee:86:96: 71:62:57:ec:e7:e8:fb:5a:9d:05:76:ff:11:42:88:11:04:a9: 5f:cc:4d:ab -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDFB NTMyNjFCMjAwMUZBN0VCNTc3OTNFMkU1NzlCNzMyMkY4RTc2QTAeFw0yNTA4MjIw ODQ0MzVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBEQUQ2MkIxNzUxOTNE QjAzQ0E4RDZCNkREOEQwRjgzMEQzOERENzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDjh77hUBwb33l8TZxx26ZpmVaXeqTRRTZzZJjukEq6PiZ3an+ Q06FIlJG8jhW8p5Q3okuj2HTxb32w3d8WO6sx6a5RXzo5ZZN/b4oTsjGt4maflPD e95Z3kvlBu40a8F520lDrSua21MvtLCR0Mk9GAaAzi3PPuRZcpHcHDTErM/WOdU9 0qJ1+8mfTaSSL59y3hPGxS6rallb21DLedGQYXidMIMr8shSQGytLYEdvLJkO1pc BKUSuWUjYGI8EHrPRWBA68mmzhf5VXN51nqkSbQKGQRbF6/ckSa8CcawdbNxjYDz gn7CHv9bwQCMKmGgtiMZXr4jYLQCzsTNL/sPAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUDa1isXUZPbA8qNa23Y0Pgw043XQwHwYDVR0jBBgwFoAUAaUyYbIAH6frV3k+ LlebcyL452owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FWRUNP TS9BYVV5WWJJQUg2ZnJWM2stTGxlYmN5TDQ1Mm8uY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0FhVXlZYklBSDZmclYzay1MbGViY3lMNDUyby5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBVkVDT00vRGExaXNYVVpQYkE4cU5h MjNZMFBndzA0M1hRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME Bj0/wDANBgkqhkiG9w0BAQsFAAOCAQEAwXHZphRkKzYypZtwXrIAiNNDnAs4CMTg SO9Nqb6eYQplrzCpPEpUTYHELzwNLRYXQW41ctWK/EaKlgHQV9aYgqNLV8q5CW8I iB0HUmRFIknXNuSKpnGq+wmgLCp3DDiWvk7SYOhfWRvTzDWil9RRyw0/oA8zEl9A TEe0fA0v8rlJVXmF4g9WXdcV/UG2w1uP11QcufnGYV2fJ1t0EG5O/yKLJsGerwuf YxGDzxXTSZOrN7plqJYQFqZCEb4wxWLhILkfRafjJprlsidQrVZP7dfmgcI9FP+I nuRhAbrUKilSNZjKNOND7oaWcWJX7Ofo+1qdBXb/EUKIEQSpX8xNqw== -----END CERTIFICATE-----Generated at Sun Aug 24 09:40:25 2025 by rpki-client