$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/f7LsGrvkzonZbKx6h9rfNoJiATg.roa File: f7LsGrvkzonZbKx6h9rfNoJiATg.roa (raw, json) Hash identifier: 9Dpm/+wE/UcHzDGMwoIiwEid3dR1ii8tlzzu9gMO19Y= Subject key identifier: 7F:B2:EC:1A:BB:E4:CE:89:D9:6C:AC:7A:87:DA:DF:36:82:62:01:38 Certificate issuer: /CN=01A53261B2001FA7EB57793E2E579B7322F8E76A Certificate serial: 0E58 Authority key identifier: 01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/f7LsGrvkzonZbKx6h9rfNoJiATg.roa Signing time: Fri 22 Aug 2025 08:44:33 +0000 ROA not before: Fri 22 Aug 2025 08:44:33 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9676 IP address blocks: 101.0.192.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3672 (0xe58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01A53261B2001FA7EB57793E2E579B7322F8E76A Validity Not Before: Aug 22 08:44:33 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=7FB2EC1ABBE4CE89D96CAC7A87DADF3682620138 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:50:ed:a1:cd:14:81:31:94:6e:7c:9a:be:78: 4b:3e:20:a9:83:1a:61:64:01:27:f8:7c:63:24:47: 04:d0:ca:7f:69:d7:66:19:73:6b:e6:b3:6d:82:e2: 25:01:84:2a:56:e3:89:ef:2a:83:d0:3b:4b:11:bc: 8a:40:0d:64:77:fd:fc:83:e1:af:62:59:f9:0c:a5: eb:fb:48:62:c0:28:10:7d:2e:ae:df:53:a4:52:dc: 00:d9:d9:ce:f6:3d:ca:bc:09:74:cc:fa:c5:44:ab: 94:8c:aa:8b:a8:a2:e2:00:88:dc:f6:fc:e8:c0:ca: f3:39:04:4c:b9:ce:e1:55:ba:6a:2a:a0:18:78:f4: d7:6d:82:1f:35:b3:7d:c5:a2:0a:a9:a2:02:9b:8e: 04:e8:fb:89:9d:b8:ac:55:9d:63:00:bb:82:1f:5b: 86:12:4e:4c:57:b8:a0:6f:e9:36:7a:d4:46:54:60: 3b:07:e4:e0:9a:97:76:e2:06:54:08:c8:57:71:4c: 75:ff:db:dd:47:cc:ae:45:70:3b:eb:d5:86:7e:31: 34:7b:72:ae:2f:00:ec:0b:04:a4:06:7b:18:49:64: b8:f8:bc:bf:19:7c:d7:d1:ca:09:07:b0:23:e0:ca: b0:5d:7d:af:57:0a:4b:c4:21:8c:cf:42:e4:8e:3f: 10:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:B2:EC:1A:BB:E4:CE:89:D9:6C:AC:7A:87:DA:DF:36:82:62:01:38 X509v3 Authority Key Identifier: keyid:01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/f7LsGrvkzonZbKx6h9rfNoJiATg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.0.192.0/19 Signature Algorithm: sha256WithRSAEncryption bf:60:fd:3a:95:7e:32:ec:0d:12:c3:5a:09:30:3c:30:07:b8: fa:b1:dc:b7:81:6b:d3:bf:9a:80:72:09:80:e2:3d:dd:d0:9a: b3:7b:f4:f4:8e:96:0c:96:a0:df:ef:e1:20:7a:d8:ba:64:66: 41:90:dc:ab:fd:b0:5f:7f:44:58:53:72:45:18:2d:29:e2:b3: 1b:00:75:26:cc:37:99:7c:9f:92:21:7a:5a:bb:d1:a0:69:45: 5b:57:77:65:7d:d2:e3:4e:30:03:e8:bd:5a:6a:25:6c:7d:79: bb:6d:32:3b:72:c8:95:ae:bd:93:4e:2a:a1:25:be:94:9d:ae: d1:20:da:c0:b6:47:2a:b2:3c:55:8f:4e:66:c8:5b:0a:32:3d: cb:93:30:c9:4e:c2:24:3f:39:15:59:23:0c:50:d8:e2:77:2f: 80:83:ca:c0:b7:18:6a:22:dd:a4:50:ef:4b:e8:4c:c7:b7:89: fb:f9:19:fc:95:52:38:7f:20:92:74:1d:68:1b:63:9f:ec:87: 11:ba:c9:5d:6e:be:62:bc:25:b6:6d:43:46:8d:39:41:7d:6e: 4a:d3:3c:ac:42:4a:89:e5:db:38:35:14:30:b7:a9:65:09:ce: a4:91:77:8b:93:92:44:d3:9b:1c:22:5f:d9:72:1d:7d:66:0a: c3:3b:26:70 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDFB NTMyNjFCMjAwMUZBN0VCNTc3OTNFMkU1NzlCNzMyMkY4RTc2QTAeFw0yNTA4MjIw ODQ0MzNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDdGQjJFQzFBQkJFNENF ODlEOTZDQUM3QTg3REFERjM2ODI2MjAxMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYUO2hzRSBMZRufJq+eEs+IKmDGmFkASf4fGMkRwTQyn9p12YZ c2vms22C4iUBhCpW44nvKoPQO0sRvIpADWR3/fyD4a9iWfkMpev7SGLAKBB9Lq7f U6RS3ADZ2c72Pcq8CXTM+sVEq5SMqouoouIAiNz2/OjAyvM5BEy5zuFVumoqoBh4 9Ndtgh81s33FogqpogKbjgTo+4mduKxVnWMAu4IfW4YSTkxXuKBv6TZ61EZUYDsH 5OCal3biBlQIyFdxTHX/291HzK5FcDvr1YZ+MTR7cq4vAOwLBKQGexhJZLj4vL8Z fNfRygkHsCPgyrBdfa9XCkvEIYzPQuSOPxAZAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUf7LsGrvkzonZbKx6h9rfNoJiATgwHwYDVR0jBBgwFoAUAaUyYbIAH6frV3k+ LlebcyL452owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FWRUNP TS9BYVV5WWJJQUg2ZnJWM2stTGxlYmN5TDQ1Mm8uY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0FhVXlZYklBSDZmclYzay1MbGViY3lMNDUyby5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBVkVDT00vZjdMc0dydmt6b25aYkt4 Nmg5cmZOb0ppQVRnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BWUAwDANBgkqhkiG9w0BAQsFAAOCAQEAv2D9OpV+MuwNEsNaCTA8MAe4+rHct4Fr 07+agHIJgOI93dCas3v09I6WDJag3+/hIHrYumRmQZDcq/2wX39EWFNyRRgtKeKz GwB1Jsw3mXyfkiF6WrvRoGlFW1d3ZX3S404wA+i9WmolbH15u20yO3LIla69k04q oSW+lJ2u0SDawLZHKrI8VY9OZshbCjI9y5MwyU7CJD85FVkjDFDY4ncvgIPKwLcY aiLdpFDvS+hMx7eJ+/kZ/JVSOH8gknQdaBtjn+yHEbrJXW6+Yrwltm1DRo05QX1u StM8rEJKieXbODUUMLepZQnOpJF3i5OSRNObHCJf2XIdfWYKwzsmcA== -----END CERTIFICATE-----Generated at Sun Aug 24 11:44:04 2025 by rpki-client