$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/7Gaf8ZKhWebZWVrmPJa-f2dChe0.roa File: 7Gaf8ZKhWebZWVrmPJa-f2dChe0.roa (raw, json) Hash identifier: vJsdtBYtiqcvSOwBX/Z+/UcAzPkGs5Xx8pZi1gwoIc0= Subject key identifier: EC:66:9F:F1:92:A1:59:E6:D9:59:5A:E6:3C:96:BE:7F:67:42:85:ED Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0E67 Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/7Gaf8ZKhWebZWVrmPJa-f2dChe0.roa Signing time: Fri 22 Aug 2025 08:56:29 +0000 ROA not before: Fri 22 Aug 2025 08:56:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4780 IP address blocks: 203.121.224.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:26:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3687 (0xe67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Aug 22 08:56:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=EC669FF192A159E6D9595AE63C96BE7F674285ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f9:35:5d:63:18:14:8a:fa:b3:49:96:5d:7e: ce:45:8a:ef:20:4d:f2:72:2d:02:ed:c2:58:70:54: 44:ad:2b:04:40:67:9a:1d:a6:cf:af:43:aa:50:76: eb:3d:e8:01:31:be:e5:66:ab:9f:a7:6d:c8:e1:f4: 6f:f8:58:ab:8f:b5:45:32:00:61:f0:94:fa:e4:fd: 09:90:64:14:ed:41:28:bb:fb:63:66:2a:45:f1:7d: 14:8a:22:ef:b2:ff:35:a1:4a:02:20:9e:e7:35:28: 58:68:fa:71:ac:72:e0:48:6c:7c:2a:47:6f:69:db: c8:cb:39:fe:55:2b:b0:66:fb:c4:35:61:2d:01:82: 3e:3f:80:8e:11:9b:11:8d:83:bf:18:80:88:a8:be: 2a:c6:96:7f:84:84:7f:6b:63:01:a4:e7:21:a8:73: 9a:38:88:9e:65:81:07:2e:60:88:b6:60:08:f7:3a: 3e:ce:4d:35:ad:5a:b2:d2:92:df:52:9b:29:5a:c1: 82:52:6d:ff:9b:14:ef:ae:3c:e8:6b:62:8e:8f:fa: 31:8c:df:37:f4:82:9d:81:1e:0c:75:59:61:bc:c2: d9:00:3d:d3:4c:4e:20:c7:24:af:41:10:1c:0f:01: d2:dc:5d:44:b8:76:6f:ec:d3:6e:fd:81:71:c4:69: 5a:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:66:9F:F1:92:A1:59:E6:D9:59:5A:E6:3C:96:BE:7F:67:42:85:ED X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/7Gaf8ZKhWebZWVrmPJa-f2dChe0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.121.224.0/20 Signature Algorithm: sha256WithRSAEncryption a0:86:75:31:71:55:58:07:2e:60:12:f6:0a:13:55:75:3c:36: 45:7c:c1:f0:8e:3d:65:09:97:34:83:98:7a:a9:9a:11:e6:59: 29:39:9d:5d:19:68:ec:cb:af:81:05:1b:35:54:20:5a:12:a2: cd:b2:f3:40:d4:40:01:24:ad:f4:8b:82:9e:18:90:8e:87:ef: e4:d9:44:69:51:2a:fe:f0:78:bc:b9:5d:00:1d:bd:a9:0c:75: 8e:16:dd:90:f1:65:08:0c:2a:b1:43:2d:50:65:f2:04:ec:8a: 68:71:65:9f:e4:5b:36:32:64:b1:c6:09:bd:90:f5:7d:3c:52: 37:d7:e2:57:ed:67:71:17:e3:9c:bd:d1:8a:55:70:47:e5:96: 08:11:02:97:0c:54:19:91:a1:2e:8e:6e:25:a9:cc:b9:a7:02: a2:db:c9:be:3c:e5:87:db:0a:5d:c9:8a:5b:0b:29:53:3d:1e: 1a:04:52:22:4b:1c:4f:5a:89:04:b2:d4:c2:48:ce:bf:81:bf: 1d:c6:e1:ce:96:3e:a5:89:f2:8b:73:d0:bc:53:7b:2f:1d:d9: 20:24:01:1b:37:03:aa:a6:15:32:4a:b4:8a:cd:63:92:1a:dd: 89:52:42:5d:cc:83:68:59:4b:96:02:90:8b:ab:98:53:9e:15: 84:9e:30:00 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw ODU2MjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEVDNjY5RkYxOTJBMTU5 RTZEOTU5NUFFNjNDOTZCRTdGNjc0Mjg1RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCr+TVdYxgUivqzSZZdfs5Fiu8gTfJyLQLtwlhwVEStKwRAZ5od ps+vQ6pQdus96AExvuVmq5+nbcjh9G/4WKuPtUUyAGHwlPrk/QmQZBTtQSi7+2Nm KkXxfRSKIu+y/zWhSgIgnuc1KFho+nGscuBIbHwqR29p28jLOf5VK7Bm+8Q1YS0B gj4/gI4RmxGNg78YgIiovirGln+EhH9rYwGk5yGoc5o4iJ5lgQcuYIi2YAj3Oj7O TTWtWrLSkt9SmylawYJSbf+bFO+uPOhrYo6P+jGM3zf0gp2BHgx1WWG8wtkAPdNM TiDHJK9BEBwPAdLcXUS4dm/s0279gXHEaVo9AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU7Gaf8ZKhWebZWVrmPJa+f2dChe0wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS83R2FmOFpLaFdlYlpXVnJtUEph LWYyZENoZTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3ng MA0GCSqGSIb3DQEBCwUAA4IBAQCghnUxcVVYBy5gEvYKE1V1PDZFfMHwjj1lCZc0 g5h6qZoR5lkpOZ1dGWjsy6+BBRs1VCBaEqLNsvNA1EABJK30i4KeGJCOh+/k2URp USr+8Hi8uV0AHb2pDHWOFt2Q8WUIDCqxQy1QZfIE7IpocWWf5Fs2MmSxxgm9kPV9 PFI31+JX7WdxF+OcvdGKVXBH5ZYIEQKXDFQZkaEujm4lqcy5pwKi28m+POWH2wpd yYpbCylTPR4aBFIiSxxPWokEstTCSM6/gb8dxuHOlj6lifKLc9C8U3svHdkgJAEb NwOqphUySrSKzWOSGt2JUkJdzINoWUuWApCLq5hTnhWEnjAA -----END CERTIFICATE-----Generated at Tue Oct 21 00:03:36 2025 by rpki-client