$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/AhPI1REtvXR-HmqhvrJRUTP3vZQ.roa File: AhPI1REtvXR-HmqhvrJRUTP3vZQ.roa (raw, json) Hash identifier: p7ZON6VJFzxo/oXIY51nIP15JkA52qIdYX3MrvdhXx4= Subject key identifier: 02:13:C8:D5:11:2D:BD:74:7E:1E:6A:A1:BE:B2:51:51:33:F7:BD:94 Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0E58 Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/AhPI1REtvXR-HmqhvrJRUTP3vZQ.roa Signing time: Fri 22 Aug 2025 08:56:25 +0000 ROA not before: Fri 22 Aug 2025 08:56:25 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4780 IP address blocks: 150.129.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:26:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3672 (0xe58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Aug 22 08:56:25 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0213C8D5112DBD747E1E6AA1BEB2515133F7BD94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:8a:47:49:7e:07:ff:82:4d:23:9b:d9:25:3d: 93:4a:ea:d7:d6:7f:13:2d:a2:c6:d8:58:50:55:29: 9f:03:06:e2:1e:12:a3:4d:ca:7f:1b:10:02:2a:dc: a2:9b:24:32:a1:43:5f:2f:cb:11:f9:b8:79:2c:20: a5:c5:b6:4c:01:6f:ae:6e:89:95:4d:01:ea:84:28: 64:b0:a6:e4:28:2a:00:01:be:2c:a5:1e:e4:8e:8c: fb:00:d5:2a:3e:4a:94:59:54:bd:ad:01:56:7d:93: ac:d7:e0:2e:ad:06:64:c9:3d:a2:c2:a8:bd:db:97: f2:e4:cf:b5:4c:25:c0:80:ef:95:84:70:6b:69:42: 5a:a4:4e:d6:05:ea:32:ea:9f:bc:b9:76:11:17:de: 01:dd:af:25:57:03:8a:e3:6e:ef:5f:4b:79:6a:10: 23:34:7d:eb:7f:68:31:17:60:6b:d7:3d:28:e9:62: 22:73:66:0f:a7:98:4d:e9:a5:7a:59:50:06:d3:fb: f6:66:e4:07:f0:74:20:71:5b:31:3a:ec:17:fe:ac: 41:da:12:bd:77:55:cf:43:be:2d:1d:d9:ef:d3:9d: 78:ae:b8:80:38:1d:2b:a6:af:17:d8:de:1b:e9:81: 49:a1:60:95:e2:ea:d1:1d:a3:69:fa:73:97:d3:18: 43:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:13:C8:D5:11:2D:BD:74:7E:1E:6A:A1:BE:B2:51:51:33:F7:BD:94 X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/AhPI1REtvXR-HmqhvrJRUTP3vZQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.129.72.0/22 Signature Algorithm: sha256WithRSAEncryption 99:f3:7f:0d:e9:e1:38:c7:ee:67:ae:8f:e1:a7:d1:f0:6f:c7: a5:ce:05:e7:83:61:75:f8:f6:4a:9a:cb:69:3a:a0:cb:6e:1d: b1:25:78:ec:2b:5b:65:84:4e:ef:f3:0b:b6:93:eb:54:5b:c7: 92:43:3f:4e:30:ad:e0:ca:d6:fb:70:4a:de:24:b1:54:7d:78: 76:bc:99:dd:95:90:c3:66:dd:bf:68:c8:51:5d:6a:55:14:06: 9b:84:1e:f6:6d:3e:92:0d:28:77:11:77:00:92:2e:a9:ae:11: db:04:bc:44:24:4c:8b:8f:2e:d9:ca:e9:0a:76:06:95:06:2e: f3:db:97:40:1f:05:54:31:77:1e:b6:c9:ce:bf:ff:80:d1:cb: b3:84:a9:c2:47:5e:d5:c5:13:34:7e:58:31:07:64:4f:2b:a5: 0d:48:0f:e3:6b:ad:fc:74:87:bb:91:d3:b7:b5:60:3a:f5:38: 2c:7f:30:35:a7:b0:39:22:b5:b9:d9:fe:05:68:7d:52:cd:62: 87:9e:3c:0a:e8:bc:1e:c0:9f:66:75:5e:23:b3:9e:f1:be:f8: fb:f7:54:8d:2e:56:f9:ff:f8:dd:f0:3d:8f:38:71:24:d5:11: 10:53:92:ec:8d:c8:f3:45:72:21:a6:cf:bd:72:54:53:14:bc: 7c:35:83:0e -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw ODU2MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDAyMTNDOEQ1MTEyREJE NzQ3RTFFNkFBMUJFQjI1MTUxMzNGN0JEOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8ikdJfgf/gk0jm9klPZNK6tfWfxMtosbYWFBVKZ8DBuIeEqNN yn8bEAIq3KKbJDKhQ18vyxH5uHksIKXFtkwBb65uiZVNAeqEKGSwpuQoKgABviyl HuSOjPsA1So+SpRZVL2tAVZ9k6zX4C6tBmTJPaLCqL3bl/Lkz7VMJcCA75WEcGtp QlqkTtYF6jLqn7y5dhEX3gHdryVXA4rjbu9fS3lqECM0fet/aDEXYGvXPSjpYiJz Zg+nmE3ppXpZUAbT+/Zm5AfwdCBxWzE67Bf+rEHaEr13Vc9Dvi0d2e/TnXiuuIA4 HSumrxfY3hvpgUmhYJXi6tEdo2n6c5fTGEPZAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUAhPI1REtvXR+HmqhvrJRUTP3vZQwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9BaFBJMVJFdHZYUi1IbXFodnJK UlVUUDN2WlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloFI MA0GCSqGSIb3DQEBCwUAA4IBAQCZ838N6eE4x+5nro/hp9Hwb8elzgXng2F1+PZK mstpOqDLbh2xJXjsK1tlhE7v8wu2k+tUW8eSQz9OMK3gytb7cEreJLFUfXh2vJnd lZDDZt2/aMhRXWpVFAabhB72bT6SDSh3EXcAki6prhHbBLxEJEyLjy7ZyukKdgaV Bi7z25dAHwVUMXcetsnOv/+A0cuzhKnCR17VxRM0flgxB2RPK6UNSA/ja638dIe7 kdO3tWA69TgsfzA1p7A5IrW52f4FaH1SzWKHnjwK6LwewJ9mdV4js57xvvj791SN Llb5//jd8D2POHEk1REQU5LsjcjzRXIhps+9clRTFLx8NYMO -----END CERTIFICATE-----Generated at Tue Oct 21 02:25:43 2025 by rpki-client