$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Ek7kLtECOBnlPLpnVpsIX54XCWg.roa File: Ek7kLtECOBnlPLpnVpsIX54XCWg.roa (raw, json) Hash identifier: ePjHezmF6HgFCsKAR1O3NCgNeAD6NGH37vBlOJ45KHA= Subject key identifier: 12:4E:E4:2E:D1:02:38:19:E5:3C:BA:67:56:9B:08:5F:9E:17:09:68 Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0E66 Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Ek7kLtECOBnlPLpnVpsIX54XCWg.roa Signing time: Fri 22 Aug 2025 08:56:29 +0000 ROA not before: Fri 22 Aug 2025 08:56:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4780 IP address blocks: 103.234.204.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3686 (0xe66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Aug 22 08:56:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=124EE42ED1023819E53CBA67569B085F9E170968 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:c2:3b:33:a2:a0:26:b6:8d:2f:f1:9a:a8:9b: e5:be:b4:86:2b:a8:0d:71:45:ed:f3:25:d7:94:c5: 4a:46:28:aa:65:52:fc:91:e6:c6:ff:3f:9f:59:af: a5:34:d5:e3:2e:c5:ee:c2:0d:e5:eb:11:10:18:7c: df:f8:c7:fc:a8:cd:3d:07:07:97:06:20:06:23:1c: 7e:62:68:d0:8b:08:ef:9f:33:35:97:5a:95:54:1a: d1:64:e5:d6:92:39:dc:58:ce:fe:e0:2a:68:93:7f: 8c:26:3f:f8:bf:2a:f9:d3:71:5e:d9:de:7f:fe:61: f8:70:fc:0b:4f:fb:0c:d8:c8:bd:51:34:15:8f:12: 89:16:b1:11:a1:0c:e8:27:ce:5b:6b:ae:a6:9d:a0: 60:4f:a6:f8:ba:03:c9:6a:06:bb:29:9e:99:18:15: 14:6b:dc:e0:52:c0:25:bb:c7:c5:8d:a6:1c:dc:46: 21:76:39:48:d8:af:ff:c1:7a:76:db:29:80:6f:c2: 3e:0d:a0:27:a6:46:cf:98:e1:41:2b:c6:bb:33:20: c0:59:c0:8e:4e:02:85:26:f1:c2:cf:a8:ad:39:be: d7:02:78:41:cb:53:83:f1:9b:f7:d5:c2:d7:74:49: c4:a5:1d:a0:1a:0c:0e:12:94:23:c9:90:c9:5e:f7: 24:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:4E:E4:2E:D1:02:38:19:E5:3C:BA:67:56:9B:08:5F:9E:17:09:68 X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Ek7kLtECOBnlPLpnVpsIX54XCWg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.234.204.0/22 Signature Algorithm: sha256WithRSAEncryption 5c:a2:c5:b0:15:e6:2d:e3:e4:52:ef:44:a6:8b:39:0c:3b:15: 59:fd:43:27:c1:68:88:87:dc:76:f1:b8:b3:f7:0c:dc:a0:cc: 15:48:c1:f7:87:ab:37:1b:98:96:0a:a8:03:ee:f4:2c:da:83: 82:fa:b0:6a:29:a7:a3:e6:9b:70:fd:e5:c2:7a:1a:59:cd:35: 44:02:59:4a:9e:51:c8:6f:50:77:d2:80:2e:ca:5d:74:db:36: d6:e1:e8:08:7b:07:ab:c8:18:e9:3f:15:ac:46:fb:e4:74:19: d8:61:98:98:f5:e8:f9:78:59:b3:d2:bc:42:6a:09:1c:a4:e4: 98:82:96:11:3d:56:a7:7b:57:ae:33:50:b6:4e:85:72:74:42: 0d:f6:ef:eb:ed:9d:bf:73:8f:41:22:77:ff:ca:8a:e1:a5:e9: 08:0a:af:a7:9a:24:95:26:d3:27:6b:b8:c2:7c:45:56:2f:01: 43:f0:3c:13:d2:aa:aa:ac:9f:1c:10:63:75:fe:c5:38:e1:7d: 7c:fb:58:28:ec:5f:e0:63:ec:bd:78:44:2e:1e:c5:51:9e:aa: 33:27:b8:5f:0e:ed:f5:50:48:f8:00:41:03:cd:80:95:e9:41: 4d:d4:29:76:e9:38:4d:49:6c:9f:fe:85:8a:38:77:8c:85:f1: e5:ef:95:2c -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw ODU2MjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDEyNEVFNDJFRDEwMjM4 MTlFNTNDQkE2NzU2OUIwODVGOUUxNzA5NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHwjszoqAmto0v8Zqom+W+tIYrqA1xRe3zJdeUxUpGKKplUvyR 5sb/P59Zr6U01eMuxe7CDeXrERAYfN/4x/yozT0HB5cGIAYjHH5iaNCLCO+fMzWX WpVUGtFk5daSOdxYzv7gKmiTf4wmP/i/KvnTcV7Z3n/+Yfhw/AtP+wzYyL1RNBWP EokWsRGhDOgnzltrrqadoGBPpvi6A8lqBrspnpkYFRRr3OBSwCW7x8WNphzcRiF2 OUjYr//BenbbKYBvwj4NoCemRs+Y4UErxrszIMBZwI5OAoUm8cLPqK05vtcCeEHL U4Pxm/fVwtd0ScSlHaAaDA4SlCPJkMle9yRLAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUEk7kLtECOBnlPLpnVpsIX54XCWgwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9FazdrTHRFQ09CbmxQTHBuVnBz SVg1NFhDV2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+rM MA0GCSqGSIb3DQEBCwUAA4IBAQBcosWwFeYt4+RS70SmizkMOxVZ/UMnwWiIh9x2 8biz9wzcoMwVSMH3h6s3G5iWCqgD7vQs2oOC+rBqKaej5ptw/eXCehpZzTVEAllK nlHIb1B30oAuyl102zbW4egIeweryBjpPxWsRvvkdBnYYZiY9ej5eFmz0rxCagkc pOSYgpYRPVane1euM1C2ToVydEIN9u/r7Z2/c49BInf/yorhpekICq+nmiSVJtMn a7jCfEVWLwFD8DwT0qqqrJ8cEGN1/sU44X18+1go7F/gY+y9eEQuHsVRnqozJ7hf Du31UEj4AEEDzYCV6UFN1Cl26ThNSWyf/oWKOHeMhfHl75Us -----END CERTIFICATE-----Generated at Sun Aug 24 09:40:15 2025 by rpki-client