$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QBsr4KNmTCNzjy3AyEzFikZf97I.roa File: QBsr4KNmTCNzjy3AyEzFikZf97I.roa (raw, json) Hash identifier: 0IWXLa/bVyhC2+OgfbHV/WuM0nYWjQe5lEk/Ls7WC1k= Subject key identifier: 40:1B:2B:E0:A3:66:4C:23:73:8F:2D:C0:C8:4C:C5:8A:46:5F:F7:B2 Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0E68 Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QBsr4KNmTCNzjy3AyEzFikZf97I.roa Signing time: Fri 22 Aug 2025 08:56:29 +0000 ROA not before: Fri 22 Aug 2025 08:56:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4780 IP address blocks: 180.214.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3688 (0xe68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Aug 22 08:56:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=401B2BE0A3664C23738F2DC0C84CC58A465FF7B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b6:85:18:0d:47:65:8a:e9:0d:4d:4e:fc:e6: ec:79:d8:1d:27:b6:27:11:e6:07:68:e7:13:28:13: eb:a9:26:64:76:77:32:ae:9a:82:95:55:0a:d8:42: 0f:b8:39:74:13:27:85:6a:9e:eb:df:b7:4f:d6:df: 25:5a:28:bc:30:8a:8e:ce:cb:a9:4b:82:c1:5d:a3: 79:a8:b3:4b:9d:4f:04:e2:5c:e1:62:d6:5a:27:24: 20:34:df:25:b3:de:14:ff:ce:c9:fd:33:24:bc:ca: 4c:f9:e0:e1:58:4f:36:21:31:db:18:9f:7f:71:64: 99:e5:86:35:7e:3d:d7:ee:9e:2d:9d:4a:d5:84:f4: 6e:b6:a7:85:cb:4d:9c:f7:a8:f9:76:72:9f:f0:8e: 79:e4:b2:28:ac:f5:63:3f:62:75:31:a1:c8:c7:88: bd:6c:fb:48:ba:49:e6:fe:18:34:31:1a:d4:9a:c0: 6c:1c:b9:4c:5d:f3:82:13:78:56:93:a6:46:42:1e: d5:d1:80:b1:65:f0:60:ae:2d:f9:2d:cc:ab:95:58: c7:30:bb:1c:fc:59:5a:83:02:e1:e6:71:44:a5:60: b6:be:6c:09:1c:ef:00:ed:bc:8b:eb:2f:11:91:07: d9:29:e0:13:bd:32:b9:02:d8:f8:c6:5d:7f:91:a8: fe:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:1B:2B:E0:A3:66:4C:23:73:8F:2D:C0:C8:4C:C5:8A:46:5F:F7:B2 X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QBsr4KNmTCNzjy3AyEzFikZf97I.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.214.176.0/20 Signature Algorithm: sha256WithRSAEncryption 59:bd:71:f9:31:0c:8b:f3:b1:87:f5:c3:e9:ff:e2:cd:e2:a5: eb:c3:4e:e1:2a:d5:8d:2a:02:60:5d:d9:16:e1:92:67:48:0a: 8b:d3:26:79:e5:05:94:0e:6b:fa:ab:c0:a0:22:5f:d3:14:1a: 17:6e:c3:cb:d7:61:0e:aa:cf:52:d4:d5:02:9a:6c:d5:ad:98: 69:77:64:f4:8e:72:da:f6:1b:12:54:3c:bb:49:e1:80:b4:86: 64:aa:ca:a2:7a:6d:95:10:26:1c:cd:e5:58:a5:6a:2f:89:8d: b8:76:6c:f5:6d:2c:50:d8:b0:1e:9a:85:4e:7f:e0:19:c9:f0: bf:41:28:41:83:38:8f:d9:fc:e4:d0:9d:17:ba:a8:f4:da:db: 51:27:d7:10:0d:ec:06:cb:15:97:f6:81:5d:82:1d:a6:cc:85: 72:c8:9e:48:04:d2:f3:ef:b8:25:41:a4:7a:db:b5:65:43:bb: 77:f2:8b:da:67:44:1b:9d:c0:b3:24:7a:72:df:7f:0b:b7:8d: 5f:c7:2a:4a:e5:28:3f:09:13:50:15:94:fc:47:08:1a:41:0a: 0b:a5:07:af:b7:e4:2f:59:fd:2e:37:03:7d:da:71:cf:d5:7d: 3a:63:cc:e2:8d:ae:5a:7e:24:0e:55:63:ca:8e:20:04:60:1e: b0:df:d5:1b -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw ODU2MjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQwMUIyQkUwQTM2NjRD MjM3MzhGMkRDMEM4NENDNThBNDY1RkY3QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOtoUYDUdliukNTU785ux52B0nticR5gdo5xMoE+upJmR2dzKu moKVVQrYQg+4OXQTJ4Vqnuvft0/W3yVaKLwwio7Oy6lLgsFdo3mos0udTwTiXOFi 1lonJCA03yWz3hT/zsn9MyS8ykz54OFYTzYhMdsYn39xZJnlhjV+Pdfuni2dStWE 9G62p4XLTZz3qPl2cp/wjnnksiis9WM/YnUxocjHiL1s+0i6Seb+GDQxGtSawGwc uUxd84ITeFaTpkZCHtXRgLFl8GCuLfktzKuVWMcwuxz8WVqDAuHmcUSlYLa+bAkc 7wDtvIvrLxGRB9kp4BO9MrkC2PjGXX+RqP6/AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUQBsr4KNmTCNzjy3AyEzFikZf97IwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9RQnNyNEtObVRDTnpqeTNBeUV6 RmlrWmY5N0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEtNaw MA0GCSqGSIb3DQEBCwUAA4IBAQBZvXH5MQyL87GH9cPp/+LN4qXrw07hKtWNKgJg XdkW4ZJnSAqL0yZ55QWUDmv6q8CgIl/TFBoXbsPL12EOqs9S1NUCmmzVrZhpd2T0 jnLa9hsSVDy7SeGAtIZkqsqiem2VECYczeVYpWoviY24dmz1bSxQ2LAemoVOf+AZ yfC/QShBgziP2fzk0J0Xuqj02ttRJ9cQDewGyxWX9oFdgh2mzIVyyJ5IBNLz77gl QaR627VlQ7t38ovaZ0QbncCzJHpy338Lt41fxypK5Sg/CRNQFZT8RwgaQQoLpQev t+QvWf0uNwN92nHP1X06Y8zija5afiQOVWPKjiAEYB6w39Ub -----END CERTIFICATE-----Generated at Sun Aug 24 09:45:09 2025 by rpki-client