$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Z04Bgi7OiD-eaytqM9pXQRQ0ErU.roa File: Z04Bgi7OiD-eaytqM9pXQRQ0ErU.roa (raw, json) Hash identifier: wdJa2dSgEEOtCcBkBt3OsUNwguWDk0SP095/tS/kdYo= Subject key identifier: 67:4E:01:82:2E:CE:88:3F:9E:6B:2B:6A:33:DA:57:41:14:34:12:B5 Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0E5B Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Z04Bgi7OiD-eaytqM9pXQRQ0ErU.roa Signing time: Fri 22 Aug 2025 08:56:25 +0000 ROA not before: Fri 22 Aug 2025 08:56:25 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4780 IP address blocks: 124.109.112.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3675 (0xe5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Aug 22 08:56:25 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=674E01822ECE883F9E6B2B6A33DA5741143412B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ae:1c:08:80:b9:62:2b:6f:24:89:58:a1:52: ad:2f:3c:32:5b:0e:0c:c0:ac:10:2b:23:0b:db:a8: 09:52:4d:2f:80:9e:d8:3b:34:b8:65:39:9d:cd:46: b9:1c:2c:26:b5:3d:50:a8:77:99:4e:25:b6:d2:13: 38:0e:81:6a:9a:4d:2e:a8:d1:98:15:c2:23:83:cd: 99:d9:38:e1:9f:60:44:1c:01:6e:02:92:3f:a9:2c: 3b:3f:52:04:1b:e5:3a:ad:ca:74:9c:a8:1f:0d:61: 30:14:06:f4:0b:28:8f:05:c8:82:ca:cb:2d:5d:7e: 3c:11:e1:92:76:98:79:e8:52:db:54:91:88:30:44: 72:8e:88:43:74:ce:74:dc:6f:21:c7:61:d6:cb:f0: e0:b4:c1:98:77:87:8f:4a:ee:a3:50:1f:52:1d:f4: c6:c5:ac:6c:0e:5d:d8:5c:f6:fc:aa:8f:25:4d:8c: c8:e9:a5:32:d6:9a:52:14:c7:a8:cf:53:05:ba:8b: c7:a4:7b:9d:03:71:fc:cc:60:54:72:4e:9b:bd:e5: 4f:86:f9:06:91:22:4e:a6:cc:59:79:15:8b:e6:1f: 18:bc:1b:b6:de:d1:a2:12:80:16:b1:42:c7:9f:72: d2:ff:b3:fa:af:60:16:b4:90:7e:b5:a9:b0:0b:a5: f1:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:4E:01:82:2E:CE:88:3F:9E:6B:2B:6A:33:DA:57:41:14:34:12:B5 X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Z04Bgi7OiD-eaytqM9pXQRQ0ErU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.109.112.0/20 Signature Algorithm: sha256WithRSAEncryption 61:5e:2e:2b:81:47:be:93:74:f7:42:1a:51:60:93:a3:5a:23: c7:50:92:49:d8:c3:c0:7d:63:9d:41:f3:7b:c3:01:78:44:cd: 91:f2:a6:d4:15:73:78:0a:a7:b7:dc:3f:9c:af:f7:ff:a1:24: a4:ad:ef:18:01:5a:d7:07:a6:87:e3:41:cb:26:e1:34:93:94: f5:04:8f:19:f9:77:ae:1f:9c:55:27:cc:c7:86:46:aa:91:00: 1f:ad:df:00:45:c8:e4:2e:48:3a:4d:85:c4:c8:fc:77:56:6a: a4:43:96:c9:94:04:4a:ad:23:6f:48:44:a1:0d:6e:a1:02:bd: f7:b9:8a:bb:40:77:78:6a:ae:ba:b6:3d:a7:93:fa:0a:1a:c6: 63:91:09:45:99:f8:7a:eb:c2:b8:0f:e7:dc:74:5c:5d:f8:62: fb:97:73:31:7e:84:58:46:58:7e:e6:ef:2f:5d:ad:aa:93:49: a4:4f:72:39:5f:ca:dc:75:21:e4:a2:93:65:08:14:43:3f:a0: 18:ad:97:14:57:3c:44:05:27:4a:15:71:fd:74:a5:07:7f:3e: 33:74:a1:5a:39:de:26:8b:ca:b6:59:f3:bf:d5:6f:12:6c:16: d8:b0:45:ec:f8:08:35:c6:b9:fb:29:7f:c0:27:16:7b:9d:cf: bf:4c:2b:dd -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw ODU2MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY3NEUwMTgyMkVDRTg4 M0Y5RTZCMkI2QTMzREE1NzQxMTQzNDEyQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwrhwIgLliK28kiVihUq0vPDJbDgzArBArIwvbqAlSTS+Antg7 NLhlOZ3NRrkcLCa1PVCod5lOJbbSEzgOgWqaTS6o0ZgVwiODzZnZOOGfYEQcAW4C kj+pLDs/UgQb5TqtynScqB8NYTAUBvQLKI8FyILKyy1dfjwR4ZJ2mHnoUttUkYgw RHKOiEN0znTcbyHHYdbL8OC0wZh3h49K7qNQH1Id9MbFrGwOXdhc9vyqjyVNjMjp pTLWmlIUx6jPUwW6i8eke50DcfzMYFRyTpu95U+G+QaRIk6mzFl5FYvmHxi8G7be 0aISgBaxQsefctL/s/qvYBa0kH61qbALpfHTAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUZ04Bgi7OiD+eaytqM9pXQRQ0ErUwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9aMDRCZ2k3T2lELWVheXRxTTlw WFFSUTBFclUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEfG1w MA0GCSqGSIb3DQEBCwUAA4IBAQBhXi4rgUe+k3T3QhpRYJOjWiPHUJJJ2MPAfWOd QfN7wwF4RM2R8qbUFXN4Cqe33D+cr/f/oSSkre8YAVrXB6aH40HLJuE0k5T1BI8Z +XeuH5xVJ8zHhkaqkQAfrd8ARcjkLkg6TYXEyPx3VmqkQ5bJlARKrSNvSEShDW6h Ar33uYq7QHd4aq66tj2nk/oKGsZjkQlFmfh668K4D+fcdFxd+GL7l3MxfoRYRlh+ 5u8vXa2qk0mkT3I5X8rcdSHkopNlCBRDP6AYrZcUVzxEBSdKFXH9dKUHfz4zdKFa Od4mi8q2WfO/1W8SbBbYsEXs+Ag1xrn7KX/AJxZ7nc+/TCvd -----END CERTIFICATE-----Generated at Sun Aug 24 09:39:55 2025 by rpki-client