$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIMPLE/BFZq29P4G61G9dB2gT7QhvFZa0A.roa File: BFZq29P4G61G9dB2gT7QhvFZa0A.roa (raw, json) Hash identifier: 61xvZhTI5MepO8IgJc98rUkdG57VQkd0YnzlrT5TyMQ= Subject key identifier: 04:56:6A:DB:D3:F8:1B:AD:46:F5:D0:76:81:3E:D0:86:F1:59:6B:40 Certificate issuer: /CN=EE1941C37BD1E2CF12512F98AB366C29DA79B718 Certificate serial: 017A Authority key identifier: EE:19:41:C3:7B:D1:E2:CF:12:51:2F:98:AB:36:6C:29:DA:79:B7:18 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7hlBw3vR4s8SUS-YqzZsKdp5txg.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIMPLE/BFZq29P4G61G9dB2gT7QhvFZa0A.roa Signing time: Fri 22 Aug 2025 08:57:02 +0000 ROA not before: Fri 22 Aug 2025 08:57:02 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 204844 IP address blocks: 160.30.99.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIMPLE/7hlBw3vR4s8SUS-YqzZsKdp5txg.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIMPLE/7hlBw3vR4s8SUS-YqzZsKdp5txg.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/7hlBw3vR4s8SUS-YqzZsKdp5txg.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 22:26:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 378 (0x17a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EE1941C37BD1E2CF12512F98AB366C29DA79B718 Validity Not Before: Aug 22 08:57:02 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=04566ADBD3F81BAD46F5D076813ED086F1596B40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:19:26:4e:a2:d5:6e:85:ea:1f:aa:cb:42:06: d8:83:a5:41:9d:08:63:84:9d:cd:07:69:c2:0f:8b: 06:41:0e:ff:c8:52:49:c8:c2:bb:fa:01:ca:2e:0d: 7e:87:23:5c:09:64:a5:f5:bb:a3:85:d5:be:75:87: 70:50:26:ce:58:18:46:04:06:8e:ab:4d:40:58:f5: c7:21:9f:76:fa:aa:37:75:7b:37:06:8b:d9:fb:0f: c1:64:24:f3:da:ea:0b:bf:1a:3b:9a:2c:8e:16:ee: 01:2b:4d:b1:f1:46:e1:7b:7c:23:32:80:89:f3:5f: f0:b6:e0:2a:95:ec:e9:19:f2:57:76:76:5e:60:61: b1:fe:de:00:f5:bc:44:5b:77:90:29:c6:68:f5:c6: 4b:da:fd:2b:68:29:1f:31:ed:50:19:c5:18:6f:d6: f7:c9:e7:d3:82:3f:be:1f:6e:40:89:28:2c:bd:c4: 92:d4:50:20:c2:60:4e:34:b3:03:48:07:81:f2:23: da:32:97:95:01:63:2f:29:8f:e5:f7:59:cd:62:c6: b2:cd:b1:64:03:4d:f4:a9:9a:19:c5:b0:78:8d:08: c8:32:39:95:71:31:27:a6:3e:1b:ad:d3:0c:ce:61: cf:07:ec:68:7a:7d:cb:4d:74:56:5f:dd:02:01:af: 0d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:56:6A:DB:D3:F8:1B:AD:46:F5:D0:76:81:3E:D0:86:F1:59:6B:40 X509v3 Authority Key Identifier: keyid:EE:19:41:C3:7B:D1:E2:CF:12:51:2F:98:AB:36:6C:29:DA:79:B7:18 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIMPLE/7hlBw3vR4s8SUS-YqzZsKdp5txg.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7hlBw3vR4s8SUS-YqzZsKdp5txg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIMPLE/BFZq29P4G61G9dB2gT7QhvFZa0A.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.30.99.0/24 Signature Algorithm: sha256WithRSAEncryption c1:04:15:0d:b1:eb:e6:13:aa:36:64:e5:87:68:80:19:07:3c: 5e:92:65:ab:f0:cf:be:c1:a6:6c:bb:cb:63:04:78:6f:17:11: fc:88:2d:be:6c:69:64:bf:ea:e2:37:8c:58:3e:31:ca:ca:81: 14:47:df:17:61:02:a4:6c:6e:05:fa:c0:3e:55:1f:d1:87:66: fe:bf:73:d3:e3:89:06:16:3e:6d:07:36:e2:f5:fe:7f:0f:24: ac:bb:88:f4:1d:6a:c1:30:a4:31:01:f9:36:3d:b9:ac:9a:1b: f1:3e:d0:2b:1e:69:c1:35:e8:37:51:92:e4:3e:4b:2f:1c:57: f1:99:f7:d3:1e:f2:c9:cf:17:04:94:f0:ff:7a:5b:19:5a:90: 8c:bd:75:0e:a2:d2:61:6f:52:72:79:93:b1:ef:4c:92:df:b7: 6d:9e:99:fe:0a:02:1a:aa:30:3b:1f:9a:5c:8f:c7:dc:a1:30: 78:c4:f0:f9:c8:ca:d5:3e:f8:d8:cb:4b:fd:e1:a3:be:cd:d8: b8:1e:fb:00:8a:21:58:1d:a9:db:c8:bb:c3:92:92:df:79:74: e9:00:5a:33:41:65:48:22:9a:ee:95:a1:44:4b:66:b5:ea:7b: d0:1f:c9:bd:05:f5:36:6b:88:20:55:d2:46:34:f4:d6:54:8f: 14:ef:cc:59 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICAXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUUx OTQxQzM3QkQxRTJDRjEyNTEyRjk4QUIzNjZDMjlEQTc5QjcxODAeFw0yNTA4MjIw ODU3MDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA0NTY2QURCRDNGODFC QUQ0NkY1RDA3NjgxM0VEMDg2RjE1OTZCNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChGSZOotVuheofqstCBtiDpUGdCGOEnc0HacIPiwZBDv/IUknI wrv6AcouDX6HI1wJZKX1u6OF1b51h3BQJs5YGEYEBo6rTUBY9cchn3b6qjd1ezcG i9n7D8FkJPPa6gu/GjuaLI4W7gErTbHxRuF7fCMygInzX/C24CqV7OkZ8ld2dl5g YbH+3gD1vERbd5Apxmj1xkva/StoKR8x7VAZxRhv1vfJ59OCP74fbkCJKCy9xJLU UCDCYE40swNIB4HyI9oyl5UBYy8pj+X3Wc1ixrLNsWQDTfSpmhnFsHiNCMgyOZVx MSemPhut0wzOYc8H7Gh6fctNdFZf3QIBrw0zAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUBFZq29P4G61G9dB2gT7QhvFZa0AwHwYDVR0jBBgwFoAU7hlBw3vR4s8SUS+Y qzZsKdp5txgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lNUExF LzdobEJ3M3ZSNHM4U1VTLVlxelpzS2RwNXR4Zy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvN2hsQnczdlI0czhTVVMtWXF6WnNLZHA1dHhnLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lNUExFL0JGWnEyOVA0RzYxRzlkQjJn VDdRaHZGWmEwQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACg HmMwDQYJKoZIhvcNAQELBQADggEBAMEEFQ2x6+YTqjZk5YdogBkHPF6SZavwz77B pmy7y2MEeG8XEfyILb5saWS/6uI3jFg+McrKgRRH3xdhAqRsbgX6wD5VH9GHZv6/ c9PjiQYWPm0HNuL1/n8PJKy7iPQdasEwpDEB+TY9uayaG/E+0CseacE16DdRkuQ+ Sy8cV/GZ99Me8snPFwSU8P96WxlakIy9dQ6i0mFvUnJ5k7HvTJLft22emf4KAhqq MDsfmlyPx9yhMHjE8PnIytU++NjLS/3ho77N2Lge+wCKIVgdqdvIu8OSkt95dOkA WjNBZUgimu6VoURLZrXqe9Afyb0F9TZriCBV0kY09NZUjxTvzFk= -----END CERTIFICATE-----Generated at Mon Oct 20 19:13:31 2025 by rpki-client