$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SYSNET/RtZUl36MvP4_YgGDE_BJ6OMkQt4.roa File: RtZUl36MvP4_YgGDE_BJ6OMkQt4.roa (raw, json) Hash identifier: qw70X5jWaYUhZEcH0+KDUUuy3cwU8ib8BoH7lw8Mgsc= Subject key identifier: 46:D6:54:97:7E:8C:BC:FE:3F:62:01:83:13:F0:49:E8:E3:24:42:DE Certificate issuer: /CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC Certificate serial: 0DDB Authority key identifier: 96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/RtZUl36MvP4_YgGDE_BJ6OMkQt4.roa Signing time: Fri 22 Aug 2025 08:55:13 +0000 ROA not before: Fri 22 Aug 2025 08:55:13 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4783 IP address blocks: 210.67.112.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3547 (0xddb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC Validity Not Before: Aug 22 08:55:13 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=46D654977E8CBCFE3F62018313F049E8E32442DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:02:51:7a:41:1a:6c:2b:8c:b3:01:3d:0d:18: 59:18:78:48:68:44:40:11:a4:69:dc:e8:3a:a6:b5: ee:d2:e7:b2:d4:0e:09:8f:9c:03:6d:87:47:45:0a: ad:34:2b:b1:3b:f8:93:db:4d:ed:23:34:1d:0e:46: 16:dc:9e:13:3f:dc:e9:cd:b5:47:4d:f7:9a:5a:02: 23:a7:fe:86:00:f4:f0:37:ae:df:d9:0e:2c:5a:f5: 4d:f0:05:e0:75:ea:d8:1c:9f:54:7e:ab:56:bd:45: 52:ef:55:26:fb:da:91:bd:e0:b6:56:43:e8:aa:c1: 30:77:08:12:16:17:43:36:04:2f:05:27:24:0f:35: dc:66:dd:de:4e:3d:08:96:01:35:46:66:0f:82:e1: 8b:f4:37:b6:98:68:54:7e:c8:ba:1f:05:7e:dc:90: ad:30:54:31:e7:0f:b5:91:ed:fe:d2:04:04:48:dd: 22:a0:a3:ed:d0:6d:73:55:b1:7d:ed:be:be:78:dc: 9a:80:16:55:8e:67:e1:61:1b:d4:61:63:ec:0e:9c: 4a:b4:d1:ec:2a:96:ce:5d:de:74:e3:13:fb:de:7a: a1:30:c5:df:7b:f1:b7:ab:d4:0d:21:b2:ea:99:f2: bc:cc:1f:2c:85:ac:60:2a:da:dc:c0:7a:d6:de:fb: 0e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:D6:54:97:7E:8C:BC:FE:3F:62:01:83:13:F0:49:E8:E3:24:42:DE X509v3 Authority Key Identifier: keyid:96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/RtZUl36MvP4_YgGDE_BJ6OMkQt4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.67.112.0/20 Signature Algorithm: sha256WithRSAEncryption 1e:02:9e:b6:bf:ec:85:87:0f:db:a4:3e:21:5c:cb:ab:01:6c: 4f:c7:f8:84:c8:d1:10:39:6b:05:1f:8b:e9:82:ac:3d:e0:34: e3:50:07:43:20:31:02:aa:24:09:6c:90:0a:6d:9f:0d:6c:76: 58:77:b0:90:89:d7:d7:7b:2f:89:b5:45:b0:64:70:6e:72:fb: 44:15:6d:a6:b9:e0:8e:50:dc:7d:9d:1b:bb:11:50:fe:0c:81: fa:43:d6:67:25:d5:c7:03:0b:bb:99:c3:be:50:3e:c4:1b:13: 3b:13:43:f0:f9:20:02:25:c0:e0:8e:cf:f3:da:79:d3:85:a5: c1:6e:19:21:24:3e:54:1c:8b:27:dd:32:ed:3c:d0:1d:18:33: cb:24:04:e2:d1:7a:5f:75:c9:9c:07:08:e2:d9:c8:be:3b:dc: 94:67:7b:4c:6d:f8:93:5f:5f:81:8b:d3:b7:da:30:5c:ff:da: 1b:25:84:02:46:1a:b6:77:ad:ea:53:2d:cc:19:fd:95:30:9d: 38:bd:ee:3a:78:ed:68:18:76:d5:13:05:17:3b:3c:98:c8:fb: 3a:12:7b:5a:40:4e:9c:27:06:7f:83:28:b5:10:f5:10:ff:4f: ec:7d:ed:e0:98:de:23:da:20:28:1e:e9:11:94:dd:94:9e:40: 3a:44:72:5b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTZC Qjk0QjQ1N0Y5RDgyQTI5QjVCMkZEOUYzQTQ0MTg4OTlFNzFFQzAeFw0yNTA4MjIw ODU1MTNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQ2RDY1NDk3N0U4Q0JD RkUzRjYyMDE4MzEzRjA0OUU4RTMyNDQyREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQAlF6QRpsK4yzAT0NGFkYeEhoREARpGnc6Dqmte7S57LUDgmP nANth0dFCq00K7E7+JPbTe0jNB0ORhbcnhM/3OnNtUdN95paAiOn/oYA9PA3rt/Z Dixa9U3wBeB16tgcn1R+q1a9RVLvVSb72pG94LZWQ+iqwTB3CBIWF0M2BC8FJyQP Ndxm3d5OPQiWATVGZg+C4Yv0N7aYaFR+yLofBX7ckK0wVDHnD7WR7f7SBARI3SKg o+3QbXNVsX3tvr543JqAFlWOZ+FhG9RhY+wOnEq00ewqls5d3nTjE/veeqEwxd97 8ber1A0hsuqZ8rzMHyyFrGAq2tzAetbe+w7ZAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQURtZUl36MvP4/YgGDE/BJ6OMkQt4wHwYDVR0jBBgwFoAUlruUtFf52CoptbL9 nzpEGImecewwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVU L2xydVV0RmY1MkNvcHRiTDluenBFR0ltZWNldy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbHJ1VXRGZjUyQ29wdGJMOW56cEVHSW1lY2V3LmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVUL1J0WlVsMzZNdlA0X1lnR0RF X0JKNk9Na1F0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATS Q3AwDQYJKoZIhvcNAQELBQADggEBAB4Cnra/7IWHD9ukPiFcy6sBbE/H+ITI0RA5 awUfi+mCrD3gNONQB0MgMQKqJAlskAptnw1sdlh3sJCJ19d7L4m1RbBkcG5y+0QV baa54I5Q3H2dG7sRUP4MgfpD1mcl1ccDC7uZw75QPsQbEzsTQ/D5IAIlwOCOz/Pa edOFpcFuGSEkPlQciyfdMu080B0YM8skBOLRel91yZwHCOLZyL473JRne0xt+JNf X4GL07faMFz/2hslhAJGGrZ3repTLcwZ/ZUwnTi97jp47WgYdtUTBRc7PJjI+zoS e1pATpwnBn+DKLUQ9RD/T+x97eCY3iPaICge6RGU3ZSeQDpEcls= -----END CERTIFICATE-----Generated at Sun Aug 24 13:36:49 2025 by rpki-client