$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/5DUezYjXjtIt1lbE3C3B5CpS6Po.roa File: 5DUezYjXjtIt1lbE3C3B5CpS6Po.roa (raw, json) Hash identifier: +KczhFgGqdKPlVzz1IOP0B5kffzzzqUflnZMwIAIcGE= Subject key identifier: E4:35:1E:CD:88:D7:8E:D2:2D:D6:56:C4:DC:2D:C1:E4:2A:52:E8:FA Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Certificate serial: 0E1D Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/5DUezYjXjtIt1lbE3C3B5CpS6Po.roa Signing time: Fri 22 Aug 2025 09:00:52 +0000 ROA not before: Fri 22 Aug 2025 09:00:52 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131584 IP address blocks: 111.125.128.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3613 (0xe1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Validity Not Before: Aug 22 09:00:52 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=E4351ECD88D78ED22DD656C4DC2DC1E42A52E8FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:ff:5e:a2:f0:6d:40:2c:65:6e:0d:96:20:ca: 3a:e1:5f:1c:dd:3e:98:dd:70:25:b7:aa:b0:03:52: a8:8b:dd:b1:c4:9e:d9:63:43:d4:30:a4:34:1f:4f: da:0b:c0:87:b4:d2:56:4a:69:d6:3a:8d:5d:f7:15: da:7b:fc:c2:58:92:66:ad:ed:ba:42:66:06:5d:cb: 87:84:19:63:3a:b9:ee:47:6d:89:d5:bb:06:56:b3: 89:ed:3b:38:4c:e0:9e:8e:67:cf:5c:0c:61:f7:29: ad:70:c2:be:02:2f:88:8b:71:88:83:04:ff:cd:3d: 4f:c6:4a:10:c8:ce:44:f2:4b:03:6f:54:9a:44:d9: 81:fc:b8:e0:95:2b:29:8d:88:81:62:6f:06:4e:9e: 21:8e:f6:a7:67:4d:43:be:a6:27:8f:e4:27:7a:44: c7:20:d5:08:cc:a6:ff:a0:7d:3a:be:21:a4:03:67: a2:62:31:73:39:7c:86:b7:52:6a:51:c2:d7:8e:4b: 22:c3:8b:b5:e4:05:52:3c:fa:77:e0:29:69:17:01: be:6e:8a:77:fa:a0:c3:25:8a:be:46:e9:2f:37:51: 47:59:4a:88:c8:0b:c5:aa:39:89:16:88:fc:78:f2: 05:39:79:6f:9e:4c:6d:22:0f:ea:5e:72:43:f3:c6: d5:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:35:1E:CD:88:D7:8E:D2:2D:D6:56:C4:DC:2D:C1:E4:2A:52:E8:FA X509v3 Authority Key Identifier: keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/5DUezYjXjtIt1lbE3C3B5CpS6Po.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 111.125.128.0/21 Signature Algorithm: sha256WithRSAEncryption 2a:6d:6c:41:06:e1:5a:c3:7e:36:3e:5c:39:f0:c9:07:58:4d: 02:ce:2b:c1:76:9d:5e:90:1b:93:7f:a2:b1:d5:0f:09:85:19: 9e:f8:54:67:cd:52:fa:bf:2f:43:30:f2:3b:94:bc:0a:e7:1c: 38:90:05:05:8c:f2:10:9d:fc:f8:13:2d:40:ec:22:39:2a:2a: e5:80:52:9f:19:3d:11:d8:35:0a:91:e2:84:45:68:bd:37:4c: 79:36:71:d2:0f:99:af:6a:00:bf:40:cf:27:b6:3d:e2:5e:d0: e0:54:52:cb:40:5f:bc:13:53:71:a8:de:87:04:c0:fc:16:20: 3e:10:72:9c:bf:ec:a1:3f:c9:a4:6a:78:cf:4a:dc:29:4f:34: d2:87:5c:ef:46:b0:28:2f:0a:f2:bd:99:24:29:03:70:f2:2e: fc:35:a7:55:54:78:62:79:5a:9a:37:c9:83:75:8d:0b:b0:f5: a8:c3:81:6e:9b:4e:89:49:02:51:e9:a2:d6:06:56:37:bc:75: 32:18:e5:e8:d2:7c:f7:1a:df:94:5a:2a:db:a0:be:e4:62:6e: 09:d8:f3:a9:19:2f:28:62:23:78:a4:bb:8a:b7:76:52:5f:11: 15:ab:93:76:23:1c:93:70:32:d0:28:28:a5:08:56:32:70:d0: 4a:86:4d:d6 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1 NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTA4MjIw OTAwNTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEU0MzUxRUNEODhENzhF RDIyREQ2NTZDNERDMkRDMUU0MkE1MkU4RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD3/16i8G1ALGVuDZYgyjrhXxzdPpjdcCW3qrADUqiL3bHEntlj Q9QwpDQfT9oLwIe00lZKadY6jV33Fdp7/MJYkmat7bpCZgZdy4eEGWM6ue5HbYnV uwZWs4ntOzhM4J6OZ89cDGH3Ka1wwr4CL4iLcYiDBP/NPU/GShDIzkTySwNvVJpE 2YH8uOCVKymNiIFibwZOniGO9qdnTUO+pieP5Cd6RMcg1QjMpv+gfTq+IaQDZ6Ji MXM5fIa3UmpRwteOSyLDi7XkBVI8+nfgKWkXAb5uinf6oMMlir5G6S83UUdZSojI C8WqOYkWiPx48gU5eW+eTG0iD+peckPzxtUTAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU5DUezYjXjtIt1lbE3C3B5CpS6PowHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83 NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2LzVEVWV6WWpYanRJ dDFsYkUzQzNCNUNwUzZQby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBANvfYAwDQYJKoZIhvcNAQELBQADggEBACptbEEG4VrDfjY+XDnwyQdYTQLO K8F2nV6QG5N/orHVDwmFGZ74VGfNUvq/L0Mw8juUvArnHDiQBQWM8hCd/PgTLUDs IjkqKuWAUp8ZPRHYNQqR4oRFaL03THk2cdIPma9qAL9Azye2PeJe0OBUUstAX7wT U3Go3ocEwPwWID4Qcpy/7KE/yaRqeM9K3ClPNNKHXO9GsCgvCvK9mSQpA3DyLvw1 p1VUeGJ5Wpo3yYN1jQuw9ajDgW6bTolJAlHpotYGVje8dTIY5ejSfPca35RaKtug vuRibgnY86kZLyhiI3iku4q3dlJfERWrk3YjHJNwMtAoKKUIVjJw0EqGTdY= -----END CERTIFICATE-----Generated at Sun Aug 24 09:17:52 2025 by rpki-client