$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/O3r6KkRKQWzF88ZJ4iHeNVTkFRY.roa File: O3r6KkRKQWzF88ZJ4iHeNVTkFRY.roa (raw, json) Hash identifier: tqyAdXdgbwtiPHijNNoQk8vsp+qdc8/5+DI+B7S5NII= Subject key identifier: 3B:7A:FA:2A:44:4A:41:6C:C5:F3:C6:49:E2:21:DE:35:54:E4:15:16 Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Certificate serial: 0E1C Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/O3r6KkRKQWzF88ZJ4iHeNVTkFRY.roa Signing time: Fri 22 Aug 2025 09:00:52 +0000 ROA not before: Fri 22 Aug 2025 09:00:52 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131584 IP address blocks: 101.3.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3612 (0xe1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Validity Not Before: Aug 22 09:00:52 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3B7AFA2A444A416CC5F3C649E221DE3554E41516 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:5f:b9:0a:0a:19:5a:f9:74:85:f3:d0:d4:9c: ec:b8:05:fd:98:ae:4a:25:8a:58:2c:d1:50:2f:00: 1b:10:9a:a6:f1:4f:03:3c:14:6c:30:77:58:cd:88: 56:5d:0d:24:5a:0d:11:88:ae:3f:85:ed:d7:4d:24: c5:46:8e:ef:e0:8d:c5:fa:ae:87:26:4a:21:87:0d: f9:f0:5d:99:4e:6b:b0:91:44:58:bd:bd:38:74:98: c9:27:9c:29:d6:4e:67:2b:6a:62:98:33:ea:ea:d6: 5d:2c:a5:6d:61:21:15:a2:17:cd:c0:ca:37:ab:09: 92:5c:da:bf:e0:f3:4f:af:9d:f6:d1:9f:5c:be:32: 72:5c:ac:b7:97:f1:68:92:b1:17:d1:3a:d6:3d:3c: af:d1:a4:5f:7f:c5:54:e0:d4:a2:dc:b5:35:aa:ff: 19:74:4f:7c:fa:d5:e2:5e:f6:b7:46:61:27:ea:7b: b5:46:43:fe:43:91:5a:9b:e3:16:8f:8b:25:d9:78: 70:36:25:68:01:2c:17:16:83:c5:59:6f:14:12:3e: af:fd:d4:21:7f:7e:cb:31:eb:75:88:11:c2:73:d3: 21:06:c3:df:92:64:2b:c6:c4:61:fe:9d:23:a7:5b: 60:64:7f:40:47:35:10:c5:5c:59:94:29:ce:84:cc: ff:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:7A:FA:2A:44:4A:41:6C:C5:F3:C6:49:E2:21:DE:35:54:E4:15:16 X509v3 Authority Key Identifier: keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/O3r6KkRKQWzF88ZJ4iHeNVTkFRY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.3.0.0/16 Signature Algorithm: sha256WithRSAEncryption 07:a5:13:21:02:64:31:60:04:51:94:1a:e3:fc:bf:e3:74:1f: f5:63:a5:45:05:34:09:93:4e:49:21:e9:80:83:00:4d:e5:78: 7d:ad:8d:f6:b3:08:ff:5f:88:00:ea:99:f1:c1:76:98:6a:67: 12:c1:ec:35:8b:c0:b4:d1:c9:d1:f5:b5:52:55:95:06:41:01: 41:b1:8c:28:eb:b8:0a:5c:75:0c:75:32:54:97:8c:c2:de:0f: c3:b4:e2:79:c8:60:fc:0e:05:46:c0:b5:4a:34:8f:ed:89:91: 27:c4:e7:a7:b3:47:cd:49:cf:f6:70:d6:81:53:57:3a:7f:4c: a1:26:8a:29:3a:9e:b4:6f:7a:28:a3:13:2d:da:e6:ec:f0:9e: 7b:36:af:12:c9:7f:6f:2a:f8:00:b6:2c:8d:98:ac:40:e2:a1: ce:01:4a:3e:07:6c:33:13:ca:88:10:5d:61:2b:d5:09:f0:d4: a7:ce:14:7c:de:16:27:d9:03:32:a0:c2:a2:9c:c6:cb:96:dc: 8b:12:9f:c1:e0:ae:d4:66:52:a6:c0:ad:e0:d8:23:fc:00:34: ca:2b:da:28:02:fa:4e:1d:35:aa:50:1a:08:4c:67:89:d1:ab: a2:de:09:90:4c:f8:dc:c2:ec:e2:9b:f5:fc:97:eb:f3:c7:df: 4c:7e:9c:91 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDhwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1 NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTA4MjIw OTAwNTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNCN0FGQTJBNDQ0QTQx NkNDNUYzQzY0OUUyMjFERTM1NTRFNDE1MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7X7kKChla+XSF89DUnOy4Bf2Yrkolilgs0VAvABsQmqbxTwM8 FGwwd1jNiFZdDSRaDRGIrj+F7ddNJMVGju/gjcX6rocmSiGHDfnwXZlOa7CRRFi9 vTh0mMknnCnWTmcramKYM+rq1l0spW1hIRWiF83AyjerCZJc2r/g80+vnfbRn1y+ MnJcrLeX8WiSsRfROtY9PK/RpF9/xVTg1KLctTWq/xl0T3z61eJe9rdGYSfqe7VG Q/5DkVqb4xaPiyXZeHA2JWgBLBcWg8VZbxQSPq/91CF/fssx63WIEcJz0yEGw9+S ZCvGxGH+nSOnW2Bkf0BHNRDFXFmUKc6EzP8BAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUO3r6KkRKQWzF88ZJ4iHeNVTkFRYwHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83 NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L08zcjZLa1JLUVd6 Rjg4Wko0aUhlTlZUa0ZSWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwBlAzANBgkqhkiG9w0BAQsFAAOCAQEAB6UTIQJkMWAEUZQa4/y/43Qf9WOl RQU0CZNOSSHpgIMATeV4fa2N9rMI/1+IAOqZ8cF2mGpnEsHsNYvAtNHJ0fW1UlWV BkEBQbGMKOu4Clx1DHUyVJeMwt4Pw7Tiechg/A4FRsC1SjSP7YmRJ8Tnp7NHzUnP 9nDWgVNXOn9MoSaKKTqetG96KKMTLdrm7PCeezavEsl/byr4ALYsjZisQOKhzgFK PgdsMxPKiBBdYSvVCfDUp84UfN4WJ9kDMqDCopzGy5bcixKfweCu1GZSpsCt4Ngj /AA0yivaKAL6Th01qlAaCExnidGrot4JkEz43MLs4pv1/Jfr88ffTH6ckQ== -----END CERTIFICATE-----Generated at Sun Aug 24 09:17:52 2025 by rpki-client