$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/Xlw4QY8ltKsnDb2JuEtjDl-2qTE.roa File: Xlw4QY8ltKsnDb2JuEtjDl-2qTE.roa (raw, json) Hash identifier: 2lhgByYqNZX2Xl7PkF5BS0I90cvwswCQe1a6qHDTvNs= Subject key identifier: 5E:5C:38:41:8F:25:B4:AB:27:0D:BD:89:B8:4B:63:0E:5F:B6:A9:31 Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Certificate serial: 0E1A Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/Xlw4QY8ltKsnDb2JuEtjDl-2qTE.roa Signing time: Fri 22 Aug 2025 09:00:51 +0000 ROA not before: Fri 22 Aug 2025 09:00:51 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131584 IP address blocks: 103.31.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3610 (0xe1a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Validity Not Before: Aug 22 09:00:51 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=5E5C38418F25B4AB270DBD89B84B630E5FB6A931 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:83:2e:bc:70:d4:6a:a0:9a:a0:d5:e0:c1:57: 49:56:57:b3:8c:05:52:94:96:aa:ec:7e:41:7b:1d: ab:c0:57:74:9a:4a:48:8a:ab:2b:78:4b:45:a3:e1: 8f:19:f1:bf:98:76:21:2e:4f:66:5f:2b:29:71:52: 2f:24:51:91:11:ef:16:7f:c5:51:69:ac:80:22:30: b7:fe:d4:f2:5c:01:94:a4:ee:58:ec:c2:a3:3c:b0: 1e:5c:d6:b2:ce:75:f4:64:ba:c9:ef:df:4a:f1:07: 02:72:85:2d:f6:3c:05:5b:9e:c8:c3:f5:61:a4:5d: 33:ae:ed:3f:fc:dd:81:2d:f3:3a:f0:cd:ea:69:e4: 2d:bf:78:d4:84:a0:a3:0a:20:11:1e:48:9c:26:b0: 1b:8f:fc:09:77:9e:80:e2:0b:88:ac:0a:fc:9d:cb: d3:2f:3b:a6:23:f3:06:a3:95:68:66:fd:29:ff:9c: 51:9b:0d:a1:39:c3:4c:98:95:e6:02:b6:1a:73:e7: 1d:e9:20:df:d7:f0:8d:37:e8:27:b1:df:aa:f6:75: 54:4c:fc:7b:20:3b:7e:17:8e:69:c9:00:06:02:bd: 87:21:1c:8e:35:ec:7c:c5:62:18:98:da:c9:b7:d3: 28:99:73:ac:2b:83:22:8f:22:e7:01:26:d9:56:83: b8:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:5C:38:41:8F:25:B4:AB:27:0D:BD:89:B8:4B:63:0E:5F:B6:A9:31 X509v3 Authority Key Identifier: keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/Xlw4QY8ltKsnDb2JuEtjDl-2qTE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.31.196.0/22 Signature Algorithm: sha256WithRSAEncryption 7f:5d:d7:0a:24:47:57:50:9b:f6:5f:f3:d2:a1:77:d5:ec:7d: 85:d9:01:4f:c1:8f:bd:0e:db:7e:da:22:7d:0e:82:01:63:e1: 31:01:70:9b:91:24:56:af:72:89:c9:e2:11:a4:de:18:e7:58: 20:72:69:4f:c3:3d:81:65:fc:35:6a:d2:fd:40:9b:6a:ae:69: 34:a1:87:0b:c8:6d:e9:aa:0a:5e:26:a3:10:9d:0c:62:e8:fa: f0:63:85:dc:2b:c5:c7:53:8e:92:1f:5e:21:e2:e7:ed:69:75: fb:a6:f6:38:9a:f1:c5:4a:16:15:64:9a:0a:2d:e9:c8:a4:00: 4d:c5:a1:46:0a:72:76:11:be:13:7c:03:a3:ab:03:00:28:29: 66:5b:99:d1:16:43:de:41:2e:01:2f:7b:04:a3:90:32:af:68: 9c:5b:19:1c:24:b1:e7:8a:df:9d:90:6f:bd:ff:16:0e:8e:0c: 64:c9:41:ee:0e:9b:48:44:b8:80:0c:47:7d:f9:95:d0:11:a7: 47:12:85:bf:31:d4:96:03:80:43:a0:82:1b:be:bc:fc:c5:db: 3b:5f:e6:6e:ed:11:b3:86:aa:a6:05:9a:70:a9:5d:8b:70:b2: 1c:f0:5f:5c:67:0f:0b:f5:10:cb:cd:21:7d:6e:5c:7e:5e:51: 4e:75:ea:ba -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1 NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTA4MjIw OTAwNTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDVFNUMzODQxOEYyNUI0 QUIyNzBEQkQ4OUI4NEI2MzBFNUZCNkE5MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwgy68cNRqoJqg1eDBV0lWV7OMBVKUlqrsfkF7HavAV3SaSkiK qyt4S0Wj4Y8Z8b+YdiEuT2ZfKylxUi8kUZER7xZ/xVFprIAiMLf+1PJcAZSk7ljs wqM8sB5c1rLOdfRkusnv30rxBwJyhS32PAVbnsjD9WGkXTOu7T/83YEt8zrwzepp 5C2/eNSEoKMKIBEeSJwmsBuP/Al3noDiC4isCvydy9MvO6Yj8wajlWhm/Sn/nFGb DaE5w0yYleYCthpz5x3pIN/X8I036Cex36r2dVRM/HsgO34XjmnJAAYCvYchHI41 7HzFYhiY2sm30yiZc6wrgyKPIucBJtlWg7jTAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUXlw4QY8ltKsnDb2JuEtjDl+2qTEwHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83 NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L1hsdzRRWThsdEtz bkRiMkp1RXRqRGwtMnFURS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAJnH8QwDQYJKoZIhvcNAQELBQADggEBAH9d1wokR1dQm/Zf89Khd9XsfYXZ AU/Bj70O237aIn0OggFj4TEBcJuRJFavconJ4hGk3hjnWCByaU/DPYFl/DVq0v1A m2quaTShhwvIbemqCl4moxCdDGLo+vBjhdwrxcdTjpIfXiHi5+1pdfum9jia8cVK FhVkmgot6cikAE3FoUYKcnYRvhN8A6OrAwAoKWZbmdEWQ95BLgEvewSjkDKvaJxb GRwkseeK352Qb73/Fg6ODGTJQe4Om0hEuIAMR335ldARp0cShb8x1JYDgEOgghu+ vPzF2ztf5m7tEbOGqqYFmnCpXYtwshzwX1xnDwv1EMvNIX1uXH5eUU516ro= -----END CERTIFICATE-----Generated at Sun Aug 24 09:17:41 2025 by rpki-client