$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/kLiQCx8n_hNTtyfJRj8NgvmApvo.roa File: kLiQCx8n_hNTtyfJRj8NgvmApvo.roa (raw, json) Hash identifier: XwnpM4Jf3VinfWk0Z3GeCwtkrYQXhy+FcKsRbFvSDKw= Subject key identifier: 90:B8:90:0B:1F:27:FE:13:53:B7:27:C9:46:3F:0D:82:F9:80:A6:FA Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Certificate serial: 0E1B Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/kLiQCx8n_hNTtyfJRj8NgvmApvo.roa Signing time: Fri 22 Aug 2025 09:00:52 +0000 ROA not before: Fri 22 Aug 2025 09:00:52 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131627 IP address blocks: 101.3.160.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3611 (0xe1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Validity Not Before: Aug 22 09:00:52 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=90B8900B1F27FE1353B727C9463F0D82F980A6FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:91:50:83:1e:ec:09:7e:40:9c:18:2e:56:a8: 37:4a:5a:24:a7:35:71:13:9e:6a:83:10:ce:df:a9: 06:db:43:bc:aa:51:57:60:a1:e7:5d:bc:04:e8:24: 09:5e:e0:0e:d9:07:83:a7:f0:54:1e:06:f0:93:ca: 8d:ef:ce:e9:5d:7b:d8:68:7b:8b:f6:dc:d2:10:a5: bc:70:47:bf:a7:54:95:db:5a:90:19:15:70:4e:60: e0:ca:f0:48:08:6a:41:4a:d7:9f:3e:7b:6e:76:16: 4e:78:61:ef:a0:1a:42:5a:2c:5c:ad:2e:06:ce:a5: 82:08:c8:ed:46:ad:4d:1c:4f:af:e5:a4:b7:d1:7d: ad:a2:fa:82:6c:9e:8b:80:19:48:d8:75:82:f6:13: 5c:7d:bc:f1:d6:31:30:12:2f:ac:75:21:40:93:f5: 45:28:a8:05:99:5c:bd:9c:94:95:1b:8c:7b:34:ef: 17:25:13:e5:64:26:e4:d5:94:7a:16:fb:57:10:e9: c6:97:6a:c5:b7:d2:1e:0b:a7:ce:c2:71:34:7a:60: 2e:57:67:19:11:ef:ad:6c:c2:58:05:ac:c5:1d:59: 94:f4:5a:e3:88:51:40:15:fc:9b:bd:65:11:85:e5: d8:f5:71:08:64:3a:7c:b0:35:8b:fe:47:43:b4:86: f7:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:B8:90:0B:1F:27:FE:13:53:B7:27:C9:46:3F:0D:82:F9:80:A6:FA X509v3 Authority Key Identifier: keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/kLiQCx8n_hNTtyfJRj8NgvmApvo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.3.160.0/23 Signature Algorithm: sha256WithRSAEncryption 90:5f:7b:c9:21:36:a4:5e:82:84:75:17:f3:a2:2e:95:a5:75: 2e:1e:b6:93:38:7b:93:d8:05:78:05:4f:5c:9b:e9:03:f3:42: 08:a4:37:48:8a:4e:a0:40:c0:7d:9b:98:20:c2:72:19:c0:df: b3:46:5c:eb:9b:18:a8:10:67:81:56:a6:37:5d:bd:ca:5a:9a: 96:99:03:33:10:f6:13:03:ee:56:ba:f0:3e:9e:2a:12:2d:2d: d6:c7:33:10:bb:6c:14:25:bb:f0:d6:5c:7d:ba:27:ad:ad:92: 8d:53:49:4d:82:4b:46:4f:6d:21:0c:a5:a3:8c:b3:0f:0d:c3: e7:d9:cc:e8:24:84:28:0f:cb:0c:34:3a:c4:e4:a0:20:86:53: 67:43:b2:e7:41:c2:e2:1c:2d:10:07:f5:b9:22:e3:b8:34:8d: 8a:74:17:85:0f:c3:85:90:e5:92:fc:ae:c5:1a:6a:4f:18:5a: 2a:70:da:06:20:85:94:d1:ad:88:d9:c8:7b:5e:e9:f5:10:0a: b3:d1:8e:01:62:53:70:4f:93:31:bf:d3:e7:cd:1e:47:7b:d1: 02:ea:f4:e8:06:e3:78:ce:3d:16:c9:54:c6:c9:20:e6:54:ad: 42:3e:bb:b2:b4:e7:3d:0c:1a:45:2e:df:1e:61:1f:62:77:a6: 65:de:d7:0a -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1 NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTA4MjIw OTAwNTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDkwQjg5MDBCMUYyN0ZF MTM1M0I3MjdDOTQ2M0YwRDgyRjk4MEE2RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3kVCDHuwJfkCcGC5WqDdKWiSnNXETnmqDEM7fqQbbQ7yqUVdg oeddvAToJAle4A7ZB4On8FQeBvCTyo3vzulde9hoe4v23NIQpbxwR7+nVJXbWpAZ FXBOYODK8EgIakFK158+e252Fk54Ye+gGkJaLFytLgbOpYIIyO1GrU0cT6/lpLfR fa2i+oJsnouAGUjYdYL2E1x9vPHWMTASL6x1IUCT9UUoqAWZXL2clJUbjHs07xcl E+VkJuTVlHoW+1cQ6caXasW30h4Lp87CcTR6YC5XZxkR761swlgFrMUdWZT0WuOI UUAV/Ju9ZRGF5dj1cQhkOnywNYv+R0O0hvcDAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUkLiQCx8n/hNTtyfJRj8NgvmApvowHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83 NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L2tMaVFDeDhuX2hO VHR5ZkpSajhOZ3ZtQXB2by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAFlA6AwDQYJKoZIhvcNAQELBQADggEBAJBfe8khNqRegoR1F/OiLpWldS4e tpM4e5PYBXgFT1yb6QPzQgikN0iKTqBAwH2bmCDCchnA37NGXOubGKgQZ4FWpjdd vcpampaZAzMQ9hMD7la68D6eKhItLdbHMxC7bBQlu/DWXH26J62tko1TSU2CS0ZP bSEMpaOMsw8Nw+fZzOgkhCgPyww0OsTkoCCGU2dDsudBwuIcLRAH9bki47g0jYp0 F4UPw4WQ5ZL8rsUaak8YWipw2gYghZTRrYjZyHte6fUQCrPRjgFiU3BPkzG/0+fN Hkd70QLq9OgG43jOPRbJVMbJIOZUrUI+u7K05z0MGkUu3x5hH2J3pmXe1wo= -----END CERTIFICATE-----Generated at Sun Aug 24 09:16:22 2025 by rpki-client