$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/xaZpfjEY94U4uz5NJCaJ8rF2uAU.roa File: xaZpfjEY94U4uz5NJCaJ8rF2uAU.roa (raw, json) Hash identifier: C5zZGUT29SFkUccfWpXhsuI4nFJfxGtSdByD47v++1A= Subject key identifier: C5:A6:69:7E:31:18:F7:85:38:BB:3E:4D:24:26:89:F2:B1:76:B8:05 Certificate issuer: /CN=B2CA39D8D17B10D97D5A51E0EA2F9FB1BC40CD90 Certificate serial: 0E73 Authority key identifier: B2:CA:39:D8:D1:7B:10:D9:7D:5A:51:E0:EA:2F:9F:B1:BC:40:CD:90 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/sso52NF7ENl9WlHg6i-fsbxAzZA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/xaZpfjEY94U4uz5NJCaJ8rF2uAU.roa Signing time: Fri 22 Aug 2025 08:50:17 +0000 ROA not before: Fri 22 Aug 2025 08:50:17 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24158 IP address blocks: 2402:7500::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/sso52NF7ENl9WlHg6i-fsbxAzZA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/sso52NF7ENl9WlHg6i-fsbxAzZA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/sso52NF7ENl9WlHg6i-fsbxAzZA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3699 (0xe73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B2CA39D8D17B10D97D5A51E0EA2F9FB1BC40CD90 Validity Not Before: Aug 22 08:50:17 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=C5A6697E3118F78538BB3E4D242689F2B176B805 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:30:33:54:f4:07:c2:31:dd:df:40:77:5e:85: fd:57:c9:44:c7:d6:af:d9:00:40:97:90:05:cd:f5: 4b:df:6f:a3:61:b2:4f:73:4e:90:8d:90:bf:d0:bc: 97:78:ce:ed:09:8f:4c:6d:b5:a2:2f:be:e7:29:3f: ee:d3:51:5d:50:b2:a7:35:21:9f:76:46:79:de:53: 1d:0b:65:59:9c:1c:bc:1b:01:87:d7:fc:47:5d:3a: c0:aa:63:87:28:a8:74:02:e7:ba:51:b3:34:d5:92: 4f:e5:6d:76:ef:f9:e9:60:b0:36:7d:c1:6f:9e:62: 94:5c:3d:70:63:45:ad:5c:77:25:7a:1c:c8:15:fe: 98:45:57:e8:5e:fc:76:32:d5:51:a1:31:00:93:43: d0:9d:9d:d8:1f:73:a7:d6:1f:d5:9c:ff:9d:7e:37: a3:d2:b8:0d:c5:bd:21:f8:ec:73:41:17:5d:f9:ad: ea:e2:87:61:17:e2:5c:e0:25:ec:07:5a:97:0a:92: ad:2e:7b:83:cf:24:bf:6a:af:ce:5f:67:6b:fc:f1: 19:28:27:6a:2f:43:70:13:1a:a5:01:f1:c7:ce:94: d7:88:54:94:fe:18:3e:10:84:54:06:05:6e:d2:b8: 81:c2:12:49:47:a5:07:f0:a2:92:37:9b:3a:88:ec: 43:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:A6:69:7E:31:18:F7:85:38:BB:3E:4D:24:26:89:F2:B1:76:B8:05 X509v3 Authority Key Identifier: keyid:B2:CA:39:D8:D1:7B:10:D9:7D:5A:51:E0:EA:2F:9F:B1:BC:40:CD:90 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/sso52NF7ENl9WlHg6i-fsbxAzZA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/sso52NF7ENl9WlHg6i-fsbxAzZA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/xaZpfjEY94U4uz5NJCaJ8rF2uAU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:7500::/32 Signature Algorithm: sha256WithRSAEncryption 4f:c1:7c:81:ab:8c:af:1c:1b:33:26:42:e8:2a:8b:4d:75:62: 28:99:30:d3:48:b6:b6:8e:aa:9b:9d:03:b2:57:16:e2:ea:0e: 00:94:b4:bf:5c:26:59:a3:aa:d2:ed:0c:5f:05:37:c1:22:47: bb:f7:24:21:36:a7:b6:1f:f9:36:fd:d2:9a:02:c0:66:34:5b: a8:0d:42:78:01:a0:c4:57:4f:8e:f6:34:27:9d:4a:73:40:49: 2c:60:37:04:2a:8a:1b:7b:89:0f:69:19:52:21:b0:d0:b3:cb: cb:3d:1a:ec:fc:e3:c2:c0:dd:c1:97:a8:7f:b6:6b:6a:6b:19: 55:5d:0b:a5:e2:11:99:d6:7b:eb:94:dc:61:32:b2:b9:d8:b8: 41:6a:cf:89:79:f9:d2:ee:36:8f:b5:ce:53:79:fe:db:df:58: 8f:cb:1d:09:4e:2a:6e:d8:cf:71:85:0d:c8:c9:d6:1f:75:3b: c2:8d:6e:67:fc:b5:a8:7e:9a:b3:ba:41:68:2a:74:cc:47:e4: fe:18:e8:74:ed:c4:09:0f:31:09:4b:80:3d:47:44:b3:96:29: 0d:ba:12:4f:63:72:66:09:7c:9b:0d:78:01:0a:1b:67:61:35: 28:df:5e:85:cb:35:b3:3e:a9:44:a3:af:f8:99:ab:d5:47:a1: 33:0c:c0:19 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgICDnMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjJD QTM5RDhEMTdCMTBEOTdENUE1MUUwRUEyRjlGQjFCQzQwQ0Q5MDAeFw0yNTA4MjIw ODUwMTdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEM1QTY2OTdFMzExOEY3 ODUzOEJCM0U0RDI0MjY4OUYyQjE3NkI4MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfMDNU9AfCMd3fQHdehf1XyUTH1q/ZAECXkAXN9Uvfb6Nhsk9z TpCNkL/QvJd4zu0Jj0xttaIvvucpP+7TUV1Qsqc1IZ92RnneUx0LZVmcHLwbAYfX /EddOsCqY4coqHQC57pRszTVkk/lbXbv+elgsDZ9wW+eYpRcPXBjRa1cdyV6HMgV /phFV+he/HYy1VGhMQCTQ9Cdndgfc6fWH9Wc/51+N6PSuA3FvSH47HNBF135reri h2EX4lzgJewHWpcKkq0ue4PPJL9qr85fZ2v88RkoJ2ovQ3ATGqUB8cfOlNeIVJT+ GD4QhFQGBW7SuIHCEklHpQfwopI3mzqI7EMfAgMBAAGjggH7MIIB9zAdBgNVHQ4E FgQUxaZpfjEY94U4uz5NJCaJ8rF2uAUwHwYDVR0jBBgwFoAUsso52NF7ENl9WlHg 6i+fsbxAzZAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBiBgNVHR8EWzBZMFeg VaBThlFyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJV0FO TU9CSUxFL3NzbzUyTkY3RU5sOVdsSGc2aS1mc2J4QXpaQS5jcmwwYAYIKwYBBQUH AQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtp L1RXTklDQ0Evc3NvNTJORjdFTmw5V2xIZzZpLWZzYnhBelpBLmNlcjAOBgNVHQ8B Af8EBAMCB4AwgaIGCCsGAQUFBwELBIGVMIGSMF0GCCsGAQUFBzALhlFyc3luYzov L3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJV0FOTU9CSUxFL3hhWnBm akVZOTRVNHV6NU5KQ2FKOHJGMnVBVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8v cnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAP MA0EAgACMAcDBQAkAnUAMA0GCSqGSIb3DQEBCwUAA4IBAQBPwXyBq4yvHBszJkLo KotNdWIomTDTSLa2jqqbnQOyVxbi6g4AlLS/XCZZo6rS7QxfBTfBIke79yQhNqe2 H/k2/dKaAsBmNFuoDUJ4AaDEV0+O9jQnnUpzQEksYDcEKoobe4kPaRlSIbDQs8vL PRrs/OPCwN3Bl6h/tmtqaxlVXQul4hGZ1nvrlNxhMrK52LhBas+JefnS7jaPtc5T ef7b31iPyx0JTipu2M9xhQ3IydYfdTvCjW5n/LWofpqzukFoKnTMR+T+GOh07cQJ DzEJS4A9R0SzlikNuhJPY3JmCXybDXgBChtnYTUo316FyzWzPqlEo6/4mavVR6Ez DMAZ -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:49 2025 by rpki-client