$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/AaqI9dLMB5PCljrHn7_m7KKB76I.roa File: AaqI9dLMB5PCljrHn7_m7KKB76I.roa (raw, json) Hash identifier: 8S3WL4tHeP0lGUCL4k8cGHAlLVnCHokakNLJ6Vedpqg= Subject key identifier: 01:AA:88:F5:D2:CC:07:93:C2:96:3A:C7:9F:BF:E6:EC:A2:81:EF:A2 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0FDF Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/AaqI9dLMB5PCljrHn7_m7KKB76I.roa Signing time: Fri 22 Aug 2025 08:55:42 +0000 ROA not before: Fri 22 Aug 2025 08:55:42 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 1659 IP address blocks: 140.134.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4063 (0xfdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Aug 22 08:55:42 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=01AA88F5D2CC0793C2963AC79FBFE6ECA281EFA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e9:21:8f:de:f1:b7:d0:5d:00:b5:0d:d6:10: 33:39:e1:23:81:41:9b:57:9a:7e:97:cf:9e:34:6e: ef:3f:5e:73:69:a3:d6:f5:5b:98:ae:b9:bc:5b:d3: 2d:0a:59:22:1a:6a:0c:f9:36:e6:b7:9d:a3:40:4b: 46:ca:0e:24:08:a7:25:89:f1:dd:0b:52:88:38:01: 23:fd:c5:4c:97:a7:d9:a2:cd:df:a8:be:a2:f0:9e: d1:6c:b7:15:f1:de:f5:93:80:ba:c9:49:b4:bb:db: 2b:17:e9:ea:60:3e:69:98:01:7f:35:71:8a:5e:ce: 15:50:b4:22:fe:62:b6:78:00:60:63:b7:e3:8f:75: 42:08:5c:d9:10:50:b1:f4:fc:7d:35:76:10:fb:57: 3f:81:c2:3b:bd:b2:9c:df:40:76:2f:4a:69:f9:3d: 29:ab:c9:dc:9a:d1:34:6f:5c:45:71:f0:2e:2f:ef: 5e:72:fe:fe:b9:96:33:e3:bf:29:a0:f9:c3:20:66: 3e:04:8c:3b:10:aa:98:78:4e:0b:bb:22:ac:ae:c4: 62:fa:b6:ac:fb:ab:80:28:f8:e7:d5:b1:c6:a3:96: f2:51:04:a7:4b:f9:8b:e5:8c:7c:cf:8f:dd:62:90: d9:b9:fa:5c:d7:77:ad:22:1f:50:00:25:77:a7:df: 88:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:AA:88:F5:D2:CC:07:93:C2:96:3A:C7:9F:BF:E6:EC:A2:81:EF:A2 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/AaqI9dLMB5PCljrHn7_m7KKB76I.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.134.0.0/16 Signature Algorithm: sha256WithRSAEncryption 26:d3:65:b3:2a:55:4c:cb:19:aa:b1:89:98:82:48:b1:15:67: ed:92:8b:4d:b7:56:aa:61:5a:d1:6b:8a:6a:50:40:33:70:a1: 0a:4b:fb:8e:15:8d:d2:f5:3c:28:6a:f9:c8:03:cb:2e:6c:f9: 8f:1a:d1:15:2e:5c:06:35:91:fe:ba:62:53:81:5b:ea:0c:6f: d5:f9:26:44:c3:7f:2e:8d:6c:0b:a8:9f:60:3f:ae:40:0a:9c: bc:61:28:fa:8e:76:36:c4:d9:91:b7:ce:3c:cd:d2:6e:12:04: 5d:3b:14:03:9c:cb:67:71:04:67:0f:10:8b:60:ac:3a:e3:f1: 15:9c:66:7a:02:99:0f:25:0d:5f:73:8d:f8:da:91:37:18:40: d0:78:05:56:de:69:76:dc:69:3f:90:3e:f6:3b:c8:f5:65:79: 0c:c3:79:eb:2c:4c:44:68:0d:e8:a5:24:73:18:23:2c:8e:76: 1f:27:45:fd:1d:fc:b2:30:30:c2:49:32:74:e4:e8:5a:7f:f1: e1:a2:30:07:eb:13:84:6d:70:c7:57:88:64:a7:46:d2:02:bb: 57:0f:c9:4c:a6:f1:30:db:0d:d9:6f:9f:07:89:bd:63:58:5e: c9:07:cd:5c:be:e3:06:2f:a5:8d:b3:31:e5:5b:99:3f:81:9e: 73:c1:21:e9 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICD98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTA4MjIw ODU1NDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDAxQUE4OEY1RDJDQzA3 OTNDMjk2M0FDNzlGQkZFNkVDQTI4MUVGQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCb6SGP3vG30F0AtQ3WEDM54SOBQZtXmn6Xz540bu8/XnNpo9b1 W5iuubxb0y0KWSIaagz5Nua3naNAS0bKDiQIpyWJ8d0LUog4ASP9xUyXp9mizd+o vqLwntFstxXx3vWTgLrJSbS72ysX6epgPmmYAX81cYpezhVQtCL+YrZ4AGBjt+OP dUIIXNkQULH0/H01dhD7Vz+Bwju9spzfQHYvSmn5PSmrydya0TRvXEVx8C4v715y /v65ljPjvymg+cMgZj4EjDsQqph4Tgu7IqyuxGL6tqz7q4Ao+OfVscajlvJRBKdL +YvljHzPj91ikNm5+lzXd60iH1AAJXen34inAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUAaqI9dLMB5PCljrHn7/m7KKB76IwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9BYXFJOWRMTUI1UENsanJIbjdf bTdLS0I3Nkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjIYw DQYJKoZIhvcNAQELBQADggEBACbTZbMqVUzLGaqxiZiCSLEVZ+2Si023VqphWtFr impQQDNwoQpL+44VjdL1PChq+cgDyy5s+Y8a0RUuXAY1kf66YlOBW+oMb9X5JkTD fy6NbAuon2A/rkAKnLxhKPqOdjbE2ZG3zjzN0m4SBF07FAOcy2dxBGcPEItgrDrj 8RWcZnoCmQ8lDV9zjfjakTcYQNB4BVbeaXbcaT+QPvY7yPVleQzDeessTERoDeil JHMYIyyOdh8nRf0d/LIwMMJJMnTk6Fp/8eGiMAfrE4RtcMdXiGSnRtICu1cPyUym 8TDbDdlvnweJvWNYXskHzVy+4wYvpY2zMeVbmT+BnnPBIek= -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:46 2025 by rpki-client