$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/O5xTCgFJC-eQnd3PKv33c2PUecU.roa File: O5xTCgFJC-eQnd3PKv33c2PUecU.roa (raw, json) Hash identifier: I8ngLyb+KeMNu+RicCYR/STTAaBKzz/2oCx5OOH4MB8= Subject key identifier: 3B:9C:53:0A:01:49:0B:E7:90:9D:DD:CF:2A:FD:F7:73:63:D4:79:C5 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0FFB Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/O5xTCgFJC-eQnd3PKv33c2PUecU.roa Signing time: Fri 22 Aug 2025 08:55:48 +0000 ROA not before: Fri 22 Aug 2025 08:55:48 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 1659 IP address blocks: 140.138.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4091 (0xffb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Aug 22 08:55:48 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3B9C530A01490BE7909DDDCF2AFDF77363D479C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:df:8a:1b:71:2f:ff:f9:77:ef:96:81:03:c5: 4b:08:cf:d7:79:5e:d5:00:90:dd:67:c6:9a:c3:7d: 32:51:41:33:2b:68:42:0e:12:48:a9:89:a4:2e:0e: 7c:37:97:58:81:09:7d:94:f1:1a:64:44:7e:60:89: 11:9e:f6:61:b0:28:b7:fa:98:f5:d9:fe:bf:fc:b6: 51:4a:75:26:e3:38:05:4e:ab:e3:29:fb:35:10:5f: 3c:fc:97:a2:99:78:b5:fa:a2:9c:c1:09:b5:19:c0: 1a:aa:44:73:23:76:cf:90:60:a4:86:ec:18:7d:7f: f7:2c:e4:a7:79:df:56:6a:f9:0c:9b:6a:01:21:44: 64:cf:03:19:90:63:56:67:bb:43:ec:2a:4e:cf:88: c0:a4:85:bb:59:e3:66:00:65:aa:15:3c:ae:16:a4: 3f:03:1e:6c:8f:1a:5d:84:48:3c:65:de:0e:06:e9: a2:d1:18:9e:a5:0f:a8:93:dc:4e:40:1b:dc:36:c9: a5:fd:0a:fb:66:6e:54:35:4c:43:11:d0:93:95:0e: 36:5a:1e:cd:18:4a:81:d2:ab:a3:ee:c9:e1:57:cb: e4:dc:29:5a:58:be:8f:9b:b3:42:92:aa:37:cd:f1: 55:f7:bb:8f:fa:32:56:49:11:2c:1d:7b:25:f4:78: 29:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:9C:53:0A:01:49:0B:E7:90:9D:DD:CF:2A:FD:F7:73:63:D4:79:C5 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/O5xTCgFJC-eQnd3PKv33c2PUecU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.138.0.0/16 Signature Algorithm: sha256WithRSAEncryption 04:39:c3:84:89:42:bb:45:32:1a:5c:8d:da:af:96:f4:02:89: 53:b7:b0:88:a7:60:49:0f:5a:d0:46:30:e6:5d:d7:0c:b4:e1: bc:7b:14:ff:c7:b1:c8:4b:c6:06:36:00:7f:c9:78:36:4a:d0: 74:da:29:6b:38:1d:ba:75:ff:cb:68:60:77:9a:eb:e6:88:ae: 32:51:80:c2:49:26:ce:df:3d:49:fd:76:de:26:af:54:1e:27: 30:22:e0:ec:ba:16:0b:ff:59:74:bb:d4:81:e5:83:da:a6:db: e6:c2:70:83:10:16:57:da:3d:d2:d3:a1:b0:e9:c6:77:61:f5: a8:2b:1b:c1:91:02:37:57:13:22:a9:d3:69:e1:eb:4a:5d:91: 40:90:88:9f:f6:a2:d0:5c:7b:ff:ed:a5:a7:4b:7f:67:97:c9: ea:1f:26:7a:cb:bc:a6:22:6d:3c:48:91:ef:b3:dd:a0:db:e9: 0c:87:61:5f:c6:6a:68:c7:1c:c6:d8:48:99:ef:10:68:1f:18: 49:13:94:30:95:2e:2f:87:03:13:2d:66:f0:22:fc:09:a8:03: 11:66:71:70:e4:cc:54:38:fb:a3:99:b4:a6:89:02:fb:0a:f6: c4:95:e0:0b:7e:f4:98:b0:0a:9a:05:e0:30:99:ef:0a:4d:35: ee:a9:d2:ea -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICD/swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTA4MjIw ODU1NDhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNCOUM1MzBBMDE0OTBC RTc5MDlERERDRjJBRkRGNzczNjNENDc5QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDK34obcS//+XfvloEDxUsIz9d5XtUAkN1nxprDfTJRQTMraEIO EkipiaQuDnw3l1iBCX2U8RpkRH5giRGe9mGwKLf6mPXZ/r/8tlFKdSbjOAVOq+Mp +zUQXzz8l6KZeLX6opzBCbUZwBqqRHMjds+QYKSG7Bh9f/cs5Kd531Zq+QybagEh RGTPAxmQY1Znu0PsKk7PiMCkhbtZ42YAZaoVPK4WpD8DHmyPGl2ESDxl3g4G6aLR GJ6lD6iT3E5AG9w2yaX9CvtmblQ1TEMR0JOVDjZaHs0YSoHSq6PuyeFXy+TcKVpY vo+bs0KSqjfN8VX3u4/6MlZJESwdeyX0eCm1AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUO5xTCgFJC+eQnd3PKv33c2PUecUwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9PNXhUQ2dGSkMtZVFuZDNQS3Yz M2MyUFVlY1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjIow DQYJKoZIhvcNAQELBQADggEBAAQ5w4SJQrtFMhpcjdqvlvQCiVO3sIinYEkPWtBG MOZd1wy04bx7FP/HschLxgY2AH/JeDZK0HTaKWs4Hbp1/8toYHea6+aIrjJRgMJJ Js7fPUn9dt4mr1QeJzAi4Oy6Fgv/WXS71IHlg9qm2+bCcIMQFlfaPdLTobDpxndh 9agrG8GRAjdXEyKp02nh60pdkUCQiJ/2otBce//tpadLf2eXyeofJnrLvKYibTxI ke+z3aDb6QyHYV/GamjHHMbYSJnvEGgfGEkTlDCVLi+HAxMtZvAi/AmoAxFmcXDk zFQ4+6OZtKaJAvsK9sSV4At+9JiwCpoF4DCZ7wpNNe6p0uo= -----END CERTIFICATE-----Generated at Sun Aug 24 07:26:38 2025 by rpki-client