$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/Q9BJS0YMraBZLG9wFGWG5q895Kg.roa File: Q9BJS0YMraBZLG9wFGWG5q895Kg.roa (raw, json) Hash identifier: gL7QAqhq3aXD+YZu4UWlCDDjwzzJMcgmvFd+g1Acxko= Subject key identifier: 43:D0:49:4B:46:0C:AD:A0:59:2C:6F:70:14:65:86:E6:AF:3D:E4:A8 Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 1068 Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/Q9BJS0YMraBZLG9wFGWG5q895Kg.roa Signing time: Fri 22 Aug 2025 08:55:27 +0000 ROA not before: Fri 22 Aug 2025 08:55:27 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17716 IP address blocks: 163.28.16.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4200 (0x1068) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 22 08:55:27 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=43D0494B460CADA0592C6F70146586E6AF3DE4A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:57:21:1f:7d:3f:32:ce:fe:8f:0d:3a:cc:8f: 63:e2:07:a4:35:92:b1:e8:c0:cf:d4:0d:f1:e2:9a: c2:17:03:cc:d1:e1:51:7b:5d:fa:9f:ee:9d:9a:fe: 4d:2e:0a:ab:93:d3:df:61:57:76:d9:f9:30:0b:32: 39:84:d1:43:a2:79:2d:1d:2c:1c:bf:ef:44:84:6d: aa:f3:c1:25:0f:b8:b1:77:5e:7e:04:d7:3b:99:e7: b4:d8:62:54:46:89:d4:98:8d:fe:69:2b:07:52:4d: c0:f5:51:5d:f3:e5:56:12:d0:31:35:44:29:28:60: 46:46:2e:2b:a0:c6:ec:2b:d6:40:2a:4e:5b:5e:ce: 0b:d8:08:0d:39:fc:d4:38:49:a2:f8:3e:aa:2f:46: e0:17:de:96:19:7f:06:63:65:7c:14:d9:50:c8:70: 00:d3:86:4e:91:9b:06:a6:91:19:40:ce:18:8e:a1: 58:0b:c6:df:be:69:52:2b:e3:16:25:4a:c3:46:eb: 90:eb:cf:75:46:87:cb:f7:0e:12:32:a5:a3:46:d1: 25:37:a4:76:01:8d:ad:a9:bc:7c:25:97:fa:28:9d: 5d:ea:29:f4:fc:00:ba:67:89:b2:4f:2b:34:f5:99: 62:47:39:d4:60:47:f1:78:86:f9:14:83:34:6b:2d: 39:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:D0:49:4B:46:0C:AD:A0:59:2C:6F:70:14:65:86:E6:AF:3D:E4:A8 X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/Q9BJS0YMraBZLG9wFGWG5q895Kg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 163.28.16.0/20 Signature Algorithm: sha256WithRSAEncryption b7:d8:8f:95:0b:30:81:fc:94:83:fa:00:94:6b:44:85:0e:34: 58:8c:e7:ba:6f:bf:c0:99:a4:c2:dc:6c:08:8a:94:eb:c9:f4: fd:fa:39:14:11:a2:6e:44:45:2b:a6:3e:88:61:4d:40:c1:79: eb:eb:84:8b:ba:41:4e:83:29:65:2f:db:5c:da:30:94:0e:c8: 3f:b5:a8:f7:54:6c:19:ce:3c:b0:5f:6c:ab:7f:c2:5b:07:e7: f4:f4:36:d9:e1:d8:fc:2f:09:d4:31:1a:b4:8a:fd:9d:eb:d4: d0:fd:c7:46:d7:07:bf:3c:d5:3d:25:86:77:9e:87:ca:13:b9: 31:51:07:15:9b:46:e3:d6:ef:3d:68:6d:15:f7:a6:c3:d0:7c: 01:65:71:79:a7:cd:60:4a:89:d9:41:3f:5f:ca:db:64:29:58: a9:8d:2c:d6:41:eb:c9:d0:a3:2c:a2:69:56:22:92:56:bd:45: 0b:68:14:58:22:79:06:9d:46:bc:bb:9b:3b:17:8f:c3:3b:d5: d8:1f:88:1f:d3:2a:3c:e3:bf:03:28:92:8c:1c:ca:68:cc:b6: 09:d1:7b:33:80:89:a8:32:9c:42:8d:ac:9a:07:2e:c6:ea:28: bc:d4:9e:18:62:86:46:d9:d0:41:c4:bf:e4:0e:80:12:68:43: 9f:51:84:bc -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEGgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNTA4MjIw ODU1MjdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQzRDA0OTRCNDYwQ0FE QTA1OTJDNkY3MDE0NjU4NkU2QUYzREU0QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjVyEffT8yzv6PDTrMj2PiB6Q1krHowM/UDfHimsIXA8zR4VF7 Xfqf7p2a/k0uCquT099hV3bZ+TALMjmE0UOieS0dLBy/70SEbarzwSUPuLF3Xn4E 1zuZ57TYYlRGidSYjf5pKwdSTcD1UV3z5VYS0DE1RCkoYEZGLiugxuwr1kAqTlte zgvYCA05/NQ4SaL4PqovRuAX3pYZfwZjZXwU2VDIcADThk6RmwamkRlAzhiOoVgL xt++aVIr4xYlSsNG65Drz3VGh8v3DhIypaNG0SU3pHYBja2pvHwll/oonV3qKfT8 ALpnibJPKzT1mWJHOdRgR/F4hvkUgzRrLTm1AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUQ9BJS0YMraBZLG9wFGWG5q895KgwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9ROUJKUzBZTXJhQlpMRzl3RkdX RzVxODk1S2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEoxwQ MA0GCSqGSIb3DQEBCwUAA4IBAQC32I+VCzCB/JSD+gCUa0SFDjRYjOe6b7/AmaTC 3GwIipTryfT9+jkUEaJuREUrpj6IYU1AwXnr64SLukFOgyllL9tc2jCUDsg/taj3 VGwZzjywX2yrf8JbB+f09DbZ4dj8LwnUMRq0iv2d69TQ/cdG1we/PNU9JYZ3nofK E7kxUQcVm0bj1u89aG0V96bD0HwBZXF5p81gSonZQT9fyttkKVipjSzWQevJ0KMs omlWIpJWvUULaBRYInkGnUa8u5s7F4/DO9XYH4gf0yo8478DKJKMHMpozLYJ0Xsz gImoMpxCjayaBy7G6ii81J4YYoZG2dBBxL/kDoASaEOfUYS8 -----END CERTIFICATE-----Generated at Sun Aug 24 13:42:16 2025 by rpki-client