$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/T8grVSgCOVd9RlLOquTWnWZteWM.roa File: T8grVSgCOVd9RlLOquTWnWZteWM.roa (raw, json) Hash identifier: JdFJgdgJ3bH0879cnOADFivV54HW8aRE/2pH2wTgGnE= Subject key identifier: 4F:C8:2B:55:28:02:39:57:7D:46:52:CE:AA:E4:D6:9D:66:6D:79:63 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0FDE Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/T8grVSgCOVd9RlLOquTWnWZteWM.roa Signing time: Fri 22 Aug 2025 08:55:42 +0000 ROA not before: Fri 22 Aug 2025 08:55:42 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 1659 IP address blocks: 140.135.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4062 (0xfde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Aug 22 08:55:42 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=4FC82B55280239577D4652CEAAE4D69D666D7963 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c9:e6:d1:02:99:52:95:c7:55:79:a0:b0:73: 1d:c3:40:46:98:54:46:f4:7d:ee:47:0f:17:ce:27: 1e:f9:d8:37:c0:a8:6d:0a:29:dd:7b:53:c9:66:b2: cf:57:8a:fb:e1:6a:e2:79:52:63:dd:59:68:36:e4: 0c:1e:f1:9f:7d:90:42:c9:42:92:e9:07:ce:5d:0b: e5:95:76:97:79:c1:a1:b5:af:60:0c:96:7f:4e:e9: a1:f0:d9:51:44:b6:90:82:49:25:76:9e:cf:99:e9: 22:03:05:d6:ad:d5:23:c2:2f:48:86:8b:79:bb:4d: e2:09:52:66:04:65:a5:b5:83:19:c1:81:59:e5:19: 0d:01:90:c0:99:78:e5:a6:e7:9c:1d:8c:81:94:7a: be:93:47:1a:28:79:bc:e0:3f:73:71:9f:3f:1d:13: 1a:82:13:d7:3c:c2:a2:05:2b:3c:11:70:b3:be:00: da:35:ff:df:02:2e:f0:a3:37:c9:49:15:ba:eb:74: db:9a:f8:d4:10:12:46:8b:bf:e2:cd:9b:f2:ec:a9: 0d:ba:15:18:e9:fc:69:cf:f7:b1:2f:27:b8:e8:92: 14:c3:bb:1f:df:55:f4:ee:e5:95:3b:40:d4:2a:81: 2c:0a:26:82:71:7e:66:19:5f:3e:e4:34:b1:3a:a7: 32:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:C8:2B:55:28:02:39:57:7D:46:52:CE:AA:E4:D6:9D:66:6D:79:63 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/T8grVSgCOVd9RlLOquTWnWZteWM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.135.0.0/16 Signature Algorithm: sha256WithRSAEncryption 50:22:46:e2:bf:82:a5:20:e8:7a:10:6a:a3:1e:20:b7:7b:67: b2:6c:39:fa:1b:f7:c9:33:45:7d:58:71:bd:2b:29:cd:93:75: aa:64:96:67:a5:15:fe:73:43:e1:4b:84:ff:fc:c1:18:b8:1d: 78:66:b3:91:3c:71:30:88:e0:c7:fe:1d:c1:4b:a5:29:95:f3: 2d:98:37:a0:b4:65:5c:af:36:c2:76:a8:0e:09:bd:43:21:51: 84:ca:d9:4c:95:42:a6:67:48:71:6d:08:02:69:3b:4d:94:3a: 9d:c5:ff:2a:54:e6:c9:2a:7e:07:5c:2d:ef:c0:34:6e:d3:e9: 49:a5:fe:05:4b:ac:f7:18:fe:f2:c5:d2:c9:a0:bf:5a:f2:42: fe:8a:9d:4a:cf:88:ad:a2:db:78:2e:fa:d1:8d:1d:95:6e:50: 28:bd:68:2d:11:25:93:18:d5:d5:be:ef:7f:1c:14:8e:b9:4a: 00:3b:7b:fd:ff:ad:e8:c8:3a:38:f2:d5:6a:22:93:ea:e7:2a: c4:68:42:0d:92:c1:26:3f:85:67:97:45:6e:33:dc:03:39:14: 22:3c:90:1a:bb:be:bc:63:ef:40:14:e7:3b:1f:0d:d0:a5:7c: 1e:32:9b:a4:76:24:8a:f9:4b:5c:05:af:dd:ef:f9:57:33:ba: c4:0e:aa:78 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICD94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTA4MjIw ODU1NDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDRGQzgyQjU1MjgwMjM5 NTc3RDQ2NTJDRUFBRTRENjlENjY2RDc5NjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1yebRAplSlcdVeaCwcx3DQEaYVEb0fe5HDxfOJx752DfAqG0K Kd17U8lmss9XivvhauJ5UmPdWWg25Awe8Z99kELJQpLpB85dC+WVdpd5waG1r2AM ln9O6aHw2VFEtpCCSSV2ns+Z6SIDBdat1SPCL0iGi3m7TeIJUmYEZaW1gxnBgVnl GQ0BkMCZeOWm55wdjIGUer6TRxooebzgP3Nxnz8dExqCE9c8wqIFKzwRcLO+ANo1 /98CLvCjN8lJFbrrdNua+NQQEkaLv+LNm/LsqQ26FRjp/GnP97EvJ7jokhTDux/f VfTu5ZU7QNQqgSwKJoJxfmYZXz7kNLE6pzJLAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUT8grVSgCOVd9RlLOquTWnWZteWMwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9UOGdyVlNnQ09WZDlSbExPcXVU V25XWnRlV00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjIcw DQYJKoZIhvcNAQELBQADggEBAFAiRuK/gqUg6HoQaqMeILd7Z7JsOfob98kzRX1Y cb0rKc2TdapklmelFf5zQ+FLhP/8wRi4HXhms5E8cTCI4Mf+HcFLpSmV8y2YN6C0 ZVyvNsJ2qA4JvUMhUYTK2UyVQqZnSHFtCAJpO02UOp3F/ypU5skqfgdcLe/ANG7T 6Uml/gVLrPcY/vLF0smgv1ryQv6KnUrPiK2i23gu+tGNHZVuUCi9aC0RJZMY1dW+ 738cFI65SgA7e/3/rejIOjjy1Woik+rnKsRoQg2SwSY/hWeXRW4z3AM5FCI8kBq7 vrxj70AU5zsfDdClfB4ym6R2JIr5S1wFr93v+VczusQOqng= -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:19 2025 by rpki-client