$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/tiTZ7ris6dqYoo38VoHN72mEYac.roa File: tiTZ7ris6dqYoo38VoHN72mEYac.roa (raw, json) Hash identifier: dM/WvZFdtig7QlMjVZ+v0b9Y2p4wgEAkagzJz4eGORI= Subject key identifier: B6:24:D9:EE:B8:AC:E9:DA:98:A2:8D:FC:56:81:CD:EF:69:84:61:A7 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0FEE Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/tiTZ7ris6dqYoo38VoHN72mEYac.roa Signing time: Fri 22 Aug 2025 08:55:45 +0000 ROA not before: Fri 22 Aug 2025 08:55:45 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 1659 IP address blocks: 192.83.176.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4078 (0xfee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Aug 22 08:55:45 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=B624D9EEB8ACE9DA98A28DFC5681CDEF698461A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e3:a3:af:6b:56:ae:01:b1:30:48:0b:1c:31: 84:34:0c:6c:e1:2b:7a:04:5c:56:81:75:c3:41:8b: 32:c0:7e:64:96:2a:85:07:a8:6f:b0:00:6d:5b:bf: 74:a6:a5:b2:e7:c7:50:9b:25:25:95:c2:6d:d0:5f: 0b:3f:e7:a0:0b:3b:a2:6a:5c:f9:f9:de:58:9d:0d: 0c:52:56:63:7a:2c:c8:5a:16:95:df:c6:e8:bc:c9: 40:28:3c:d4:4d:55:c0:0c:93:b6:fd:f4:1e:50:34: 66:04:b2:e1:3c:7b:c7:66:79:26:08:a9:93:4e:7c: 0b:74:87:ea:fb:37:2f:cc:c3:64:db:b2:78:5c:cc: 05:43:00:41:44:ee:60:e0:f1:9d:cb:08:1f:8f:fe: 8e:4e:33:de:56:67:b2:4c:00:e1:14:7a:74:c2:a6: 29:b7:53:02:6c:46:8a:c7:71:77:79:5a:59:85:25: 39:46:fa:4b:f8:45:21:c1:f1:1a:5b:0d:5c:1e:48: b8:37:a5:e6:85:db:43:58:e3:3f:88:9c:ba:dd:d3: a7:2d:3d:92:9c:88:2a:cc:d5:67:a6:e0:e7:45:d5: 2d:0e:bd:74:48:77:b5:2a:6d:19:c8:ac:29:5e:28: 11:11:cf:03:76:ba:e7:fc:6f:3b:9b:fa:bc:49:af: 01:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:24:D9:EE:B8:AC:E9:DA:98:A2:8D:FC:56:81:CD:EF:69:84:61:A7 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/tiTZ7ris6dqYoo38VoHN72mEYac.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.83.176.0/20 Signature Algorithm: sha256WithRSAEncryption 4f:85:b1:d4:c6:78:b3:45:ea:65:4f:00:0f:e2:d3:07:bd:a8: 55:27:62:27:60:80:de:26:72:26:92:52:2c:43:0f:a5:78:a7: e4:e3:8e:fa:7c:cc:69:be:64:75:0e:c8:69:f9:00:7b:51:66: b0:e8:32:ac:4c:18:8b:eb:04:63:f1:1f:c5:6e:0d:79:66:13: 00:34:eb:36:c6:89:48:33:90:51:a1:fb:2c:9f:69:b0:3d:d2: e4:93:6d:fc:ff:7d:8c:b8:13:56:f5:ef:26:b8:78:0a:e5:ce: 1f:62:3c:46:3d:69:91:42:97:2a:f2:87:16:36:c7:0f:25:68: 71:2d:bf:bd:0a:fe:b0:86:f6:d3:75:49:f6:e7:9f:78:31:f0: 7d:98:b9:42:14:97:40:c0:60:ca:d6:c5:16:46:59:20:b1:23: 89:60:5e:b2:be:a7:2b:09:46:db:70:82:30:00:d6:3e:54:21: c2:0f:85:94:92:03:75:a2:53:30:f8:82:79:0f:14:36:6e:d0: 4b:65:cc:68:70:5d:54:a0:0d:85:1c:ed:7c:31:e5:94:1d:db: 2f:af:bf:03:98:e0:6f:88:59:08:13:cd:5c:e9:9e:2f:1a:9f: 81:ed:1b:f2:0f:72:4e:80:db:35:34:22:64:09:5b:bd:6a:4f: 88:8a:d2:59 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICD+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTA4MjIw ODU1NDVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEI2MjREOUVFQjhBQ0U5 REE5OEEyOERGQzU2ODFDREVGNjk4NDYxQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC746Ova1auAbEwSAscMYQ0DGzhK3oEXFaBdcNBizLAfmSWKoUH qG+wAG1bv3SmpbLnx1CbJSWVwm3QXws/56ALO6JqXPn53lidDQxSVmN6LMhaFpXf xui8yUAoPNRNVcAMk7b99B5QNGYEsuE8e8dmeSYIqZNOfAt0h+r7Ny/Mw2Tbsnhc zAVDAEFE7mDg8Z3LCB+P/o5OM95WZ7JMAOEUenTCpim3UwJsRorHcXd5WlmFJTlG +kv4RSHB8RpbDVweSLg3peaF20NY4z+InLrd06ctPZKciCrM1Wem4OdF1S0OvXRI d7UqbRnIrCleKBERzwN2uuf8bzub+rxJrwFjAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUtiTZ7ris6dqYoo38VoHN72mEYacwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC90aVRaN3JpczZkcVlvbzM4Vm9I TjcybUVZYWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwFOw MA0GCSqGSIb3DQEBCwUAA4IBAQBPhbHUxnizReplTwAP4tMHvahVJ2InYIDeJnIm klIsQw+leKfk4476fMxpvmR1Dshp+QB7UWaw6DKsTBiL6wRj8R/Fbg15ZhMANOs2 xolIM5BRofssn2mwPdLkk238/32MuBNW9e8muHgK5c4fYjxGPWmRQpcq8ocWNscP JWhxLb+9Cv6whvbTdUn25594MfB9mLlCFJdAwGDK1sUWRlkgsSOJYF6yvqcrCUbb cIIwANY+VCHCD4WUkgN1olMw+IJ5DxQ2btBLZcxocF1UoA2FHO18MeWUHdsvr78D mOBviFkIE81c6Z4vGp+B7RvyD3JOgNs1NCJkCVu9ak+IitJZ -----END CERTIFICATE-----Generated at Sun Aug 24 07:31:55 2025 by rpki-client