$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/xTOSjk3nSurMsAlbGcgONHFmxEo.roa File: xTOSjk3nSurMsAlbGcgONHFmxEo.roa (raw, json) Hash identifier: 7fjZE8cqolcw4+VlwxWLAWTcvgtHsrD/+8p4ZjYSay0= Subject key identifier: C5:33:92:8E:4D:E7:4A:EA:CC:B0:09:5B:19:C8:0E:34:71:66:C4:4A Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 1088 Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/xTOSjk3nSurMsAlbGcgONHFmxEo.roa Signing time: Fri 22 Aug 2025 08:55:34 +0000 ROA not before: Fri 22 Aug 2025 08:55:34 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 1659 IP address blocks: 163.14.0.0/15 maxlen: 15 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4232 (0x1088) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 22 08:55:34 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=C533928E4DE74AEACCB0095B19C80E347166C44A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:d8:d3:4a:9c:8d:73:1c:b3:b7:4e:8b:87:35: 10:8f:db:86:7c:a2:84:4f:99:fb:8c:60:45:5f:9a: 8d:73:86:42:bc:5a:c6:d2:44:03:fd:bc:26:0e:84: 04:54:d0:e9:21:f7:92:3f:09:11:34:1f:40:01:da: 78:51:74:27:6c:2e:d0:f4:25:d3:1c:2f:f1:61:f8: c2:37:e3:19:6a:81:cc:d3:3d:dc:e8:fb:13:10:3c: f6:d2:b3:90:d2:c7:04:0b:a7:05:d6:c4:fd:2d:06: ee:87:f1:0f:6d:44:3c:40:2a:b7:95:34:fb:1a:20: dd:c0:a6:6e:60:b1:ba:af:c9:90:66:c0:78:04:cb: 37:74:4a:6f:5a:bd:f9:52:00:c9:b1:9f:8b:d5:99: aa:b4:c1:f8:ac:a6:00:3f:e0:97:ee:8a:a7:7f:d6: 7c:51:5e:df:62:83:77:33:e0:89:86:51:76:bc:de: ad:78:75:c8:62:c6:86:e7:69:db:22:32:3b:5e:c2: da:bf:a7:3a:4b:a1:0e:67:70:79:dc:57:4c:bd:53: ca:80:cb:21:d5:b2:f4:73:ea:d0:af:91:df:30:e6: 58:c2:7e:5a:fe:4d:7b:49:63:e5:12:66:46:de:4a: 7e:7c:cf:6f:33:ff:16:72:26:dd:de:1d:1d:61:11: e4:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:33:92:8E:4D:E7:4A:EA:CC:B0:09:5B:19:C8:0E:34:71:66:C4:4A X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/xTOSjk3nSurMsAlbGcgONHFmxEo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 163.14.0.0/15 Signature Algorithm: sha256WithRSAEncryption 09:2c:e9:95:1d:82:39:c9:73:f8:3f:1d:e9:8e:5d:41:63:f2: 57:11:95:96:d2:00:0b:61:d6:a2:4f:03:76:8f:3a:ba:7d:e3: cb:82:0f:a5:86:d1:2b:13:a7:8a:19:99:62:76:d8:96:0d:9c: 0f:5a:0b:cc:f3:98:0e:01:cc:32:09:a6:cc:be:61:df:cb:7e: b9:3e:29:c6:2d:30:eb:07:a1:c4:ab:ab:dd:34:73:28:3a:48: 41:18:8a:31:c1:f0:42:2b:0c:9a:63:19:d7:ee:bc:b2:03:59: 06:65:bc:04:d3:c3:1d:8b:a7:b0:99:1c:ac:c0:6e:f3:35:f1: ec:c9:f9:24:b8:ed:e7:a8:2d:e9:08:56:47:63:d4:e3:49:c7: 72:11:c2:04:c8:9d:38:50:4d:5c:e1:6a:79:5e:5e:6b:75:f3: 56:13:f5:6a:c9:95:21:13:5f:76:17:e0:40:8f:a4:b9:66:09: 9a:58:4b:51:26:4d:c5:4a:e2:d1:37:b8:bb:46:ff:bb:49:d4: 22:c1:77:6a:b0:ac:80:e0:79:15:43:7b:92:69:bf:cf:8f:8b: 47:b7:4f:00:53:23:06:f9:df:ab:e7:2f:ab:d3:ef:d9:0d:59: d4:31:ac:15:bb:da:39:16:83:43:12:e6:be:85:b0:3b:6f:c2: 81:90:a6:21 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICEIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNTA4MjIw ODU1MzRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEM1MzM5MjhFNERFNzRB RUFDQ0IwMDk1QjE5QzgwRTM0NzE2NkM0NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe2NNKnI1zHLO3TouHNRCP24Z8ooRPmfuMYEVfmo1zhkK8WsbS RAP9vCYOhARU0Okh95I/CRE0H0AB2nhRdCdsLtD0JdMcL/Fh+MI34xlqgczTPdzo +xMQPPbSs5DSxwQLpwXWxP0tBu6H8Q9tRDxAKreVNPsaIN3Apm5gsbqvyZBmwHgE yzd0Sm9avflSAMmxn4vVmaq0wfispgA/4Jfuiqd/1nxRXt9ig3cz4ImGUXa83q14 dchixobnadsiMjtewtq/pzpLoQ5ncHncV0y9U8qAyyHVsvRz6tCvkd8w5ljCflr+ TXtJY+USZkbeSn58z28z/xZyJt3eHR1hEeS9AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUxTOSjk3nSurMsAlbGcgONHFmxEowHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC94VE9TamszblN1ck1zQWxiR2Nn T05IRm14RW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBow4w DQYJKoZIhvcNAQELBQADggEBAAks6ZUdgjnJc/g/HemOXUFj8lcRlZbSAAth1qJP A3aPOrp948uCD6WG0SsTp4oZmWJ22JYNnA9aC8zzmA4BzDIJpsy+Yd/Lfrk+KcYt MOsHocSrq900cyg6SEEYijHB8EIrDJpjGdfuvLIDWQZlvATTwx2Lp7CZHKzAbvM1 8ezJ+SS47eeoLekIVkdj1ONJx3IRwgTInThQTVzhanleXmt181YT9WrJlSETX3YX 4ECPpLlmCZpYS1EmTcVK4tE3uLtG/7tJ1CLBd2qwrIDgeRVDe5Jpv8+Pi0e3TwBT Iwb536vnL6vT79kNWdQxrBW72jkWg0MS5r6FsDtvwoGQpiE= -----END CERTIFICATE-----Generated at Sun Aug 24 07:57:28 2025 by rpki-client