$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/7whmrqIkmkaInVCtxI-Av1hQ5hE.roa File: 7whmrqIkmkaInVCtxI-Av1hQ5hE.roa (raw, json) Hash identifier: hCk1vktFPij+CnuSZQ72yhvQnQc2dh3km9No3m4TfqE= Subject key identifier: EF:08:66:AE:A2:24:9A:46:88:9D:50:AD:C4:8F:80:BF:58:50:E6:11 Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0E76 Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/7whmrqIkmkaInVCtxI-Av1hQ5hE.roa Signing time: Fri 22 Aug 2025 08:58:18 +0000 ROA not before: Fri 22 Aug 2025 08:58:18 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131596 IP address blocks: 61.63.96.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3702 (0xe76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Aug 22 08:58:18 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=EF0866AEA2249A46889D50ADC48F80BF5850E611 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9a:9e:2c:87:d7:2b:89:a4:c3:d3:c1:d6:fe: 86:69:18:05:3d:0d:48:98:fd:6e:df:eb:c4:72:fa: ad:58:f4:d9:cc:e5:3e:89:59:0e:31:39:5d:bd:13: d9:c2:29:6c:2d:64:8d:0c:82:8d:4e:90:6f:45:1d: 69:4f:de:e0:0d:02:86:0e:ab:ad:4f:e3:b7:08:ab: c1:51:b1:dc:65:a6:ec:01:b7:dd:8d:b0:ff:9f:2b: 5c:04:ae:9b:f4:78:f4:b0:2e:52:78:57:3b:95:2a: 9c:8c:a6:98:ab:ef:03:63:8c:e0:1e:89:aa:42:35: 2e:71:34:5e:fb:72:57:dd:a1:e0:d9:bf:a7:3a:fc: 6a:24:ff:60:24:b8:bf:8f:99:0c:2a:12:f4:bb:42: 7d:e3:ea:20:54:93:5c:86:34:dc:92:85:18:4c:e3: b9:84:48:7a:f5:05:a2:de:db:bb:12:0d:29:04:be: 17:31:98:07:ad:31:cf:b2:19:f3:4a:96:cb:07:6d: bd:f7:30:af:4f:d5:36:88:56:ce:19:dd:e1:35:04: 9c:b0:06:a9:f0:55:84:7c:fd:0a:4d:74:44:18:d2: f6:c0:91:59:6f:f9:f2:23:2d:5e:8d:f9:89:64:6d: ce:95:f3:a0:b3:79:da:10:48:2d:42:81:ec:6a:04: 88:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:08:66:AE:A2:24:9A:46:88:9D:50:AD:C4:8F:80:BF:58:50:E6:11 X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/7whmrqIkmkaInVCtxI-Av1hQ5hE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.63.96.0/19 Signature Algorithm: sha256WithRSAEncryption 33:f1:a8:02:78:49:a0:e6:c5:af:c6:a8:54:b7:4c:8b:a8:65: 1c:89:12:e6:25:c3:08:5f:77:e6:08:31:98:1a:b0:87:98:59: 7e:6a:02:64:98:02:e8:46:5a:89:99:c7:2f:62:76:b7:92:2a: 09:93:09:17:d8:74:02:22:ac:c2:87:b7:6a:f2:07:be:62:fd: 0e:16:c7:d6:95:fa:50:a4:c9:b1:ee:4b:91:d6:68:f2:f6:cb: 7e:85:50:61:83:1f:eb:01:7c:b0:98:65:09:40:05:8c:93:4c: 37:0b:50:ae:e6:ca:b2:a9:29:06:c3:cb:27:8f:3e:0a:c1:5b: e7:66:ae:9d:03:66:87:c1:cc:e8:be:72:a1:95:8f:7c:d2:e3: d9:d2:2d:8a:e9:ec:8b:33:bb:84:0d:b3:da:f9:49:20:5b:68: d3:7e:bf:49:e5:af:ea:12:7d:71:b6:4b:a1:ff:73:f2:70:d7: 0f:8d:1c:63:1a:94:22:47:93:e0:2e:48:79:36:9a:28:7d:e3: 93:fb:cd:b4:43:95:5b:08:6b:38:49:d2:2f:f8:ba:17:f0:db: dc:99:5f:e6:6f:82:8f:b1:85:e0:37:88:21:ad:84:ba:21:4c: 14:51:b2:f4:50:2d:75:3e:46:88:45:ba:8d:91:b1:d9:1d:62: 75:10:83:61 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTA4MjIw ODU4MThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEVGMDg2NkFFQTIyNDlB NDY4ODlENTBBREM0OEY4MEJGNTg1MEU2MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7mp4sh9criaTD08HW/oZpGAU9DUiY/W7f68Ry+q1Y9NnM5T6J WQ4xOV29E9nCKWwtZI0Mgo1OkG9FHWlP3uANAoYOq61P47cIq8FRsdxlpuwBt92N sP+fK1wErpv0ePSwLlJ4VzuVKpyMppir7wNjjOAeiapCNS5xNF77clfdoeDZv6c6 /Gok/2AkuL+PmQwqEvS7Qn3j6iBUk1yGNNyShRhM47mESHr1BaLe27sSDSkEvhcx mAetMc+yGfNKlssHbb33MK9P1TaIVs4Z3eE1BJywBqnwVYR8/QpNdEQY0vbAkVlv +fIjLV6N+Ylkbc6V86CzedoQSC1CgexqBIhlAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU7whmrqIkmkaInVCtxI+Av1hQ5hEwHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS83d2htcnFJa21rYUluVkN0eEkt QXYxaFE1aEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPT9g MA0GCSqGSIb3DQEBCwUAA4IBAQAz8agCeEmg5sWvxqhUt0yLqGUciRLmJcMIX3fm CDGYGrCHmFl+agJkmALoRlqJmccvYna3kioJkwkX2HQCIqzCh7dq8ge+Yv0OFsfW lfpQpMmx7kuR1mjy9st+hVBhgx/rAXywmGUJQAWMk0w3C1Cu5sqyqSkGw8snjz4K wVvnZq6dA2aHwczovnKhlY980uPZ0i2K6eyLM7uEDbPa+UkgW2jTfr9J5a/qEn1x tkuh/3PycNcPjRxjGpQiR5PgLkh5NpoofeOT+820Q5VbCGs4SdIv+LoX8NvcmV/m b4KPsYXgN4ghrYS6IUwUUbL0UC11PkaIRbqNkbHZHWJ1EINh -----END CERTIFICATE-----Generated at Sun Aug 24 09:16:15 2025 by rpki-client