$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/Xmux0Rvvz9qWsItEpxDb1-aW8-0.roa File: Xmux0Rvvz9qWsItEpxDb1-aW8-0.roa (raw, json) Hash identifier: Em5/d9PXWfCNKiGUIRiQDaiUKHt42nQKjvg5eHPS8RQ= Subject key identifier: 5E:6B:B1:D1:1B:EF:CF:DA:96:B0:8B:44:A7:10:DB:D7:E6:96:F3:ED Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0E74 Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/Xmux0Rvvz9qWsItEpxDb1-aW8-0.roa Signing time: Fri 22 Aug 2025 08:58:18 +0000 ROA not before: Fri 22 Aug 2025 08:58:18 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131596 IP address blocks: 61.58.72.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3700 (0xe74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Aug 22 08:58:18 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=5E6BB1D11BEFCFDA96B08B44A710DBD7E696F3ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:54:5d:c4:99:02:b0:19:51:74:10:5f:97:9a: ce:52:81:59:16:19:62:cf:fa:d9:2a:8a:2e:7b:44: 40:6d:43:ed:62:f4:59:db:14:b2:1a:21:3a:6b:61: 3e:6d:f0:ab:1e:c1:f8:f1:ad:c7:e4:74:6a:d8:19: 93:c7:7f:34:19:31:30:ae:07:fb:01:7a:8d:82:51: 17:fe:a9:6c:d7:46:78:81:e7:aa:09:1f:43:c7:cb: 13:1a:7a:a2:6f:64:2d:0a:d3:ca:ef:fd:c4:b6:32: 5f:5d:9c:f7:77:54:32:f5:5f:67:40:89:de:4b:65: 71:37:03:89:14:45:c8:80:e6:d1:08:34:63:16:ac: aa:79:1d:be:3e:e0:64:e9:9f:47:f1:c4:37:ac:6c: 3d:30:df:c5:12:9f:fc:2e:3a:24:f2:48:56:f6:62: 45:4a:7e:19:b9:5b:b8:e1:53:f8:2f:0f:1e:c7:30: cb:1d:fb:8a:55:a5:2b:17:58:b4:8f:c4:a4:77:c6: 83:47:da:43:24:e9:b2:3f:a1:79:71:ea:b6:5d:12: 3c:f1:15:3b:f8:5d:50:c1:92:10:14:90:2b:ca:82: 92:d6:7c:2b:05:7d:e0:bf:7b:05:0f:0c:f4:32:c9: e9:64:b6:66:18:ff:ee:e5:1b:ae:07:fd:1b:96:a4: d7:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:6B:B1:D1:1B:EF:CF:DA:96:B0:8B:44:A7:10:DB:D7:E6:96:F3:ED X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/Xmux0Rvvz9qWsItEpxDb1-aW8-0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.58.72.0/21 Signature Algorithm: sha256WithRSAEncryption 4b:96:1e:0a:c4:52:39:77:fa:a6:c8:61:41:79:e4:87:f4:d5: 78:7e:79:8c:0f:c2:69:84:4d:f9:c9:eb:17:b8:d4:3a:33:4f: 69:ae:66:27:68:06:93:7b:5c:ff:b2:b4:d8:3f:b5:d2:1d:c5: 3e:a9:a6:bf:01:a2:0f:06:46:d6:a0:75:63:0b:1b:d0:45:0b: 06:ef:ea:9e:ec:2e:61:e6:8c:1a:ce:fe:09:23:8d:1c:33:f1: 79:fc:b2:b7:aa:ba:f2:6d:4c:25:2c:d4:49:f9:fc:cd:d3:fb: eb:11:30:0f:52:a8:07:41:72:e1:18:e8:5c:2f:3a:e8:24:55: e4:2c:22:23:3e:0e:45:4f:3d:9f:73:f6:37:75:d9:09:cd:cb: 89:6f:df:04:be:18:88:de:48:20:08:c3:ea:73:f9:80:39:14: 98:36:eb:bf:c1:03:93:b6:14:8a:7f:ed:44:03:4e:f5:ec:90: d2:a4:66:67:77:9f:84:1c:8d:34:2e:48:56:a2:80:d8:8c:c8: 4b:61:69:19:e7:49:96:7b:be:80:86:ef:16:92:35:97:97:ed: c0:49:03:54:e0:05:3b:e4:f0:9b:e3:79:0e:8c:05:af:0d:56: 81:0a:35:bc:0a:41:07:cc:01:79:0b:48:77:ee:47:18:e4:8c: 17:a2:a1:fa -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDnQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTA4MjIw ODU4MThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDVFNkJCMUQxMUJFRkNG REE5NkIwOEI0NEE3MTBEQkQ3RTY5NkYzRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdVF3EmQKwGVF0EF+Xms5SgVkWGWLP+tkqii57REBtQ+1i9Fnb FLIaITprYT5t8KsewfjxrcfkdGrYGZPHfzQZMTCuB/sBeo2CURf+qWzXRniB56oJ H0PHyxMaeqJvZC0K08rv/cS2Ml9dnPd3VDL1X2dAid5LZXE3A4kURciA5tEINGMW rKp5Hb4+4GTpn0fxxDesbD0w38USn/wuOiTySFb2YkVKfhm5W7jhU/gvDx7HMMsd +4pVpSsXWLSPxKR3xoNH2kMk6bI/oXlx6rZdEjzxFTv4XVDBkhAUkCvKgpLWfCsF feC/ewUPDPQyyelktmYY/+7lG64H/RuWpNfbAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUXmux0Rvvz9qWsItEpxDb1+aW8+0wHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9YbXV4MFJ2dno5cVdzSXRFcHhE YjEtYVc4LTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTpI MA0GCSqGSIb3DQEBCwUAA4IBAQBLlh4KxFI5d/qmyGFBeeSH9NV4fnmMD8JphE35 yesXuNQ6M09prmYnaAaTe1z/srTYP7XSHcU+qaa/AaIPBkbWoHVjCxvQRQsG7+qe 7C5h5owazv4JI40cM/F5/LK3qrrybUwlLNRJ+fzN0/vrETAPUqgHQXLhGOhcLzro JFXkLCIjPg5FTz2fc/Y3ddkJzcuJb98EvhiI3kggCMPqc/mAORSYNuu/wQOTthSK f+1EA0717JDSpGZnd5+EHI00LkhWooDYjMhLYWkZ50mWe76Ahu8WkjWXl+3ASQNU 4AU75PCb43kOjAWvDVaBCjW8CkEHzAF5C0h37kcY5IwXoqH6 -----END CERTIFICATE-----Generated at Sun Aug 24 09:16:24 2025 by rpki-client