$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/XzsI-8yv3d_T4ZgRc4y0ehSM5fs.roa File: XzsI-8yv3d_T4ZgRc4y0ehSM5fs.roa (raw, json) Hash identifier: tW8kaSf2cqDtHMAA5oDaQXpfDVsCNbMOv3DZ+4M0HPI= Subject key identifier: 5F:3B:08:FB:CC:AF:DD:DF:D3:E1:98:11:73:8C:B4:7A:14:8C:E5:FB Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0E7A Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/XzsI-8yv3d_T4ZgRc4y0ehSM5fs.roa Signing time: Fri 22 Aug 2025 08:58:20 +0000 ROA not before: Fri 22 Aug 2025 08:58:20 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131596 IP address blocks: 61.58.64.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3706 (0xe7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Aug 22 08:58:20 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=5F3B08FBCCAFDDDFD3E19811738CB47A148CE5FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ba:8c:83:a1:46:86:99:1a:2f:8b:62:fb:87: 18:ac:99:93:1b:b8:5c:3a:e5:62:3a:3e:7c:f5:69: 6e:dd:87:fc:9b:64:bb:2b:db:66:ba:d4:7c:1d:a2: 57:6c:c0:f2:f3:95:54:10:76:4d:79:e6:7d:de:e0: 72:35:8f:9d:0f:f8:44:fe:ef:38:a8:4a:20:63:b9: e4:91:6e:7a:69:50:a0:d2:bf:ee:ba:f5:d7:e2:5c: 19:bf:ea:1d:97:3a:cf:a2:9c:42:29:8a:88:83:97: f2:27:07:67:b6:31:76:51:d3:95:64:18:6d:90:82: 65:1b:31:8e:db:59:b8:ce:bb:09:8e:f9:df:8a:a4: 96:26:96:e5:c6:30:e6:47:25:6e:47:b5:74:df:d5: 07:2c:7f:a3:b3:a8:75:37:b5:e5:15:a6:d7:7a:8b: 72:ee:96:ec:dd:99:ab:f0:b3:2f:f0:53:39:a8:56: 50:36:d3:f4:84:6b:b1:42:30:c0:c1:a0:f4:6e:44: 88:3c:0c:54:b0:e0:93:25:8e:c1:f9:33:0f:3d:b3: bc:d2:61:17:64:9b:73:d3:f8:e6:ed:f8:ea:7c:29: 00:4f:54:f7:d3:b3:69:5e:4b:ce:4c:c7:f2:db:29: 35:4e:66:74:8b:20:64:bc:bd:0e:20:f2:9c:5a:93: c8:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:3B:08:FB:CC:AF:DD:DF:D3:E1:98:11:73:8C:B4:7A:14:8C:E5:FB X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/XzsI-8yv3d_T4ZgRc4y0ehSM5fs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.58.64.0/21 Signature Algorithm: sha256WithRSAEncryption 53:3e:cf:24:82:e0:be:ed:85:40:0f:3e:2a:97:af:0e:52:8d: 81:03:ac:25:96:2a:3a:88:31:29:72:05:47:70:23:4d:02:c7: f0:c7:15:db:db:d1:bc:e7:d6:eb:e0:0f:e3:5a:a8:c8:9f:ae: 40:07:77:b4:de:06:96:4c:3b:1b:0a:0d:80:9f:8c:91:ab:ba: 9a:78:1a:16:15:eb:0e:4b:f9:6f:51:f4:12:c7:6b:1f:55:e9: 32:c7:49:75:68:28:a9:77:fd:2e:06:6c:80:89:d0:b0:f8:a2: 88:90:b2:3e:3b:52:68:ab:a8:4f:7b:29:63:a6:c4:60:ec:da: a2:ab:6d:82:10:a1:ae:aa:c1:63:c1:7e:71:4e:3b:cf:be:c3: c6:5c:27:a1:bf:e0:3f:35:83:68:9c:ad:b9:5a:2e:fd:ad:59: 07:8f:c1:f6:96:31:60:84:d9:60:83:d9:70:b2:4f:8b:ae:90: b6:1e:06:b9:d0:95:e6:9c:7a:4b:7a:ed:bd:95:b6:bc:cc:fe: d4:a4:fb:9e:3f:c4:f0:da:73:07:43:ad:94:c7:24:83:4e:86: a4:2a:84:b6:c1:45:02:40:35:7e:e3:49:08:24:72:65:6f:e4: 52:0b:b6:3d:4f:ac:1f:b4:67:c9:45:64:2a:e2:dc:66:7c:77: bf:c8:11:ed -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTA4MjIw ODU4MjBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDVGM0IwOEZCQ0NBRkRE REZEM0UxOTgxMTczOENCNDdBMTQ4Q0U1RkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAuoyDoUaGmRovi2L7hxismZMbuFw65WI6Pnz1aW7dh/ybZLsr 22a61HwdoldswPLzlVQQdk155n3e4HI1j50P+ET+7zioSiBjueSRbnppUKDSv+66 9dfiXBm/6h2XOs+inEIpioiDl/InB2e2MXZR05VkGG2QgmUbMY7bWbjOuwmO+d+K pJYmluXGMOZHJW5HtXTf1Qcsf6OzqHU3teUVptd6i3Luluzdmavwsy/wUzmoVlA2 0/SEa7FCMMDBoPRuRIg8DFSw4JMljsH5Mw89s7zSYRdkm3PT+Obt+Op8KQBPVPfT s2leS85Mx/LbKTVOZnSLIGS8vQ4g8pxak8hVAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUXzsI+8yv3d/T4ZgRc4y0ehSM5fswHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9YenNJLTh5djNkX1Q0WmdSYzR5 MGVoU001ZnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTpA MA0GCSqGSIb3DQEBCwUAA4IBAQBTPs8kguC+7YVADz4ql68OUo2BA6wllio6iDEp cgVHcCNNAsfwxxXb29G859br4A/jWqjIn65AB3e03gaWTDsbCg2An4yRq7qaeBoW FesOS/lvUfQSx2sfVekyx0l1aCipd/0uBmyAidCw+KKIkLI+O1Joq6hPeyljpsRg 7Nqiq22CEKGuqsFjwX5xTjvPvsPGXCehv+A/NYNonK25Wi79rVkHj8H2ljFghNlg g9lwsk+LrpC2Hga50JXmnHpLeu29lba8zP7UpPueP8Tw2nMHQ62UxySDToakKoS2 wUUCQDV+40kIJHJlb+RSC7Y9T6wftGfJRWQq4txmfHe/yBHt -----END CERTIFICATE-----Generated at Sun Aug 24 09:19:52 2025 by rpki-client