$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/oCbo4j_RowFohhS_3o-gRW0vNNs.roa File: oCbo4j_RowFohhS_3o-gRW0vNNs.roa (raw, json) Hash identifier: 6/+w/RiuG7t9WcjT41dYBGCT3mlap7yM7yUePx6mDFQ= Subject key identifier: A0:26:E8:E2:3F:D1:A3:01:68:86:14:BF:DE:8F:A0:45:6D:2F:34:DB Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0E6C Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/oCbo4j_RowFohhS_3o-gRW0vNNs.roa Signing time: Fri 22 Aug 2025 08:58:15 +0000 ROA not before: Fri 22 Aug 2025 08:58:15 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 210.202.56.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3692 (0xe6c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Aug 22 08:58:15 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=A026E8E23FD1A301688614BFDE8FA0456D2F34DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:74:92:07:c9:db:2c:96:57:17:36:75:af:ab: 11:2b:ae:6c:34:77:9a:a4:f0:02:11:0d:e9:6e:21: f8:03:45:01:e2:4b:1d:52:d0:17:62:a7:4b:de:92: f0:3f:17:68:37:b8:24:24:4f:d8:51:9a:ff:9a:ef: f8:ea:65:a2:be:12:64:9d:fa:16:33:9b:82:0b:28: 07:83:f4:ef:14:bc:79:fd:54:6c:34:f0:4f:57:20: 57:b5:bc:95:78:d5:61:74:90:54:7d:cd:c2:6d:a1: f9:51:c3:59:18:d2:75:1e:32:d7:ba:82:8f:b9:a5: 03:95:ed:15:e2:ef:b5:45:2b:85:0b:ba:18:be:57: 9c:c9:5a:8b:20:7e:f3:6b:01:ed:ca:31:4a:37:71: ad:c9:19:5d:3a:7d:0b:ba:53:ba:a4:2d:12:70:87: 31:e7:86:7a:5e:82:19:e5:41:71:63:ab:8d:fa:39: a8:12:bf:4c:08:1b:3f:a0:fd:59:fd:fa:bb:d2:d9: f3:69:30:e3:fa:d9:9a:60:5d:fc:3e:46:bd:9c:4a: 6e:5c:0b:aa:39:3c:1e:8a:d7:66:dc:a8:22:2c:b9: 98:96:72:7e:3b:7d:ee:b2:c0:e5:96:c1:fc:4f:dd: 65:03:55:95:f3:cf:f4:21:9b:0d:5e:15:45:c7:8c: 17:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:26:E8:E2:3F:D1:A3:01:68:86:14:BF:DE:8F:A0:45:6D:2F:34:DB X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/oCbo4j_RowFohhS_3o-gRW0vNNs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.202.56.0/21 Signature Algorithm: sha256WithRSAEncryption 8b:a7:9d:1b:a7:d4:ae:05:3e:1e:f2:6a:21:c1:f6:11:ec:7f: 8b:e6:02:26:52:1c:e4:29:e2:4e:9c:56:99:cb:35:75:23:29: 85:04:fc:be:14:3e:26:6d:f6:f1:63:9e:96:81:5a:e2:8b:26: ee:bc:2a:1b:4c:64:f2:3c:aa:98:fc:ae:30:db:fd:6e:49:cc: 58:c5:a1:25:68:f0:86:36:e2:81:1e:4f:30:4a:20:94:b5:e8: de:46:b5:91:a3:f7:c0:bf:47:7e:ea:8c:a6:40:05:cd:2e:40: 47:a4:2e:70:c3:1f:59:4d:43:81:16:39:02:14:13:de:3e:3a: c9:0d:2c:ac:8a:25:b6:cb:fb:81:2e:0b:f6:6c:a2:bf:34:fd: 81:84:7f:6d:31:d5:1e:04:fa:16:c3:8e:33:a4:b1:fe:26:7e: 9d:d2:34:22:72:cd:bf:ef:9e:60:f0:1f:06:30:a0:be:52:bf: 67:52:c3:e4:e6:52:7e:8b:fe:8d:2f:6c:b5:ca:2c:7d:54:f3: 12:b5:da:d4:08:e7:c1:86:39:e4:98:0a:16:ea:a2:bb:f8:f3: be:96:73:9b:5e:99:02:48:ed:08:fc:e3:8f:93:37:ae:53:65: 33:ac:1a:39:b1:e2:30:2c:e1:6c:f3:e6:ec:d7:2d:45:9f:ba: 8a:9e:32:c0 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTA4MjIw ODU4MTVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEEwMjZFOEUyM0ZEMUEz MDE2ODg2MTRCRkRFOEZBMDQ1NkQyRjM0REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+dJIHydssllcXNnWvqxErrmw0d5qk8AIRDeluIfgDRQHiSx1S 0Bdip0vekvA/F2g3uCQkT9hRmv+a7/jqZaK+EmSd+hYzm4ILKAeD9O8UvHn9VGw0 8E9XIFe1vJV41WF0kFR9zcJtoflRw1kY0nUeMte6go+5pQOV7RXi77VFK4ULuhi+ V5zJWosgfvNrAe3KMUo3ca3JGV06fQu6U7qkLRJwhzHnhnpeghnlQXFjq436OagS v0wIGz+g/Vn9+rvS2fNpMOP62ZpgXfw+Rr2cSm5cC6o5PB6K12bcqCIsuZiWcn47 fe6ywOWWwfxP3WUDVZXzz/Qhmw1eFUXHjBfzAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUoCbo4j/RowFohhS/3o+gRW0vNNswHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9vQ2JvNGpfUm93Rm9oaFNfM28t Z1JXMHZOTnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD0so4 MA0GCSqGSIb3DQEBCwUAA4IBAQCLp50bp9SuBT4e8mohwfYR7H+L5gImUhzkKeJO nFaZyzV1IymFBPy+FD4mbfbxY56WgVriiybuvCobTGTyPKqY/K4w2/1uScxYxaEl aPCGNuKBHk8wSiCUtejeRrWRo/fAv0d+6oymQAXNLkBHpC5wwx9ZTUOBFjkCFBPe PjrJDSysiiW2y/uBLgv2bKK/NP2BhH9tMdUeBPoWw44zpLH+Jn6d0jQics2/755g 8B8GMKC+Ur9nUsPk5lJ+i/6NL2y1yix9VPMStdrUCOfBhjnkmAoW6qK7+PO+lnOb XpkCSO0I/OOPkzeuU2UzrBo5seIwLOFs8+bs1y1Fn7qKnjLA -----END CERTIFICATE-----Generated at Sun Aug 24 09:22:20 2025 by rpki-client