$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TTNS/NlQidybSBeZHTZI3L4pKpirVIps.roa File: NlQidybSBeZHTZI3L4pKpirVIps.roa (raw, json) Hash identifier: UIQb5c2F88EIT7UEI7F2iTP67ctCprgSSNLLg9Bho/E= Subject key identifier: 36:54:22:77:26:D2:05:E6:47:4D:92:37:2F:8A:4A:A6:2A:D5:22:9B Certificate issuer: /CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94 Certificate serial: 037B Authority key identifier: 29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/NlQidybSBeZHTZI3L4pKpirVIps.roa Signing time: Fri 22 Aug 2025 08:52:22 +0000 ROA not before: Fri 22 Aug 2025 08:52:22 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 31972 IP address blocks: 103.159.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 891 (0x37b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94 Validity Not Before: Aug 22 08:52:22 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3654227726D205E6474D92372F8A4AA62AD5229B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:44:d7:7d:db:48:e7:47:f1:29:2f:f7:a9:f7: e6:55:65:0c:80:e2:87:6d:01:9a:71:38:63:1a:8b: 4c:0e:c8:69:da:a1:a1:2f:df:09:40:fd:7d:f9:2d: 92:65:f1:b5:e6:1c:12:34:f1:bb:6f:d5:4b:fb:ff: 94:0f:4c:27:b5:af:df:62:8c:23:bb:d6:85:97:a8: 7a:4c:34:ea:bc:61:30:fc:c0:d5:94:94:61:b7:7a: 30:42:9c:cf:28:21:5c:7a:00:d7:57:f8:e6:23:b0: a7:ec:2d:0f:e4:38:ba:aa:03:0d:c9:51:c9:1f:b0: fa:4b:42:f1:0e:4c:9b:fd:c2:6d:fa:c5:73:31:d8: 5b:9c:ed:00:11:22:a6:a5:50:f1:67:c1:b1:ca:72: c5:06:c2:17:97:bd:7b:b5:be:c1:39:3b:50:b8:80: b1:45:cc:b2:5e:0b:49:71:71:50:f3:a0:82:be:23: 00:fe:1e:cc:1f:92:35:6b:61:99:86:ec:35:11:dc: bf:af:f3:46:39:08:f9:28:3e:e1:a5:4a:5b:f5:9e: 09:85:ef:33:54:79:e8:e6:76:a2:47:f3:8c:e7:be: 26:4e:c7:8c:22:12:88:09:56:64:4c:b0:10:02:06: 7c:07:5c:e6:a5:05:1d:b8:29:e1:7f:f5:09:dd:de: ef:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:54:22:77:26:D2:05:E6:47:4D:92:37:2F:8A:4A:A6:2A:D5:22:9B X509v3 Authority Key Identifier: keyid:29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/NlQidybSBeZHTZI3L4pKpirVIps.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.159.206.0/23 Signature Algorithm: sha256WithRSAEncryption 71:05:a5:e8:65:94:bc:33:05:e5:99:34:01:00:2f:50:19:9b: 44:51:38:12:be:92:b3:c8:df:0d:c3:ef:ac:0f:74:fe:4b:27: 79:6d:c7:8a:39:d2:c0:36:41:31:63:86:33:1f:64:c7:70:ae: 25:cf:7d:54:97:00:c8:69:53:09:a2:63:28:7d:63:b6:14:1e: e8:d6:4f:77:9b:29:86:b3:ee:3e:78:a7:c6:b6:80:b8:a7:f8: 5c:5f:21:8a:b0:4d:b1:f7:71:66:81:87:af:fb:a3:65:af:73: f4:8e:03:62:96:34:80:e2:01:f1:ce:4e:c5:06:4a:64:a1:f3: 0e:c7:e2:c7:8c:59:44:16:4a:11:78:12:26:88:e0:4d:78:7c: 80:83:4a:be:e5:5e:b1:37:f7:4f:60:07:8c:57:a0:87:42:e9: 3d:6c:37:e4:69:7d:8c:6d:7d:09:cd:91:4b:3d:97:6e:de:7a: 56:6a:0e:18:d8:f3:83:05:26:82:4b:1e:84:24:49:30:73:44: 7f:99:ba:ce:1a:c2:f0:3c:f1:26:47:49:0a:24:9b:ac:12:33: 4b:0c:be:7d:5d:1e:b2:95:d8:64:d7:46:6a:36:f8:52:99:b1: 53:cc:8a:1f:9f:3d:51:6f:29:68:e1:33:b0:28:dc:4e:83:38: d2:d0:2e:7e -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICA3swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk4 RUQyRkQ2QUQ1QzVCNTY4N0RGNjE0QTI3NUMyRkM4NDhENEU5NDAeFw0yNTA4MjIw ODUyMjJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM2NTQyMjc3MjZEMjA1 RTY0NzREOTIzNzJGOEE0QUE2MkFENTIyOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDoRNd920jnR/EpL/ep9+ZVZQyA4odtAZpxOGMai0wOyGnaoaEv 3wlA/X35LZJl8bXmHBI08btv1Uv7/5QPTCe1r99ijCO71oWXqHpMNOq8YTD8wNWU lGG3ejBCnM8oIVx6ANdX+OYjsKfsLQ/kOLqqAw3JUckfsPpLQvEOTJv9wm36xXMx 2Fuc7QARIqalUPFnwbHKcsUGwheXvXu1vsE5O1C4gLFFzLJeC0lxcVDzoIK+IwD+ HswfkjVrYZmG7DUR3L+v80Y5CPkoPuGlSlv1ngmF7zNUeejmdqJH84znviZOx4wi EogJVmRMsBACBnwHXOalBR24KeF/9Qnd3u9vAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUNlQidybSBeZHTZI3L4pKpirVIpswHwYDVR0jBBgwFoAUKY7S/WrVxbVoffYU onXC/ISNTpQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFROUy9L WTdTX1dyVnhiVm9mZllVb25YQ19JU05UcFEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0tZN1NfV3JWeGJWb2ZmWVVvblhDX0lTTlRwUS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1RUTlMvTmxRaWR5YlNCZVpIVFpJM0w0cEtw aXJWSXBzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWefzjAN BgkqhkiG9w0BAQsFAAOCAQEAcQWl6GWUvDMF5Zk0AQAvUBmbRFE4Er6Ss8jfDcPv rA90/ksneW3HijnSwDZBMWOGMx9kx3CuJc99VJcAyGlTCaJjKH1jthQe6NZPd5sp hrPuPninxraAuKf4XF8hirBNsfdxZoGHr/ujZa9z9I4DYpY0gOIB8c5OxQZKZKHz Dsfix4xZRBZKEXgSJojgTXh8gINKvuVesTf3T2AHjFegh0LpPWw35Gl9jG19Cc2R Sz2Xbt56VmoOGNjzgwUmgksehCRJMHNEf5m6zhrC8DzxJkdJCiSbrBIzSwy+fV0e spXYZNdGajb4UpmxU8yKH589UW8paOEzsCjcToM40tAufg== -----END CERTIFICATE-----Generated at Sun Aug 24 11:15:32 2025 by rpki-client