$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Ma-M_Z4uGBHO9cmoUGvCOAbrRw0.roa File: Ma-M_Z4uGBHO9cmoUGvCOAbrRw0.roa (raw, json) Hash identifier: ndCbOGP+aGgpZAVzTiwNzE5530O96iPCIL3wH7LOaG0= Subject key identifier: 31:AF:8C:FD:9E:2E:18:11:CE:F5:C9:A8:50:6B:C2:38:06:EB:47:0D Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3950 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Ma-M_Z4uGBHO9cmoUGvCOAbrRw0.roa Signing time: Fri 22 Aug 2025 08:46:10 +0000 ROA not before: Fri 22 Aug 2025 08:46:10 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38841 IP address blocks: 123.195.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14672 (0x3950) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Aug 22 08:46:10 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=31AF8CFD9E2E1811CEF5C9A8506BC23806EB470D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:b5:76:94:74:52:22:63:d7:49:ac:91:63:da: ea:8e:00:e7:71:31:7f:69:25:e4:0c:9b:da:b9:e3: 9d:dc:d2:47:b9:53:19:b6:24:2f:2b:4f:53:09:13: c9:54:78:5e:e5:b5:15:13:34:d7:61:4c:9d:7c:58: ad:84:2b:c6:e5:84:3f:26:de:bb:0a:d3:ee:10:63: 1f:2f:26:11:24:8c:e3:1d:e0:80:4a:32:d0:48:f9: 8a:a3:f1:73:87:d6:04:d1:c5:cf:d9:83:ba:bf:83: 65:58:c7:17:1b:ff:f0:1a:a4:db:6c:fe:4c:b0:34: ab:29:08:77:2e:41:f3:f3:62:54:b9:d5:aa:7a:14: c6:1b:63:67:b1:93:0f:6b:2c:c8:b8:f5:2a:17:3f: ec:5b:87:51:cb:35:8d:51:f3:35:30:4c:88:ec:47: 10:30:62:74:60:97:f8:b7:cd:de:ed:f0:ac:27:77: dc:0b:18:22:5e:3a:04:b9:c6:e7:51:42:3f:bf:28: 9f:ac:eb:1c:f3:32:b0:be:ca:c8:20:fb:7d:57:e5: f2:7f:ea:3f:1d:dd:0b:cc:a9:71:24:ac:24:34:ba: c9:c0:7c:f1:bb:36:54:8e:b9:22:44:08:8b:fe:f3: d6:80:84:8e:6f:b1:7a:b2:d2:d7:15:e1:d3:0a:6f: d3:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:AF:8C:FD:9E:2E:18:11:CE:F5:C9:A8:50:6B:C2:38:06:EB:47:0D X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Ma-M_Z4uGBHO9cmoUGvCOAbrRw0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.195.240.0/21 Signature Algorithm: sha256WithRSAEncryption 04:9c:ce:53:5c:02:b1:4b:e4:e9:2f:7b:f7:01:a9:e5:05:25: 2e:41:24:d3:b0:a1:da:ec:5b:2d:89:67:4e:69:6b:34:5d:5f: 0c:3b:20:49:5c:eb:e6:82:2a:12:6f:43:9a:3d:75:3e:a8:5d: 40:82:6c:68:90:f0:10:f0:83:21:8a:38:2c:43:5b:95:47:0a: 2c:3e:11:20:4e:39:eb:79:df:87:20:22:0e:b3:eb:87:58:61: d7:57:d5:3c:07:d5:c7:b4:59:e3:de:3f:99:dd:c0:b5:53:af: 4e:0a:cc:c6:9b:d2:ad:6e:eb:1b:71:3b:f3:66:88:c9:15:c8: d1:76:d4:a4:b5:2f:d4:a0:6d:bf:a1:5c:e5:84:32:c1:c8:79: dd:f3:3e:85:b2:c4:91:98:38:46:2b:e5:b2:1b:37:9b:43:c7: c9:51:9c:b7:53:a0:f3:ef:dd:e7:ed:4f:3e:ec:b5:6c:bb:31: bc:f4:3f:bd:49:99:f0:0b:3a:ce:a8:dc:0c:90:25:db:a5:ce: b0:49:95:18:ad:f9:93:96:1f:e5:a2:4a:9c:15:96:3c:60:7a: 90:1a:ad:03:d7:ab:5a:e0:73:0e:eb:df:bf:fd:a0:04:e2:a3: e9:89:11:56:e0:1e:8c:ba:40:89:73:86:11:97:36:c8:61:15: 79:ce:cb:c4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICOVAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTA4MjIw ODQ2MTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDMxQUY4Q0ZEOUUyRTE4 MTFDRUY1QzlBODUwNkJDMjM4MDZFQjQ3MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGtXaUdFIiY9dJrJFj2uqOAOdxMX9pJeQMm9q5453c0ke5Uxm2 JC8rT1MJE8lUeF7ltRUTNNdhTJ18WK2EK8blhD8m3rsK0+4QYx8vJhEkjOMd4IBK MtBI+Yqj8XOH1gTRxc/Zg7q/g2VYxxcb//AapNts/kywNKspCHcuQfPzYlS51ap6 FMYbY2exkw9rLMi49SoXP+xbh1HLNY1R8zUwTIjsRxAwYnRgl/i3zd7t8Kwnd9wL GCJeOgS5xudRQj+/KJ+s6xzzMrC+ysgg+31X5fJ/6j8d3QvMqXEkrCQ0usnAfPG7 NlSOuSJECIv+89aAhI5vsXqy0tcV4dMKb9PvAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUMa+M/Z4uGBHO9cmoUGvCOAbrRw0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL01hLU1fWjR1R0JITzljbW9V R3ZDT0FiclJ3MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7 w/AwDQYJKoZIhvcNAQELBQADggEBAASczlNcArFL5Okve/cBqeUFJS5BJNOwodrs Wy2JZ05pazRdXww7IElc6+aCKhJvQ5o9dT6oXUCCbGiQ8BDwgyGKOCxDW5VHCiw+ ESBOOet534cgIg6z64dYYddX1TwH1ce0WePeP5ndwLVTr04KzMab0q1u6xtxO/Nm iMkVyNF21KS1L9Sgbb+hXOWEMsHIed3zPoWyxJGYOEYr5bIbN5tDx8lRnLdToPPv 3eftTz7stWy7Mbz0P71JmfALOs6o3AyQJdulzrBJlRit+ZOWH+WiSpwVljxgepAa rQPXq1rgcw7r37/9oATio+mJEVbgHoy6QIlzhhGXNshhFXnOy8Q= -----END CERTIFICATE-----Generated at Sun Aug 24 07:25:26 2025 by rpki-client