$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/NHQanDA1AeoeY-Yp759CZTZk0ME.roa File: NHQanDA1AeoeY-Yp759CZTZk0ME.roa (raw, json) Hash identifier: nsjDZFdl9bAQe4jtGpYk3zNbXDW+LhV/LZgr498Va4M= Subject key identifier: 34:74:1A:9C:30:35:01:EA:1E:63:E6:29:EF:9F:42:65:36:64:D0:C1 Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3B2F Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/NHQanDA1AeoeY-Yp759CZTZk0ME.roa Signing time: Fri 22 Aug 2025 08:48:09 +0000 ROA not before: Fri 22 Aug 2025 08:48:09 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38841 IP address blocks: 123.194.120.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15151 (0x3b2f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Aug 22 08:48:09 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=34741A9C303501EA1E63E629EF9F42653664D0C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:26:49:ce:ca:32:6b:ff:36:60:01:fd:b3:0c: f2:d5:f4:69:d5:cd:a1:e3:4e:f7:61:ef:d7:e0:b2: 29:e1:b8:c8:19:64:9e:8a:38:50:3e:43:44:e0:3a: ae:8c:17:2f:31:4f:df:92:81:0e:ea:08:ef:f6:f7: 95:3d:5c:b6:1b:63:e9:fa:82:3f:9d:67:57:c1:77: f7:41:d0:fd:0b:97:0d:83:96:5c:0b:84:bf:d6:75: a4:fc:0d:1f:2e:2b:4d:fe:e8:0c:55:e1:e6:4b:bb: 4f:ed:1f:43:74:f6:bf:f9:ed:92:56:68:96:9b:07: b3:d0:af:94:29:50:2f:ea:1e:3c:be:e3:16:4d:33: 43:e1:94:bc:b1:f7:60:fb:3f:35:06:50:30:84:a5: 4a:2d:00:db:0f:46:a8:9d:5c:52:e6:42:85:9c:aa: ee:61:11:23:da:b1:24:73:a6:db:16:58:aa:fe:20: 38:97:40:ff:a3:c6:27:2f:06:94:c5:81:25:f1:f6: bd:fc:38:d0:54:a7:9f:4f:83:44:45:e0:a9:6a:1b: b8:50:e1:02:53:75:83:18:bc:ae:0b:75:ba:bd:b2: 59:a1:d4:66:b9:50:f7:b6:e0:87:c9:e0:0f:84:39: a1:7d:77:85:72:44:c0:3e:9a:2e:4d:a8:c0:85:31: 85:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:74:1A:9C:30:35:01:EA:1E:63:E6:29:EF:9F:42:65:36:64:D0:C1 X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/NHQanDA1AeoeY-Yp759CZTZk0ME.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.194.120.0/21 Signature Algorithm: sha256WithRSAEncryption 99:73:03:72:5b:5b:8e:08:76:4c:9d:e1:9b:04:55:0e:13:d0: 8a:83:fe:d4:16:ea:79:b8:cc:e3:1e:be:f8:32:8f:4e:b6:37: 2b:c4:e4:92:f3:be:c1:a2:74:de:3e:9b:51:3b:b5:1e:94:47: 72:c8:5d:a7:e6:c7:4f:09:2e:9f:35:2f:c3:1f:d9:d4:74:e8: 6c:8e:93:9c:9c:eb:ab:73:a8:b3:01:80:88:39:0d:fd:87:66: 30:2d:30:d8:d3:97:b9:79:0c:61:c6:f5:06:dd:5f:eb:63:30: f2:5b:b4:3e:32:f5:70:e6:19:44:c2:9b:08:38:b8:7b:6b:0e: 51:a1:5e:b6:ef:a7:e1:3a:55:8d:09:ef:8d:6e:7a:ab:2e:58: 4d:0e:12:44:a8:be:95:10:e3:12:52:68:39:c5:1d:35:02:74: ea:06:33:2e:22:4f:77:b8:2d:ed:d2:7b:75:89:ca:0a:71:fc: de:10:16:37:b7:fb:af:81:6e:0e:5a:72:ed:07:bc:14:87:c8: 53:5b:b4:31:8a:6b:a1:5c:56:3e:71:9e:fc:ee:7d:f2:ee:85: 9a:cf:2c:ad:ce:06:7f:19:ee:58:d1:40:60:e2:a6:22:f8:39: 0a:ab:04:60:9b:2a:6b:94:ec:05:20:7d:fd:9a:ea:ee:6e:56: 29:65:7e:e1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICOy8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTA4MjIw ODQ4MDlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM0NzQxQTlDMzAzNTAx RUExRTYzRTYyOUVGOUY0MjY1MzY2NEQwQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGJknOyjJr/zZgAf2zDPLV9GnVzaHjTvdh79fgsinhuMgZZJ6K OFA+Q0TgOq6MFy8xT9+SgQ7qCO/295U9XLYbY+n6gj+dZ1fBd/dB0P0Llw2DllwL hL/WdaT8DR8uK03+6AxV4eZLu0/tH0N09r/57ZJWaJabB7PQr5QpUC/qHjy+4xZN M0PhlLyx92D7PzUGUDCEpUotANsPRqidXFLmQoWcqu5hESPasSRzptsWWKr+IDiX QP+jxicvBpTFgSXx9r38ONBUp59Pg0RF4KlqG7hQ4QJTdYMYvK4Ldbq9slmh1Ga5 UPe24IfJ4A+EOaF9d4VyRMA+mi5NqMCFMYV1AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUNHQanDA1AeoeY+Yp759CZTZk0MEwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL05IUWFuREExQWVvZVktWXA3 NTlDWlRaazBNRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7 wngwDQYJKoZIhvcNAQELBQADggEBAJlzA3JbW44Idkyd4ZsEVQ4T0IqD/tQW6nm4 zOMevvgyj062NyvE5JLzvsGidN4+m1E7tR6UR3LIXafmx08JLp81L8Mf2dR06GyO k5yc66tzqLMBgIg5Df2HZjAtMNjTl7l5DGHG9QbdX+tjMPJbtD4y9XDmGUTCmwg4 uHtrDlGhXrbvp+E6VY0J741ueqsuWE0OEkSovpUQ4xJSaDnFHTUCdOoGMy4iT3e4 Le3Se3WJygpx/N4QFje3+6+Bbg5acu0HvBSHyFNbtDGKa6FcVj5xnvzuffLuhZrP LK3OBn8Z7ljRQGDipiL4OQqrBGCbKmuU7AUgff2a6u5uVillfuE= -----END CERTIFICATE-----Generated at Sun Aug 24 07:26:35 2025 by rpki-client