$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Q6Kazc1WCL7pT3eUTjkrEVaw4pQ.roa File: Q6Kazc1WCL7pT3eUTjkrEVaw4pQ.roa (raw, json) Hash identifier: qLDqyMDlXrWDkxyOy0FP0ljr/ZacLdQi7tiOx9ddfAI= Subject key identifier: 43:A2:9A:CD:CD:56:08:BE:E9:4F:77:94:4E:39:2B:11:56:B0:E2:94 Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 37F7 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Q6Kazc1WCL7pT3eUTjkrEVaw4pQ.roa Signing time: Fri 22 Aug 2025 08:44:50 +0000 ROA not before: Fri 22 Aug 2025 08:44:50 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38841 IP address blocks: 123.194.232.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14327 (0x37f7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Aug 22 08:44:50 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=43A29ACDCD5608BEE94F77944E392B1156B0E294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b1:ec:ff:e5:be:f1:55:88:57:ef:ba:cf:99: a2:ba:b6:c4:ed:ea:dd:12:c1:8a:fd:a3:80:6f:ef: 00:c0:d4:42:db:fa:3b:8b:a9:ab:63:67:42:a5:85: c3:2d:ff:24:1f:a9:12:3a:ac:79:31:4d:72:66:ad: bc:f4:1a:fe:dd:c8:83:fb:aa:1e:d4:99:59:6f:5c: 40:2f:fc:5b:10:be:fb:34:91:52:58:c1:3a:26:06: 03:bf:13:bd:9f:5b:4d:06:64:15:d7:82:e0:18:7b: 5f:4e:19:d8:93:38:d7:79:13:9a:c3:84:79:9e:66: dd:85:9b:2e:aa:8e:f8:28:72:7b:4b:34:93:49:c4: 34:0e:e7:eb:be:fc:e4:b1:d6:d8:62:ce:10:9b:f4: 54:62:d7:73:2e:ab:95:a3:cb:85:dd:5e:de:6b:08: ba:e9:b0:8c:3a:ce:89:cc:45:b7:a8:3a:c2:8e:3b: 50:2c:c3:31:79:03:64:58:75:6d:5c:ed:71:cb:3b: f9:78:a7:08:bd:8f:91:96:d9:99:ba:98:2d:d2:45: 0e:b3:b1:7b:d9:ec:ba:33:8f:04:18:08:c7:3f:02: fc:41:4b:a3:02:e3:3a:50:04:a3:56:53:6e:44:97: 92:a8:23:ef:39:8a:e6:26:7c:e7:99:aa:ff:de:2f: 57:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:A2:9A:CD:CD:56:08:BE:E9:4F:77:94:4E:39:2B:11:56:B0:E2:94 X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Q6Kazc1WCL7pT3eUTjkrEVaw4pQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.194.232.0/22 Signature Algorithm: sha256WithRSAEncryption 95:06:29:f4:33:af:eb:5f:db:51:23:da:55:c5:17:86:9b:1f: 8c:27:ad:85:3e:da:45:ed:b7:32:c5:0d:93:d3:f0:fa:e0:c9: a9:ba:40:76:31:a4:4b:df:d3:94:78:94:4d:eb:59:fc:05:20: d0:44:6c:18:6d:40:bb:ea:b5:ed:cb:b6:9f:3b:76:32:df:16: 27:ce:11:a3:b4:3f:79:93:9a:8d:80:d2:55:df:73:2d:7a:7a: 40:89:13:0c:21:a6:fa:90:77:7f:75:e2:85:21:ff:0a:14:6f: 40:49:a4:f0:53:86:dd:21:05:65:0c:33:b7:72:be:5a:5b:75: 0b:d1:9d:ca:f6:95:36:2e:2c:88:d9:79:41:e3:e7:c1:97:45: 9f:e4:df:78:1d:0d:f6:71:32:29:3a:32:70:2d:d4:e5:84:69: 30:4c:0b:1a:e3:cf:15:ff:9f:10:56:e8:49:83:f5:25:3b:33: 4f:08:8f:5d:1b:70:f2:95:9e:60:a9:7c:9d:fe:c2:75:2f:f5: c3:27:e0:4f:5c:f6:89:7d:51:8d:e6:44:6a:58:76:fd:6b:39: 1d:65:d4:73:6f:32:82:71:9f:65:ca:56:9c:53:10:06:5f:c3: 5c:6b:44:ed:f8:b9:23:38:7f:a8:0e:73:21:35:36:a7:a2:db: 75:89:8d:46 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICN/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTA4MjIw ODQ0NTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQzQTI5QUNEQ0Q1NjA4 QkVFOTRGNzc5NDRFMzkyQjExNTZCMEUyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRsez/5b7xVYhX77rPmaK6tsTt6t0SwYr9o4Bv7wDA1ELb+juL qatjZ0KlhcMt/yQfqRI6rHkxTXJmrbz0Gv7dyIP7qh7UmVlvXEAv/FsQvvs0kVJY wTomBgO/E72fW00GZBXXguAYe19OGdiTONd5E5rDhHmeZt2Fmy6qjvgocntLNJNJ xDQO5+u+/OSx1thizhCb9FRi13Muq5Wjy4XdXt5rCLrpsIw6zonMRbeoOsKOO1As wzF5A2RYdW1c7XHLO/l4pwi9j5GW2Zm6mC3SRQ6zsXvZ7LozjwQYCMc/AvxBS6MC 4zpQBKNWU25El5KoI+85iuYmfOeZqv/eL1crAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUQ6Kazc1WCL7pT3eUTjkrEVaw4pQwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1E2S2F6YzFXQ0w3cFQzZVVU amtyRVZhdzRwUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7 wugwDQYJKoZIhvcNAQELBQADggEBAJUGKfQzr+tf21Ej2lXFF4abH4wnrYU+2kXt tzLFDZPT8Prgyam6QHYxpEvf05R4lE3rWfwFINBEbBhtQLvqte3Ltp87djLfFifO EaO0P3mTmo2A0lXfcy16ekCJEwwhpvqQd3914oUh/woUb0BJpPBTht0hBWUMM7dy vlpbdQvRncr2lTYuLIjZeUHj58GXRZ/k33gdDfZxMik6MnAt1OWEaTBMCxrjzxX/ nxBW6EmD9SU7M08Ij10bcPKVnmCpfJ3+wnUv9cMn4E9c9ol9UY3mRGpYdv1rOR1l 1HNvMoJxn2XKVpxTEAZfw1xrRO34uSM4f6gOcyE1Nqei23WJjUY= -----END CERTIFICATE-----Generated at Sun Aug 24 07:29:34 2025 by rpki-client