$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/NwLdPXb7O2jdLea5-uucfn3xtlM.roa File: NwLdPXb7O2jdLea5-uucfn3xtlM.roa (raw, json) Hash identifier: nyiTnh0Hs5Q4JqZc9fdFlAInCK/uXvS0qANIfW2m1yM= Subject key identifier: 37:02:DD:3D:76:FB:3B:68:DD:2D:E6:B9:FA:EB:9C:7E:7D:F1:B6:53 Certificate issuer: /CN=C28F57324E766BC5E9FA99C4D7AD4C40D3958FC6 Certificate serial: 0D4F Authority key identifier: C2:8F:57:32:4E:76:6B:C5:E9:FA:99:C4:D7:AD:4C:40:D3:95:8F:C6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/NwLdPXb7O2jdLea5-uucfn3xtlM.roa Signing time: Fri 22 Aug 2025 08:48:52 +0000 ROA not before: Fri 22 Aug 2025 08:48:52 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 133955 IP address blocks: 223.165.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3407 (0xd4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C28F57324E766BC5E9FA99C4D7AD4C40D3958FC6 Validity Not Before: Aug 22 08:48:52 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3702DD3D76FB3B68DD2DE6B9FAEB9C7E7DF1B653 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ef:1c:b4:2c:ce:df:ec:67:96:c8:eb:0b:0e: b0:28:f7:2a:f5:11:14:d0:c7:a3:ff:dd:9d:da:0d: a2:80:01:a9:65:1d:fd:76:96:c1:c7:ee:26:93:35: 10:eb:9c:e5:fe:25:d3:08:d7:9f:c2:85:b2:9f:aa: e7:5d:10:4a:2a:ac:37:4b:40:1b:d9:56:94:0c:18: 79:67:ac:19:e7:f1:3a:32:db:81:d3:2e:20:c1:2e: 5b:52:4d:fd:cf:9f:c9:a1:1f:85:04:1b:60:22:ce: 31:11:7f:75:72:71:7d:7d:1f:ce:2c:dc:c1:6a:85: b6:81:56:29:2e:5a:72:c5:e0:40:88:6e:11:de:75: 7d:5a:32:68:b9:a3:0e:df:ca:95:4c:11:67:3d:a1: 46:41:b9:ba:e0:ac:cc:ab:13:f5:c1:ee:47:83:a1: 5e:f7:90:1f:69:71:70:8e:b4:d9:73:9d:fb:71:4c: c6:77:77:70:e8:f5:fc:ff:fe:b4:d9:d4:b6:59:b4: 0f:8f:46:37:16:3a:ae:f9:f2:0f:ba:cf:17:b4:df: 23:37:ce:83:82:00:06:7a:ba:65:40:37:38:1a:7d: 9a:99:72:bc:75:06:b7:74:05:ee:4d:af:33:1f:74: 31:1c:28:c2:53:eb:79:a9:4e:b5:ea:f2:4e:f3:36: fb:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:02:DD:3D:76:FB:3B:68:DD:2D:E6:B9:FA:EB:9C:7E:7D:F1:B6:53 X509v3 Authority Key Identifier: keyid:C2:8F:57:32:4E:76:6B:C5:E9:FA:99:C4:D7:AD:4C:40:D3:95:8F:C6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/NwLdPXb7O2jdLea5-uucfn3xtlM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.165.12.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:b6:4b:ba:4e:b3:fb:e2:9c:e1:5f:ab:8c:de:b1:c4:0a:2f: cd:9f:93:00:dc:dc:76:6d:fb:38:c6:f4:68:47:50:2d:bb:c5: 22:25:c9:5d:8e:41:0c:a6:de:be:e0:b0:a4:d7:79:d0:52:09: 24:f7:c2:e1:2c:f4:70:3a:0d:56:eb:7e:05:3f:31:cc:2c:70: 37:0d:c8:b9:f3:fc:9e:09:d8:0b:25:a1:c0:71:14:ff:cc:e2: a7:e1:f2:14:24:41:7f:98:ee:73:b7:74:0c:e5:37:d3:d2:d9: ac:95:23:39:d5:b4:da:aa:ef:f6:98:df:22:9d:4c:82:ab:1b: 11:a3:21:07:31:f5:05:46:41:d1:61:e9:42:76:ae:ec:23:f0: 9f:9e:7d:24:3e:c5:19:7f:5b:b8:6c:f4:6c:57:59:f9:76:45: 79:0c:11:5f:df:99:ad:4e:6b:6b:5f:9c:0b:53:a2:59:7f:0c: b3:7b:5b:09:4e:2c:10:80:a3:00:1a:25:39:5f:6d:85:f5:c0: 45:09:6f:49:dc:a0:ee:85:09:fd:a6:6c:b0:47:ae:07:cf:0b: 17:46:ec:e2:c9:7a:d4:64:59:dc:07:4b:6b:59:32:a3:36:ba: 14:35:88:8e:c2:43:ce:5b:57:64:3b:5b:dc:27:d7:cc:1a:ff: 0f:d3:55:55 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDU8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzI4 RjU3MzI0RTc2NkJDNUU5RkE5OUM0RDdBRDRDNDBEMzk1OEZDNjAeFw0yNTA4MjIw ODQ4NTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM3MDJERDNENzZGQjNC NjhERDJERTZCOUZBRUI5QzdFN0RGMUI2NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCh7xy0LM7f7GeWyOsLDrAo9yr1ERTQx6P/3Z3aDaKAAallHf12 lsHH7iaTNRDrnOX+JdMI15/ChbKfquddEEoqrDdLQBvZVpQMGHlnrBnn8Toy24HT LiDBLltSTf3Pn8mhH4UEG2AizjERf3VycX19H84s3MFqhbaBVikuWnLF4ECIbhHe dX1aMmi5ow7fypVMEWc9oUZBubrgrMyrE/XB7keDoV73kB9pcXCOtNlznftxTMZ3 d3Do9fz//rTZ1LZZtA+PRjcWOq758g+6zxe03yM3zoOCAAZ6umVANzgafZqZcrx1 Brd0Be5NrzMfdDEcKMJT63mpTrXq8k7zNvvlAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUNwLdPXb7O2jdLea5+uucfn3xtlMwHwYDVR0jBBgwFoAUwo9XMk52a8Xp+pnE 161MQNOVj8YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdELUNP TS1UVy93bzlYTWs1MmE4WHAtcG5FMTYxTVFOT1ZqOFkuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL3dvOVhNazUyYThYcC1wbkUxNjFNUU5PVmo4WS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXRC1DT00tVFcvTndMZFBYYjdP MmpkTGVhNS11dWNmbjN4dGxNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAN+lDDANBgkqhkiG9w0BAQsFAAOCAQEAi7ZLuk6z++Kc4V+rjN6xxAov zZ+TANzcdm37OMb0aEdQLbvFIiXJXY5BDKbevuCwpNd50FIJJPfC4Sz0cDoNVut+ BT8xzCxwNw3IufP8ngnYCyWhwHEU/8zip+HyFCRBf5juc7d0DOU309LZrJUjOdW0 2qrv9pjfIp1MgqsbEaMhBzH1BUZB0WHpQnau7CPwn559JD7FGX9buGz0bFdZ+XZF eQwRX9+ZrU5ra1+cC1OiWX8Ms3tbCU4sEICjABolOV9thfXARQlvSdyg7oUJ/aZs sEeuB88LF0bs4sl61GRZ3AdLa1kyoza6FDWIjsJDzltXZDtb3CfXzBr/D9NVVQ== -----END CERTIFICATE-----Generated at Sun Aug 24 09:05:53 2025 by rpki-client