$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/AFcm7pM8j5ejCMlAh-5j8-sOEbc.roa File: AFcm7pM8j5ejCMlAh-5j8-sOEbc.roa (raw, json) Hash identifier: rW1JSOnwV0njBGop5mlA7nJRWoQdJziVa3ds1Te44jo= Subject key identifier: 00:57:26:EE:93:3C:8F:97:A3:08:C9:40:87:EE:63:F3:EB:0E:11:B7 Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 1493 Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/AFcm7pM8j5ejCMlAh-5j8-sOEbc.roa Signing time: Tue 16 Sep 2025 07:18:04 +0000 ROA not before: Tue 16 Sep 2025 07:18:04 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 1659 IP address blocks: 101.102.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 22:26:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5267 (0x1493) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Sep 16 07:18:04 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=005726EE933C8F97A308C94087EE63F3EB0E11B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:70:55:0f:75:3d:fb:90:71:fc:eb:61:49:83: b8:fe:50:7b:6a:9f:4b:ab:5a:c9:6e:45:88:f7:ce: 97:9b:44:b3:28:01:d0:b8:cf:aa:ad:f5:96:4a:c8: 83:a3:8f:35:80:ba:8e:8d:93:e0:56:0e:fa:63:7e: c4:28:67:a6:00:16:a6:85:7d:cf:88:a5:eb:6e:a7: a1:91:f1:94:06:09:fc:91:f8:92:22:12:e6:db:b6: 49:a0:de:de:a9:fe:af:4f:3e:7c:c1:e9:48:43:a3: 9f:58:48:6a:45:d7:dd:87:e1:c6:d7:ae:cb:cb:6c: 88:3b:9d:72:67:19:86:12:98:c2:14:21:92:40:52: d8:0b:81:0b:48:b5:8c:eb:ef:70:1c:db:ad:13:d9: 54:a1:e4:5f:e0:84:8e:74:2c:d2:85:98:dd:13:da: 32:2f:c7:f3:0c:c0:18:2a:d7:d7:c4:90:03:17:b9: d7:1e:3d:4b:ad:1e:5b:25:56:c3:17:d9:e0:ef:1a: 86:0b:9f:01:bf:b3:78:8b:e7:a4:e9:4b:25:02:c1: 59:b2:48:da:e4:69:92:db:b1:b9:a4:f6:83:a7:ed: ef:09:b3:8a:3c:6c:00:80:26:0d:46:f6:23:2a:58: 7c:07:d0:f3:c9:fa:76:1b:15:b0:e4:64:e2:35:16: 17:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:57:26:EE:93:3C:8F:97:A3:08:C9:40:87:EE:63:F3:EB:0E:11:B7 X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/AFcm7pM8j5ejCMlAh-5j8-sOEbc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.102.103.0/24 Signature Algorithm: sha256WithRSAEncryption 88:02:63:62:86:ea:a9:50:98:0f:ad:ed:f0:aa:b5:0d:68:a9: c7:0d:7e:55:df:2d:6b:39:87:b4:c5:9f:ea:a3:3f:7b:39:20: f4:23:d3:51:50:69:d3:2c:b0:da:f4:02:bd:e6:eb:b1:dd:f3: 9a:74:6e:70:10:0c:18:30:46:27:cf:52:00:55:e4:bc:24:59: bf:19:14:8b:8d:32:e9:7f:07:4d:ce:3f:38:7d:0d:ae:36:ff: 95:a3:91:e6:3d:7b:3a:3c:71:95:1b:d7:0e:67:19:ad:0d:ef: 08:0d:91:7f:d9:c8:02:bb:87:2d:64:6b:3f:16:ea:13:32:51: c9:88:8d:cd:1a:55:e3:4b:45:69:a8:ad:31:17:fc:b2:65:c8: fb:1a:6c:b9:29:ed:7d:ed:36:8a:85:c4:23:74:fd:79:68:31: ca:92:7a:32:5b:99:5c:be:b4:97:0d:47:d3:ec:f0:f1:da:8c: 7a:fe:51:a2:9b:2e:e8:7f:c3:22:3c:c1:3f:9a:03:3e:24:e7: c0:22:c7:45:79:0e:03:c4:8e:7b:e5:95:1e:a2:55:a8:7a:47: c4:1f:17:61:47:eb:b3:b2:9c:04:7a:a4:51:a5:4e:29:c9:9e: 84:cb:a2:f8:d7:ba:12:70:f2:e1:a1:d6:04:59:40:87:11:8f: f0:88:de:08 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICFJMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTA5MTYw NzE4MDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDAwNTcyNkVFOTMzQzhG OTdBMzA4Qzk0MDg3RUU2M0YzRUIwRTExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkcFUPdT37kHH862FJg7j+UHtqn0urWsluRYj3zpebRLMoAdC4 z6qt9ZZKyIOjjzWAuo6Nk+BWDvpjfsQoZ6YAFqaFfc+Ipetup6GR8ZQGCfyR+JIi Eubbtkmg3t6p/q9PPnzB6UhDo59YSGpF192H4cbXrsvLbIg7nXJnGYYSmMIUIZJA UtgLgQtItYzr73Ac260T2VSh5F/ghI50LNKFmN0T2jIvx/MMwBgq19fEkAMXudce PUutHlslVsMX2eDvGoYLnwG/s3iL56TpSyUCwVmySNrkaZLbsbmk9oOn7e8Js4o8 bACAJg1G9iMqWHwH0PPJ+nYbFbDkZOI1FhdTAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUAFcm7pM8j5ejCMlAh+5j8+sOEbcwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9BRmNtN3BNOGo1ZWpDTWxBaC01 ajgtc09FYmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZWZn MA0GCSqGSIb3DQEBCwUAA4IBAQCIAmNihuqpUJgPre3wqrUNaKnHDX5V3y1rOYe0 xZ/qoz97OSD0I9NRUGnTLLDa9AK95uux3fOadG5wEAwYMEYnz1IAVeS8JFm/GRSL jTLpfwdNzj84fQ2uNv+Vo5HmPXs6PHGVG9cOZxmtDe8IDZF/2cgCu4ctZGs/FuoT MlHJiI3NGlXjS0VpqK0xF/yyZcj7Gmy5Ke197TaKhcQjdP15aDHKknoyW5lcvrSX DUfT7PDx2ox6/lGimy7of8MiPME/mgM+JOfAIsdFeQ4DxI575ZUeolWoekfEHxdh R+uzspwEeqRRpU4pyZ6Ey6L417oScPLhodYEWUCHEY/wiN4I -----END CERTIFICATE-----Generated at Mon Oct 20 19:51:03 2025 by rpki-client