$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/do5aQHxikorEcfYoM3XS8wqATeo.roa File: do5aQHxikorEcfYoM3XS8wqATeo.roa (raw, json) Hash identifier: 33gjwzDbmtgTb1MGqAiAKqqVLwPOrMXvGYb4+jLvmf8= Subject key identifier: 76:8E:5A:40:7C:62:92:8A:C4:71:F6:28:33:75:D2:F3:0A:80:4D:EA Certificate issuer: /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214 Certificate serial: 0DEF Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/do5aQHxikorEcfYoM3XS8wqATeo.roa Signing time: Fri 22 Aug 2025 08:52:12 +0000 ROA not before: Fri 22 Aug 2025 08:52:12 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18018 IP address blocks: 61.58.34.0/25 maxlen: 25 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3567 (0xdef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214 Validity Not Before: Aug 22 08:52:12 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=768E5A407C62928AC471F6283375D2F30A804DEA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:29:53:10:32:dd:5f:c7:74:31:9b:72:1c:c8: 02:81:dc:31:10:c8:9d:1d:de:84:6a:2f:b4:04:74: 93:2d:3f:d9:61:d2:1d:69:fd:fa:27:8f:66:b7:3a: ef:11:10:eb:67:7e:50:7b:ac:79:e6:eb:0f:42:6f: 11:a8:aa:53:18:53:67:af:cb:53:12:b2:e7:e4:a9: 8f:39:e3:03:05:a6:fa:ca:46:3d:1e:6d:ac:21:9c: 11:aa:cb:bc:fd:06:41:22:3d:4c:97:db:51:b6:cf: 46:24:ae:7e:be:ec:c4:89:f4:49:27:77:17:7b:03: db:c5:9d:ba:24:e9:eb:eb:17:77:ec:60:1d:2f:ef: 12:9c:95:68:50:28:98:b9:f1:eb:03:b0:11:c6:60: bd:93:de:38:6d:f3:d7:1c:49:7b:99:f6:a2:39:db: 7b:74:cb:28:58:27:d5:91:4d:c3:a5:1b:0d:45:47: d5:bb:33:05:41:a3:19:14:96:9b:73:8d:da:e8:65: b5:09:3c:f8:dd:5c:8e:7b:1a:3c:50:1d:d8:03:08: 43:17:b3:7e:60:dd:4f:14:2e:76:a5:ee:ec:cf:28: ec:a1:5a:a7:84:db:37:bf:94:d7:ff:5a:72:fd:e8: 53:ff:0a:b0:e1:8a:b3:79:af:df:0f:16:7f:94:32: d0:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:8E:5A:40:7C:62:92:8A:C4:71:F6:28:33:75:D2:F3:0A:80:4D:EA X509v3 Authority Key Identifier: keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/do5aQHxikorEcfYoM3XS8wqATeo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.58.34.0/25 Signature Algorithm: sha256WithRSAEncryption 33:fe:18:3b:91:c1:92:9d:fa:c7:29:1d:50:2d:d8:59:45:45: 33:5e:80:0c:25:43:2a:0f:a3:65:02:fa:16:b1:18:22:4f:ba: 4f:49:76:98:87:42:87:8b:08:e7:fd:ff:cb:51:ac:d3:8f:3d: 0b:a3:aa:8e:d5:44:7f:c0:59:76:8d:7b:00:ec:3b:b1:f6:92: 42:fc:81:ee:b7:5a:fb:0c:54:b8:27:89:3d:7e:6d:38:95:82: 56:d7:53:1b:6d:72:db:8d:06:07:be:fa:fb:8c:f4:34:b0:df: 43:18:9a:ca:e0:6a:b4:61:ac:1d:52:3d:e3:06:eb:9f:51:8b: f7:db:1c:e5:52:ae:ee:dd:eb:82:66:8c:e0:a8:fd:60:4c:c1: f4:26:39:7c:f1:6b:0d:79:3a:46:95:8a:1b:ae:af:d6:3c:17: 89:76:2d:f6:f1:f2:59:6a:54:7e:c7:e2:78:b9:b8:51:c0:0b: 37:77:c6:36:f7:21:59:00:59:71:00:56:78:6b:ce:04:d5:62: ac:34:b1:18:bf:64:7b:c7:f4:e6:50:ce:da:85:52:20:a3:ac: 73:de:5c:c9:e9:47:60:5f:c6:ad:35:1a:33:f4:67:e1:87:63: 05:99:b7:0b:50:27:93:1f:7e:4d:4f:05:5a:21:ba:57:dc:b7: 51:52:0f:77 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICDe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yNTA4MjIw ODUyMTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDc2OEU1QTQwN0M2Mjky OEFDNDcxRjYyODMzNzVEMkYzMEE4MDRERUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5KVMQMt1fx3Qxm3IcyAKB3DEQyJ0d3oRqL7QEdJMtP9lh0h1p /fonj2a3Ou8REOtnflB7rHnm6w9CbxGoqlMYU2evy1MSsufkqY854wMFpvrKRj0e bawhnBGqy7z9BkEiPUyX21G2z0Ykrn6+7MSJ9Ekndxd7A9vFnbok6evrF3fsYB0v 7xKclWhQKJi58esDsBHGYL2T3jht89ccSXuZ9qI523t0yyhYJ9WRTcOlGw1FR9W7 MwVBoxkUlptzjdroZbUJPPjdXI57GjxQHdgDCEMXs35g3U8ULnal7uzPKOyhWqeE 2ze/lNf/WnL96FP/CrDhirN5r98PFn+UMtDdAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQUdo5aQHxikorEcfYoM3XS8wqATeowHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9kbzVhUUh4aWtvckVjZllvTTNY Uzh3cUFUZW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHPToi ADANBgkqhkiG9w0BAQsFAAOCAQEAM/4YO5HBkp36xykdUC3YWUVFM16ADCVDKg+j ZQL6FrEYIk+6T0l2mIdCh4sI5/3/y1Gs0489C6OqjtVEf8BZdo17AOw7sfaSQvyB 7rda+wxUuCeJPX5tOJWCVtdTG21y240GB776+4z0NLDfQxiayuBqtGGsHVI94wbr n1GL99sc5VKu7t3rgmaM4Kj9YEzB9CY5fPFrDXk6RpWKG66v1jwXiXYt9vHyWWpU fsfieLm4UcALN3fGNvchWQBZcQBWeGvOBNVirDSxGL9ke8f05lDO2oVSIKOsc95c yelHYF/GrTUaM/Rn4YdjBZm3C1Ankx9+TU8FWiG6V9y3UVIPdw== -----END CERTIFICATE-----Generated at Sun Aug 24 09:43:28 2025 by rpki-client