$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/zTg77OMOdcR494fuKGWyC3ibeo8.roa File: zTg77OMOdcR494fuKGWyC3ibeo8.roa (raw, json) Hash identifier: l99UwEoY+POhD0O7Qe/9CBIhdyNdh7PiDbwR+1tjM/M= Subject key identifier: CD:38:3B:EC:E3:0E:75:C4:78:F7:87:EE:28:65:B2:0B:78:9B:7A:8F Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378 Certificate serial: 0DB5 Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/zTg77OMOdcR494fuKGWyC3ibeo8.roa Signing time: Fri 22 Aug 2025 08:58:04 +0000 ROA not before: Fri 22 Aug 2025 08:58:04 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38851 IP address blocks: 43.250.44.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3509 (0xdb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378 Validity Not Before: Aug 22 08:58:04 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=CD383BECE30E75C478F787EE2865B20B789B7A8F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d4:7b:ce:f2:a7:41:f0:85:1f:6e:91:b1:0d: a9:67:b8:6d:46:7e:2e:f1:43:69:3a:87:74:b4:30: 7a:38:b2:0f:c5:20:ec:08:63:c5:39:81:83:ca:4c: 66:80:7d:bc:dc:3a:42:af:55:67:c8:fd:ad:ca:68: cd:62:a9:aa:d9:d0:d9:70:0a:74:0b:86:21:be:6a: 4f:c8:6a:7d:8c:57:98:aa:84:14:e3:ac:10:ad:ab: fb:0c:94:da:bf:ab:30:8f:df:45:ee:5a:97:d5:f8: 46:0b:7f:24:56:22:3a:54:bb:f2:f3:10:fb:23:e4: dd:1c:4c:47:1c:09:e9:e1:3a:12:3a:72:92:d5:9a: 0b:b7:8c:6c:5d:d6:d2:17:de:18:98:4a:e3:d2:c0: ed:a8:90:c5:ae:84:f7:5f:67:f2:62:9d:bb:d7:58: 0d:4f:7f:8c:30:1d:57:64:f0:45:e8:45:b7:f6:68: 69:21:8c:77:0e:3b:99:c7:80:ae:a2:82:87:24:9d: eb:33:d7:88:1a:77:91:c1:c3:3a:51:94:1c:e2:14: 11:b2:68:7c:f1:b9:f4:39:b4:77:b9:94:40:ad:25: c9:66:fe:5c:d3:19:f2:17:2e:e8:52:f0:2a:f8:24: 27:56:e0:3f:90:ce:ea:46:61:67:d3:f7:be:45:3b: 11:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:38:3B:EC:E3:0E:75:C4:78:F7:87:EE:28:65:B2:0B:78:9B:7A:8F X509v3 Authority Key Identifier: keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/zTg77OMOdcR494fuKGWyC3ibeo8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.250.44.0/22 Signature Algorithm: sha256WithRSAEncryption 51:dc:9f:fa:19:68:e3:2b:e5:de:07:e3:3d:8d:6a:73:5d:57: d2:54:7f:08:b3:8e:72:48:26:79:c0:03:a3:3a:c4:6d:55:e2: 31:42:00:33:31:7e:ef:bd:1e:57:81:36:6e:2f:2d:d5:3d:b3: dc:32:aa:c1:3b:9d:fa:6c:93:ae:8c:43:1d:ef:1f:e0:55:10: e0:c2:57:08:44:67:f7:a4:d8:e3:eb:09:36:ee:ef:92:98:e3: 10:fb:58:56:29:8d:d4:b7:07:f3:fa:98:37:8c:c7:03:a2:70: 6c:de:ee:09:57:94:77:a9:fd:b5:bb:fc:28:97:19:8c:36:17: 60:98:f4:d0:be:a2:2c:bb:ef:98:df:9b:e8:82:57:56:e2:1e: 5a:a0:70:86:d5:9a:58:e5:4e:ec:25:85:6a:e1:e9:dc:19:9d: 78:67:2c:da:f2:79:61:bb:65:46:7c:94:04:f2:86:e8:76:f4: 14:65:eb:bd:c3:f7:6f:b4:cf:63:e7:09:2b:1f:27:51:91:9f: 33:d1:99:95:18:a0:a9:ac:3a:02:05:73:78:97:79:3b:de:cd: 4b:df:95:d9:fc:cb:a2:02:e8:d9:35:3f:71:d7:b7:fd:5f:98: 43:bd:af:75:99:31:60:8f:74:3c:0d:0b:b9:63:e3:70:73:d9: 3f:a6:3d:e3 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDbUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yNTA4MjIw ODU4MDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKENEMzgzQkVDRTMwRTc1 QzQ3OEY3ODdFRTI4NjVCMjBCNzg5QjdBOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCl1HvO8qdB8IUfbpGxDalnuG1Gfi7xQ2k6h3S0MHo4sg/FIOwI Y8U5gYPKTGaAfbzcOkKvVWfI/a3KaM1iqarZ0NlwCnQLhiG+ak/Ian2MV5iqhBTj rBCtq/sMlNq/qzCP30XuWpfV+EYLfyRWIjpUu/LzEPsj5N0cTEccCenhOhI6cpLV mgu3jGxd1tIX3hiYSuPSwO2okMWuhPdfZ/JinbvXWA1Pf4wwHVdk8EXoRbf2aGkh jHcOO5nHgK6igocknesz14gad5HBwzpRlBziFBGyaHzxufQ5tHe5lECtJclm/lzT GfIXLuhS8Cr4JCdW4D+QzupGYWfT975FOxELAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUzTg77OMOdcR494fuKGWyC3ibeo8wHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7 t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL3pUZzc3T01PZGNSNDk0ZnVLR1d5QzNp YmVvOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr+iwwDQYJ KoZIhvcNAQELBQADggEBAFHcn/oZaOMr5d4H4z2NanNdV9JUfwizjnJIJnnAA6M6 xG1V4jFCADMxfu+9HleBNm4vLdU9s9wyqsE7nfpsk66MQx3vH+BVEODCVwhEZ/ek 2OPrCTbu75KY4xD7WFYpjdS3B/P6mDeMxwOicGze7glXlHep/bW7/CiXGYw2F2CY 9NC+oiy775jfm+iCV1biHlqgcIbVmljlTuwlhWrh6dwZnXhnLNryeWG7ZUZ8lATy huh29BRl673D92+0z2PnCSsfJ1GRnzPRmZUYoKmsOgIFc3iXeTvezUvfldn8y6IC 6Nk1P3HXt/1fmEO9r3WZMWCPdDwNC7lj43Bz2T+mPeM= -----END CERTIFICATE-----Generated at Sun Aug 24 07:05:10 2025 by rpki-client