$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KffItYQ9c6dBcsGd8PqC-msmn1I.roa File: KffItYQ9c6dBcsGd8PqC-msmn1I.roa (raw, json) Hash identifier: 8wCf21Tr3UAUlvNVTjdKbanoxLBpqxHxEYnvuJ+3fBA= Subject key identifier: 29:F7:C8:B5:84:3D:73:A7:41:72:C1:9D:F0:FA:82:FA:6B:26:9F:52 Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A Certificate serial: 264D Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KffItYQ9c6dBcsGd8PqC-msmn1I.roa Signing time: Fri 22 Aug 2025 08:42:47 +0000 ROA not before: Fri 22 Aug 2025 08:42:47 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24164 IP address blocks: 49.159.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9805 (0x264d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08469E113701815993013E13E548A2B340E44E0A Validity Not Before: Aug 22 08:42:47 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=29F7C8B5843D73A74172C19DF0FA82FA6B269F52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:0d:cb:f1:ba:62:8b:09:7b:09:82:d3:b3:fc: b4:f7:88:9c:5e:4d:06:d5:3c:5e:ad:b0:2e:c8:57: 6c:a0:81:71:a8:a0:5f:c0:66:e4:1d:67:0f:12:be: 6a:5e:df:20:93:a4:18:1f:df:a1:a9:ae:25:96:cb: a0:cd:01:bd:86:ca:19:f7:c1:1f:25:f5:7e:00:75: 7b:de:68:ea:ca:f5:28:85:06:92:e0:2d:14:d4:e4: f0:2c:e3:9f:58:df:28:82:06:38:9a:a4:7f:6c:06: 0d:da:75:ef:96:5d:93:0a:54:d7:c4:c6:e9:74:b1: f7:6c:7f:c0:8a:b5:c0:b5:3c:5a:a4:c3:e8:f9:9a: e2:79:00:ec:50:b5:81:4d:b1:71:da:2d:00:4d:cd: f2:4a:fc:5f:19:ee:56:30:a4:57:d2:82:66:c7:72: 6f:d3:f2:61:73:31:15:de:27:b2:9e:01:ce:f5:f2: d4:93:87:a2:6b:89:41:34:80:d4:64:45:0e:a8:91: a1:3e:24:a2:29:9b:a8:8e:13:ab:03:e2:d3:89:c8: 7c:f2:43:12:dc:55:1e:34:0d:4d:89:d8:bb:36:ed: b6:7a:71:bf:d9:26:55:06:ab:0f:b5:38:2e:d2:05: da:a4:97:c5:c1:e0:41:00:22:f9:74:4e:c7:bc:be: 1c:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:F7:C8:B5:84:3D:73:A7:41:72:C1:9D:F0:FA:82:FA:6B:26:9F:52 X509v3 Authority Key Identifier: keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/KffItYQ9c6dBcsGd8PqC-msmn1I.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.159.240.0/21 Signature Algorithm: sha256WithRSAEncryption 3a:6a:c3:ee:e6:dc:58:ba:68:bd:21:22:b1:b3:6f:0e:fb:47: 44:1b:1a:e3:6e:99:30:ff:25:2a:9c:76:f5:33:82:5a:24:83: 10:f2:1f:2c:2f:1e:e7:2a:c5:93:72:0a:1b:0d:ee:97:5f:6f: c5:b0:e1:b3:79:b6:50:77:a9:2d:cf:75:05:9d:3a:ab:f7:66: 8b:13:3d:1f:2f:62:fe:14:71:7e:04:90:07:70:c6:30:71:1d: 28:ac:05:0e:ea:8b:8b:4a:f9:a9:4c:13:89:ce:76:13:51:da: e7:e0:b7:1c:4e:4a:71:7d:27:8b:23:70:0b:ff:3c:c4:01:86: 23:2b:4f:fc:8f:0e:1a:72:15:f6:50:4d:ea:91:41:a4:94:b4: a1:9c:47:9f:27:29:3f:2b:b8:69:a8:97:3d:08:8c:ab:05:a5: 9f:aa:f9:ac:ec:48:17:5e:01:63:c8:03:80:db:05:47:6c:66: 49:a0:52:f8:59:67:dd:82:14:17:ad:78:99:cd:b6:fc:90:8a: 8f:6d:1c:c5:35:2f:24:53:ee:ae:02:c9:c3:77:62:91:39:b4: cc:67:5e:77:f3:aa:47:75:cd:63:4d:80:2d:06:e9:6d:9a:b0: f8:55:2e:2d:a7:aa:39:46:b8:f2:31:de:6e:06:ba:8b:e8:f5: ea:d7:c7:2c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICJk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0 NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNTA4MjIw ODQyNDdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDI5RjdDOEI1ODQzRDcz QTc0MTcyQzE5REYwRkE4MkZBNkIyNjlGNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNDcvxumKLCXsJgtOz/LT3iJxeTQbVPF6tsC7IV2yggXGooF/A ZuQdZw8Svmpe3yCTpBgf36GpriWWy6DNAb2Gyhn3wR8l9X4AdXveaOrK9SiFBpLg LRTU5PAs459Y3yiCBjiapH9sBg3ade+WXZMKVNfExul0sfdsf8CKtcC1PFqkw+j5 muJ5AOxQtYFNsXHaLQBNzfJK/F8Z7lYwpFfSgmbHcm/T8mFzMRXeJ7KeAc718tST h6JriUE0gNRkRQ6okaE+JKIpm6iOE6sD4tOJyHzyQxLcVR40DU2J2Ls27bZ6cb/Z JlUGqw+1OC7SBdqkl8XB4EEAIvl0Tse8vhzTAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUKffItYQ9c6dBcsGd8PqC+msmn1IwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T 5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0tmZkl0WVE5YzZkQmNzR2Q4 UHFDLW1zbW4xSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx n/AwDQYJKoZIhvcNAQELBQADggEBADpqw+7m3Fi6aL0hIrGzbw77R0QbGuNumTD/ JSqcdvUzglokgxDyHywvHucqxZNyChsN7pdfb8Ww4bN5tlB3qS3PdQWdOqv3ZosT PR8vYv4UcX4EkAdwxjBxHSisBQ7qi4tK+alME4nOdhNR2ufgtxxOSnF9J4sjcAv/ PMQBhiMrT/yPDhpyFfZQTeqRQaSUtKGcR58nKT8ruGmolz0IjKsFpZ+q+azsSBde AWPIA4DbBUdsZkmgUvhZZ92CFBeteJnNtvyQio9tHMU1LyRT7q4CycN3YpE5tMxn Xnfzqkd1zWNNgC0G6W2asPhVLi2nqjlGuPIx3m4Guovo9erXxyw= -----END CERTIFICATE-----Generated at Sun Aug 24 11:37:16 2025 by rpki-client