$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nX3TPzMYAzYCkMHWWINfRaaTKwA.roa File: nX3TPzMYAzYCkMHWWINfRaaTKwA.roa (raw, json) Hash identifier: 1tyv8Wk/90YulcPbXuG4t73MYfd7gzVCXPwuTWnIPPg= Subject key identifier: 9D:7D:D3:3F:33:18:03:36:02:90:C1:D6:58:83:5F:45:A6:93:2B:00 Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A Certificate serial: 273D Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nX3TPzMYAzYCkMHWWINfRaaTKwA.roa Signing time: Fri 22 Aug 2025 08:43:41 +0000 ROA not before: Fri 22 Aug 2025 08:43:41 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24164 IP address blocks: 49.159.16.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10045 (0x273d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08469E113701815993013E13E548A2B340E44E0A Validity Not Before: Aug 22 08:43:41 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=9D7DD33F331803360290C1D658835F45A6932B00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:0a:d5:be:f8:f3:24:66:27:0d:f5:69:b4:dd: 40:12:6f:62:a2:2c:d0:14:75:16:04:1a:9b:52:1f: 68:a9:3b:5a:04:40:a4:84:dc:1e:cd:1f:24:ec:87: 4c:c5:99:7b:26:6f:65:74:72:dd:44:07:3c:0f:d1: 95:40:e2:56:52:04:b3:b1:9f:b5:fe:f1:75:8e:3e: 98:ad:53:57:bd:09:f8:6f:62:ca:14:20:f3:54:85: e7:3b:c9:af:04:9e:7b:3b:ea:f9:d0:53:53:27:71: 10:65:2c:df:b4:32:ca:1b:3c:a7:22:f2:1d:fb:05: f3:49:75:29:4e:21:91:a7:70:14:3c:26:be:6d:74: 2e:07:0b:5b:a3:5b:54:1b:b7:5e:1d:ae:52:3b:36: 12:33:3f:5b:85:cd:29:af:4a:62:dc:df:3f:2f:0e: 80:38:2e:f9:9e:10:69:0d:1b:e9:29:8d:fc:f0:71: 15:ed:d6:6e:9e:35:26:b3:a6:11:fe:84:d3:bb:d8: d6:12:67:90:3b:3a:21:e7:44:a4:42:2f:a9:63:a7: 84:81:8d:5d:43:7d:96:eb:c9:5a:dc:6b:85:4c:8d: af:7c:1b:6f:1c:db:ab:d6:73:c2:90:8d:e5:cc:6c: c6:e7:12:4f:52:53:31:4b:a2:c0:48:88:b8:c7:17: 69:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:7D:D3:3F:33:18:03:36:02:90:C1:D6:58:83:5F:45:A6:93:2B:00 X509v3 Authority Key Identifier: keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/nX3TPzMYAzYCkMHWWINfRaaTKwA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.159.16.0/21 Signature Algorithm: sha256WithRSAEncryption 75:12:c4:fd:80:86:70:a0:4e:20:ed:64:fb:cb:88:04:f7:a3: 49:73:9a:56:b3:8e:da:ab:4d:a0:d3:ec:f3:6b:1f:d1:5a:bc: 04:1d:8d:ef:b9:a6:5e:f9:59:d0:d8:db:eb:b9:4e:8f:fe:0c: db:57:a7:3a:08:81:67:7b:81:b8:3e:f8:5c:78:b2:b6:a0:b7: ac:51:55:28:d5:f2:06:19:71:5c:35:aa:ba:c3:3c:e1:81:10: 93:37:36:e1:27:76:af:47:51:c5:d5:7e:0b:95:40:8a:55:53: 47:e1:45:1f:2f:35:fd:d0:0f:39:dd:d7:00:30:06:cd:47:61: 86:ff:7f:13:b0:53:dc:34:be:98:d8:de:56:b3:4e:c4:84:f4: e5:9a:f5:62:9c:d6:1c:76:6f:73:d5:50:bf:e5:63:df:dc:5e: 9e:18:d1:34:a7:04:b2:0a:2b:83:72:22:bc:ba:9d:45:64:fd: 3d:d4:47:ab:29:28:8d:b7:bd:63:39:5c:bd:7b:6a:b5:de:50: 0a:2b:b1:93:bc:97:df:a1:3b:c2:f1:6b:96:f9:10:27:8b:29: 6e:c7:2d:58:44:df:96:74:87:55:27:be:e9:95:74:db:3e:e0: 08:9c:d7:39:4e:5f:5e:42:ce:f9:6b:d0:8b:d9:83:ae:7d:89: a1:87:e1:0e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICJz0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0 NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNTA4MjIw ODQzNDFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDlEN0REMzNGMzMxODAz MzYwMjkwQzFENjU4ODM1RjQ1QTY5MzJCMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVCtW++PMkZicN9Wm03UASb2KiLNAUdRYEGptSH2ipO1oEQKSE 3B7NHyTsh0zFmXsmb2V0ct1EBzwP0ZVA4lZSBLOxn7X+8XWOPpitU1e9CfhvYsoU IPNUhec7ya8Enns76vnQU1MncRBlLN+0MsobPKci8h37BfNJdSlOIZGncBQ8Jr5t dC4HC1ujW1Qbt14drlI7NhIzP1uFzSmvSmLc3z8vDoA4LvmeEGkNG+kpjfzwcRXt 1m6eNSazphH+hNO72NYSZ5A7OiHnRKRCL6ljp4SBjV1DfZbryVrca4VMja98G28c 26vWc8KQjeXMbMbnEk9SUzFLosBIiLjHF2kDAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUnX3TPzMYAzYCkMHWWINfRaaTKwAwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T 5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL25YM1RQek1ZQXpZQ2tNSFdX SU5mUmFhVEt3QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx nxAwDQYJKoZIhvcNAQELBQADggEBAHUSxP2AhnCgTiDtZPvLiAT3o0lzmlazjtqr TaDT7PNrH9FavAQdje+5pl75WdDY2+u5To/+DNtXpzoIgWd7gbg++Fx4sragt6xR VSjV8gYZcVw1qrrDPOGBEJM3NuEndq9HUcXVfguVQIpVU0fhRR8vNf3QDznd1wAw Bs1HYYb/fxOwU9w0vpjY3lazTsSE9OWa9WKc1hx2b3PVUL/lY9/cXp4Y0TSnBLIK K4NyIry6nUVk/T3UR6spKI23vWM5XL17arXeUAorsZO8l9+hO8Lxa5b5ECeLKW7H LVhE35Z0h1UnvumVdNs+4Aic1zlOX15Czvlr0IvZg659iaGH4Q4= -----END CERTIFICATE-----Generated at Sun Aug 24 11:37:41 2025 by rpki-client