$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWINS/zdgg2m3lv0eYEAvAeVcQnxYFoIE.roa File: zdgg2m3lv0eYEAvAeVcQnxYFoIE.roa (raw, json) Hash identifier: /ijSoNKm4rHPVUrDGGb6GBMokahEw6Qod+JFL0vi5Qk= Subject key identifier: CD:D8:20:DA:6D:E5:BF:47:98:10:0B:C0:79:57:10:9F:16:05:A0:81 Certificate issuer: /CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791 Certificate serial: 0DB0 Authority key identifier: 61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/zdgg2m3lv0eYEAvAeVcQnxYFoIE.roa Signing time: Fri 11 Jul 2025 16:25:19 +0000 ROA not before: Fri 11 Jul 2025 16:25:19 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 204677 IP address blocks: 43.224.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 20:36:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3504 (0xdb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791 Validity Not Before: Jul 11 16:25:19 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CDD820DA6DE5BF4798100BC07957109F1605A081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:89:13:56:b4:55:be:9d:71:c3:35:8c:48:3f: ba:29:1c:ab:99:aa:3e:02:6a:41:02:f1:94:5f:d8: e3:a8:b4:b8:19:83:09:9c:b7:d2:7b:a9:3b:cf:2a: 07:3c:c6:ff:7f:54:7f:3c:06:8e:bd:18:7e:e7:e9: ee:54:70:bd:0c:fd:4b:4e:2d:9d:a9:30:4a:70:07: 2a:a9:b0:f2:36:00:fa:2c:d7:b8:32:25:47:02:e9: 81:2d:9a:51:9b:db:2c:b4:9d:1d:1e:6f:68:d7:44: 1d:57:1d:b5:2d:62:65:64:c2:57:5a:8c:60:08:c8: 81:30:c7:66:85:aa:53:f3:ee:b0:3a:a9:f5:29:81: e7:a6:95:0b:dd:3d:e2:17:17:08:e6:04:3b:3b:cc: 07:56:af:1e:c5:fb:2b:54:76:2f:36:02:73:e2:ac: 85:ec:0f:7d:fe:02:d5:94:8a:c9:b6:31:5a:d2:bd: 46:fe:8f:22:51:f7:b2:7e:3b:b5:df:f8:c0:d8:e5: e4:e2:73:29:5c:a8:0a:4e:61:63:30:a2:28:81:22: f1:e8:8c:0d:3e:7f:d7:44:5a:56:a2:0d:8e:c6:c2: 6a:af:d6:34:99:e9:77:09:4a:5a:f1:8a:41:1b:7c: 84:8e:bb:16:df:1a:be:f0:c5:cd:18:7d:47:ac:2f: 97:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:D8:20:DA:6D:E5:BF:47:98:10:0B:C0:79:57:10:9F:16:05:A0:81 X509v3 Authority Key Identifier: keyid:61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/zdgg2m3lv0eYEAvAeVcQnxYFoIE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.224.22.0/24 Signature Algorithm: sha256WithRSAEncryption 70:75:d0:d3:e8:e6:3d:40:9e:18:f7:36:fa:ed:8e:9b:3d:a9: e1:86:f9:ee:59:91:76:fb:02:6c:f2:00:3b:1a:16:af:f5:fb: 4b:41:b8:10:f2:d1:19:97:06:af:03:e5:48:12:34:1a:07:16: 7c:29:8b:85:be:16:1c:f1:20:b0:83:12:a3:4e:e5:3b:e1:4a: a8:4b:e8:15:64:c2:99:45:45:85:fd:6d:1f:d9:f0:d5:e5:ef: 0d:a7:9b:98:32:84:7d:6e:d1:e2:11:83:2a:85:25:6e:c4:82: 3b:23:94:05:81:24:f6:b3:4b:92:17:b5:73:c1:d1:2a:6e:e1: 9b:4a:a8:74:8c:fb:e8:5f:bb:93:8e:51:77:82:6f:37:cd:ce: f8:4d:41:47:06:e5:e0:d1:ca:cc:70:1e:a5:04:8b:79:72:aa: d9:3a:43:7d:e3:14:9e:63:ce:ec:f6:7c:51:40:5e:86:82:56: b7:97:fa:5c:9a:b3:eb:e9:ad:5e:5a:d7:4d:51:2d:d6:47:f8: 5b:04:6b:65:ba:8f:ef:94:05:cd:7c:3c:6a:d3:51:c5:b0:9f: e4:99:47:e2:b3:f4:55:aa:af:f8:ef:41:6f:3d:5b:7d:23:64: 41:7a:f6:40:5e:10:44:a5:a9:f6:df:04:d0:3a:35:c5:88:e8: fa:be:e0:c2 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE1 RjlCRDk4Q0M3MEU4ODM2RDAxQTk0ODFDMTlDNUMyRDQ1RDc5MTAeFw0yNTA3MTEx NjI1MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENERDgyMERBNkRFNUJG NDc5ODEwMEJDMDc5NTcxMDlGMTYwNUEwODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCaiRNWtFW+nXHDNYxIP7opHKuZqj4CakEC8ZRf2OOotLgZgwmc t9J7qTvPKgc8xv9/VH88Bo69GH7n6e5UcL0M/UtOLZ2pMEpwByqpsPI2APos17gy JUcC6YEtmlGb2yy0nR0eb2jXRB1XHbUtYmVkwldajGAIyIEwx2aFqlPz7rA6qfUp geemlQvdPeIXFwjmBDs7zAdWrx7F+ytUdi82AnPirIXsD33+AtWUism2MVrSvUb+ jyJR97J+O7Xf+MDY5eTicylcqApOYWMwoiiBIvHojA0+f9dEWlaiDY7Gwmqv1jSZ 6XcJSlrxikEbfISOuxbfGr7wxc0YfUesL5dTAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUzdgg2m3lv0eYEAvAeVcQnxYFoIEwHwYDVR0jBBgwFoAUYV+b2YzHDog20BqU gcGcXC1F15EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdJTlMv WVYtYjJZekhEb2cyMEJxVWdjR2NYQzFGMTVFLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9ZVi1iMll6SERvZzIwQnFVZ2NHY1hDMUYxNUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9EV0lOUy96ZGdnMm0zbHYwZVlFQXZBZVZj UW54WUZvSUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK+AW MA0GCSqGSIb3DQEBCwUAA4IBAQBwddDT6OY9QJ4Y9zb67Y6bPanhhvnuWZF2+wJs 8gA7Ghav9ftLQbgQ8tEZlwavA+VIEjQaBxZ8KYuFvhYc8SCwgxKjTuU74UqoS+gV ZMKZRUWF/W0f2fDV5e8Np5uYMoR9btHiEYMqhSVuxII7I5QFgST2s0uSF7VzwdEq buGbSqh0jPvoX7uTjlF3gm83zc74TUFHBuXg0crMcB6lBIt5cqrZOkN94xSeY87s 9nxRQF6Ggla3l/pcmrPr6a1eWtdNUS3WR/hbBGtluo/vlAXNfDxq01HFsJ/kmUfi s/RVqq/470FvPVt9I2RBevZAXhBEpan23wTQOjXFiOj6vuDC -----END CERTIFICATE-----Generated at Sun Jul 20 19:09:54 2025 by rpki-client