$ rpki-client -vvf rpkica.twnic.tw/rpki/CHIEF-TW/0/AS17408.roa File: AS17408.roa (raw, json) Hash identifier: Q6z9Ubavej3zNqN4sh+89PMkaxrzUiPQg4hTXkVKGL4= Subject key identifier: E8:0B:CD:B3:AA:73:DB:5C:71:F0:FA:CF:D8:A1:A9:F7:AF:00:14:A2 Certificate issuer: /CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314 Certificate serial: 63BF89C9F5E198714BDFF2ADA9B85D8D9770264F Authority key identifier: 33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer Subject info access: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS17408.roa Signing time: Mon 11 May 2026 17:52:50 +0000 ROA not before: Mon 11 May 2026 17:47:50 +0000 ROA not after: Mon 10 May 2027 17:52:50 +0000 asID: 17408 IP address blocks: 113.21.80.0/21 maxlen: 24 113.21.88.0/21 maxlen: 21 113.21.90.0/24 maxlen: 24 113.21.95.0/24 maxlen: 24 119.31.176.0/20 maxlen: 24 150.116.0.0/21 maxlen: 24 150.116.8.0/23 maxlen: 24 150.116.11.0/24 maxlen: 24 150.116.112.0/22 maxlen: 24 150.116.119.0/24 maxlen: 24 150.116.168.0/23 maxlen: 24 150.116.239.0/24 maxlen: 24 150.117.128.0/19 maxlen: 24 150.117.160.0/21 maxlen: 24 203.163.192.0/23 maxlen: 23 203.163.220.0/23 maxlen: 23 223.26.68.0/23 maxlen: 24 223.26.70.0/23 maxlen: 24 223.26.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 12:50:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:bf:89:c9:f5:e1:98:71:4b:df:f2:ad:a9:b8:5d:8d:97:70:26:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314 Validity Not Before: May 11 17:47:50 2026 GMT Not After : May 10 17:52:50 2027 GMT Subject: CN=E80BCDB3AA73DB5C71F0FACFD8A1A9F7AF0014A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:74:42:93:2f:e9:52:97:d4:f0:b3:30:f5:e1: 7c:49:c3:69:3f:be:4d:3e:b8:96:d2:eb:c6:dd:b3: ef:3f:df:ae:96:b2:55:71:ed:3a:09:a8:25:19:51: 54:20:c9:77:9b:bb:cd:29:8b:60:00:cd:4d:eb:b1: 5e:04:11:74:21:e5:35:c4:3a:9c:b3:ef:84:2c:bb: 60:15:13:28:6a:a3:4a:92:7d:cb:2e:e2:60:9d:a3: 05:33:c1:82:c6:f0:a1:47:30:6a:55:ef:37:ad:d4: 2f:25:9c:a4:6b:65:2c:68:7d:22:3f:c7:92:ee:ec: 28:09:f1:df:6b:a1:00:d8:10:f6:3d:ec:a5:03:f8: 29:de:6d:63:6a:ec:b2:3f:14:00:d3:f4:e0:c9:4a: 38:70:80:9d:3b:e7:a8:95:c8:ca:0d:c9:d6:8f:14: 93:27:65:ae:c9:bb:43:a3:2f:a1:bb:72:5e:7e:d4: 34:19:70:fa:db:fc:61:a5:36:18:26:74:1c:fb:6f: 1c:4c:cc:10:17:4a:13:ad:3b:f7:98:34:05:41:f7: 4a:82:86:d2:2f:d1:48:25:22:80:ad:f7:3b:13:3f: f9:79:0f:d7:1d:8f:4f:33:ca:5c:83:53:7a:9a:b5: 15:0b:f8:90:63:c4:d0:62:ff:fe:cc:30:bb:6e:70: d7:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:0B:CD:B3:AA:73:DB:5C:71:F0:FA:CF:D8:A1:A9:F7:AF:00:14:A2 X509v3 Authority Key Identifier: keyid:33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS17408.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 113.21.80.0/20 119.31.176.0/20 150.116.0.0-150.116.9.255 150.116.11.0/24 150.116.112.0/22 150.116.119.0/24 150.116.168.0/23 150.116.239.0/24 150.117.128.0-150.117.167.255 203.163.192.0/23 203.163.220.0/23 223.26.68.0/22 Signature Algorithm: sha256WithRSAEncryption 36:9c:ff:c9:49:4f:76:38:a1:db:c4:f9:a8:27:ee:5b:3b:d2: 2a:a0:78:e4:09:7c:40:86:3d:7c:11:e8:d8:21:9b:42:8c:55: aa:94:24:b8:f6:65:57:c8:77:0e:4e:34:94:81:44:8e:44:66: 00:a1:96:67:3c:da:14:14:55:ed:b1:51:95:98:da:d7:eb:2f: 20:2e:97:04:e0:92:61:90:9d:40:d0:3a:d8:de:d4:be:58:62: 8a:40:64:cb:86:8e:b8:04:90:5f:ad:ef:7e:7b:f1:7a:5e:d2: d7:1f:90:ab:5c:1a:e5:2f:11:6e:a5:a4:af:07:6e:96:47:b7: 7e:41:56:38:b5:02:d3:49:fc:26:a3:11:d6:64:a0:aa:56:b5: 94:3e:1a:3b:bb:9a:0a:bb:3f:4c:ee:4e:cb:2f:98:94:ac:5c: 28:32:c8:f0:7f:ae:b4:48:7b:a9:75:64:ed:fc:f4:39:3d:4e: 10:49:cb:a1:de:28:8c:33:25:32:ce:89:45:88:d4:ad:f9:8c: 15:47:c2:73:b0:67:b6:04:e3:4c:49:61:00:c0:dd:ba:bf:74: 36:45:d2:ae:d0:20:d1:3d:b3:8c:ae:af:9b:c8:2f:23:8a:5a: b5:b4:bb:41:f6:fe:60:e8:28:c7:c1:57:95:e9:4f:00:1f:df: 11:44:af:0b -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgIUY7+JyfXhmHFL3/KtqbhdjZdwJk8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzNDQTRCNUY0Mjk1QjY4MTIxMjdBRjU3NjFDNkQ3MzUz RDFGMDMxNDAeFw0yNjA1MTExNzQ3NTBaFw0yNzA1MTAxNzUyNTBaMDMxMTAvBgNV BAMTKEU4MEJDREIzQUE3M0RCNUM3MUYwRkFDRkQ4QTFBOUY3QUYwMDE0QTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2dEKTL+lSl9TwszD14XxJw2k/ vk0+uJbS68bds+8/366WslVx7ToJqCUZUVQgyXebu80pi2AAzU3rsV4EEXQh5TXE Opyz74Qsu2AVEyhqo0qSfcsu4mCdowUzwYLG8KFHMGpV7zet1C8lnKRrZSxofSI/ x5Lu7CgJ8d9roQDYEPY97KUD+CnebWNq7LI/FADT9ODJSjhwgJ0756iVyMoNydaP FJMnZa7Ju0OjL6G7cl5+1DQZcPrb/GGlNhgmdBz7bxxMzBAXShOtO/eYNAVB90qC htIv0UglIoCt9zsTP/l5D9cdj08zylyDU3qatRUL+JBjxNBi//7MMLtucNcVAgMB AAGjggIJMIICBTAdBgNVHQ4EFgQU6AvNs6pz21xx8PrP2KGp968AFKIwHwYDVR0j BBgwFoAUM8pLX0KVtoEhJ69XYcbXNT0fAxQwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0hJRUYt VFcvMC8zM0NBNEI1RjQyOTVCNjgxMjEyN0FGNTc2MUM2RDczNTNEMUYwMzE0LmNy bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3 bmljLnR3L3Jwa2kvVFdOSUNDQS8xLzMzQ0E0QjVGNDI5NUI2ODEyMTI3QUY1NzYx QzZENzM1M0QxRjAzMTQuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4Yz cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DSElFRi1UVy8wL0FTMTc0MDgu cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwcAYIKwYBBQUHAQcBAf8EYTBf MF0EAgABMFcDBARxFVADBAR3H7AwCwMDApZ0AwQBlnQIAwQAlnQLAwQClnRwAwQA lnR3AwQBlnSoAwQAlnTvMAwDBAeWdYADBAOWdaADBAHLo8ADBAHLo9wDBALfGkQw DQYJKoZIhvcNAQELBQADggEBADac/8lJT3Y4odvE+agn7ls70iqgeOQJfECGPXwR 6Nghm0KMVaqUJLj2ZVfIdw5ONJSBRI5EZgChlmc82hQUVe2xUZWY2tfrLyAulwTg kmGQnUDQOtje1L5YYopAZMuGjrgEkF+t73578Xpe0tcfkKtcGuUvEW6lpK8HbpZH t35BVji1AtNJ/CajEdZkoKpWtZQ+Gju7mgq7P0zuTssvmJSsXCgyyPB/rrRIe6l1 ZO389Dk9ThBJy6HeKIwzJTLOiUWI1K35jBVHwnOwZ7YE40xJYQDA3bq/dDZF0q7Q INE9s4yur5vILyOKWrW0u0H2/mDoKMfBV5XpTwAf3xFErws= -----END CERTIFICATE-----Generated at Wed May 13 21:51:27 2026 by rpki-client