$ rpki-client -vvf rpkica.twnic.tw/rpki/DNSNET/0/3130332e3136302e3232362e302f32332d3234203d3e20313331363539.roa File: 3130332e3136302e3232362e302f32332d3234203d3e20313331363539.roa (raw, json) Hash identifier: E3rZgHSz1Z/QlxuFQ/uZkBfovj2HHfCX638SO+t2sg0= Subject key identifier: 70:AC:50:C8:99:25:0A:ED:5F:F4:59:6C:2F:6F:08:E5:EF:75:10:4E Certificate issuer: /CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Certificate serial: 564903A66243EA8B1DD17EF6FAC51B54DD053FDC Authority key identifier: 9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject info access: rsync://rpkica.twnic.tw/rpki/DNSNET/0/3130332e3136302e3232362e302f32332d3234203d3e20313331363539.roa Signing time: Mon 11 May 2026 17:31:25 +0000 ROA not before: Mon 11 May 2026 17:26:25 +0000 ROA not after: Mon 10 May 2027 17:31:25 +0000 asID: 131659 IP address blocks: 103.160.226.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 09:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:49:03:a6:62:43:ea:8b:1d:d1:7e:f6:fa:c5:1b:54:dd:05:3f:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Validity Not Before: May 11 17:26:25 2026 GMT Not After : May 10 17:31:25 2027 GMT Subject: CN=70AC50C899250AED5FF4596C2F6F08E5EF75104E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ee:28:3b:ad:b0:1c:bf:d0:3d:96:3a:33:11: 9d:3f:6e:45:d8:d0:8e:ac:c1:a2:4a:db:0f:fb:c8: c9:5f:92:43:a0:7b:3f:14:65:22:e5:65:4d:1d:cc: fe:0d:ea:fd:df:6b:d7:2a:db:1f:04:46:f5:e9:4a: 72:63:ae:79:e3:5b:b1:20:9d:27:e0:e6:23:5b:6f: a2:7c:98:2e:a1:63:18:98:9e:e6:e6:a6:dc:83:78: da:a9:a0:c6:13:77:e8:13:ee:9f:d9:33:d2:78:4d: 62:2b:52:75:c8:41:e4:86:7f:eb:8b:5f:45:fd:99: 99:4b:97:21:13:20:fc:53:ea:aa:7c:da:14:55:1a: 5d:a9:9b:88:94:53:a1:da:6a:33:c1:3e:a0:b7:0e: 82:2d:82:01:4b:c2:a7:da:82:31:5d:8a:ef:77:d3: 43:d6:c1:03:52:0d:6e:2d:c6:6e:41:79:de:74:5e: 90:6a:73:76:b1:f3:14:7f:05:e2:1f:29:0b:b1:bf: 0f:f4:28:14:9a:01:6d:ce:56:03:4c:1d:2a:d0:17: 61:1e:17:db:b2:05:a6:e9:d0:4e:e3:f5:10:d8:07: d1:51:a0:49:ab:f6:9b:c1:b5:d8:f2:24:bc:57:93: bc:0b:2e:4e:a1:55:43:27:09:68:b8:ea:4f:55:95: 1b:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:AC:50:C8:99:25:0A:ED:5F:F4:59:6C:2F:6F:08:E5:EF:75:10:4E X509v3 Authority Key Identifier: keyid:9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/3130332e3136302e3232362e302f32332d3234203d3e20313331363539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.160.226.0/23 Signature Algorithm: sha256WithRSAEncryption 66:1a:d6:87:4f:69:52:01:7d:5f:d7:08:a1:71:78:6f:77:d6: b5:25:33:b3:ad:73:b4:d8:2c:04:7b:bb:e6:38:90:37:a5:e7: 6d:c2:7e:bb:e4:7f:14:e8:66:e4:96:7b:80:a2:44:dc:1a:45: d3:35:c8:dd:bb:aa:4a:de:51:97:62:37:0c:5b:c8:c2:ac:e8: d3:13:02:0c:88:01:d4:cb:fd:85:a8:5c:9d:17:e8:10:39:22: 79:1e:fc:7e:d0:68:cc:28:a2:9f:b2:29:d2:b0:de:fa:7d:52: ef:43:8a:1d:65:30:b0:d5:1a:10:b6:58:fa:61:7c:4a:72:92: 63:b9:63:5a:2c:c5:fd:3a:54:ec:2d:d6:3c:48:57:94:79:d0: da:61:1a:94:08:06:17:26:d3:51:20:12:0b:bb:cd:b7:d2:f0: 95:81:7f:b7:64:81:52:78:03:e0:4c:34:1d:4c:16:e7:ca:7d: 30:d3:0c:c2:fc:84:74:cf:8c:e8:29:a3:01:8f:e5:a5:92:ef: 41:70:35:c5:e1:3f:d0:01:9e:c4:95:2a:26:6a:80:81:88:4b: 2b:36:ee:0f:47:77:65:80:65:d8:96:19:cd:38:eb:2d:79:e5: 72:fd:3d:c7:75:cd:a5:de:aa:85:f3:05:d4:e0:6c:04:67:85: ff:57:5f:e0 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUVkkDpmJD6osd0X72+sUbVN0FP9wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdG NzJCRDVDMjAeFw0yNjA1MTExNzI2MjVaFw0yNzA1MTAxNzMxMjVaMDMxMTAvBgNV BAMTKDcwQUM1MEM4OTkyNTBBRUQ1RkY0NTk2QzJGNkYwOEU1RUY3NTEwNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ7ig7rbAcv9A9ljozEZ0/bkXY 0I6swaJK2w/7yMlfkkOgez8UZSLlZU0dzP4N6v3fa9cq2x8ERvXpSnJjrnnjW7Eg nSfg5iNbb6J8mC6hYxiYnubmptyDeNqpoMYTd+gT7p/ZM9J4TWIrUnXIQeSGf+uL X0X9mZlLlyETIPxT6qp82hRVGl2pm4iUU6HaajPBPqC3DoItggFLwqfagjFdiu93 00PWwQNSDW4txm5Bed50XpBqc3ax8xR/BeIfKQuxvw/0KBSaAW3OVgNMHSrQF2Ee F9uyBabp0E7j9RDYB9FRoEmr9pvBtdjyJLxXk7wLLk6hVUMnCWi46k9VlRv/AgMB AAGjggHoMIIB5DAdBgNVHQ4EFgQUcKxQyJklCu1f9FlsL28I5e91EE4wHwYDVR0j BBgwFoAUnQB9Nz84HMpZbs4g/Cfo1/cr1cIwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVU LzAvOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5jcmww bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p Yy50dy9ycGtpL1RXTklDQ0EvMS85RDAwN0QzNzNGMzgxQ0NBNTk2RUNFMjBGQzI3 RThEN0Y3MkJENUMyLmNlcjCBgAYIKwYBBQUHAQsEdDByMHAGCCsGAQUFBzALhmRy c3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL0ROU05FVC8wLzMxMzAzMzJlMzEz NjMwMmUzMjMyMzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMTMzMzEzNjM1Mzku cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO MAwEAgABMAYDBAFnoOIwDQYJKoZIhvcNAQELBQADggEBAGYa1odPaVIBfV/XCKFx eG931rUlM7Otc7TYLAR7u+Y4kDel523CfrvkfxToZuSWe4CiRNwaRdM1yN27qkre UZdiNwxbyMKs6NMTAgyIAdTL/YWoXJ0X6BA5Inke/H7QaMwoop+yKdKw3vp9Uu9D ih1lMLDVGhC2WPphfEpykmO5Y1osxf06VOwt1jxIV5R50NphGpQIBhcm01EgEgu7 zbfS8JWBf7dkgVJ4A+BMNB1MFufKfTDTDML8hHTPjOgpowGP5aWS70FwNcXhP9AB nsSVKiZqgIGISys27g9Hd2WAZdiWGc046y155XL9Pcd1zaXeqoXzBdTgbARnhf9X X+A= -----END CERTIFICATE-----Generated at Wed May 13 21:48:36 2026 by rpki-client