$ rpki-client -vvf rpkica.twnic.tw/rpki/DNSNET/0/323430363a663334303a3a2f33322d3634203d3e203338383432.roa File: 323430363a663334303a3a2f33322d3634203d3e203338383432.roa (raw, json) Hash identifier: dPU2RCL9922koNIK4EbftiZXNxbxs5ADbxLPZLggc34= Subject key identifier: 1D:32:88:97:0E:82:68:BB:D1:77:19:75:8E:AC:45:20:A2:C2:C0:ED Certificate issuer: /CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Certificate serial: C32E5D8C2956B872506731C21169713A0B0426 Authority key identifier: 9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject info access: rsync://rpkica.twnic.tw/rpki/DNSNET/0/323430363a663334303a3a2f33322d3634203d3e203338383432.roa Signing time: Mon 11 May 2026 17:31:26 +0000 ROA not before: Mon 11 May 2026 17:26:26 +0000 ROA not after: Mon 10 May 2027 17:31:26 +0000 asID: 38842 IP address blocks: 2406:f340::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 09:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: c3:2e:5d:8c:29:56:b8:72:50:67:31:c2:11:69:71:3a:0b:04:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Validity Not Before: May 11 17:26:26 2026 GMT Not After : May 10 17:31:26 2027 GMT Subject: CN=1D3288970E8268BBD17719758EAC4520A2C2C0ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:59:c7:6c:13:37:61:58:6d:7b:42:c3:dc:a7: 71:11:3a:ad:77:36:f9:d7:60:1c:d8:3a:5e:ee:98: b0:62:e8:e3:03:9c:86:4a:39:a1:24:2f:ab:b7:12: 57:75:b6:2b:a3:7e:e2:8a:dd:09:4e:25:2a:27:cb: 7b:80:86:eb:87:15:5f:d7:4c:88:51:d0:b3:20:b9: 25:6b:a3:d8:f5:3b:7c:7d:c0:57:b7:0d:c7:8b:67: c9:21:39:ff:9a:e5:4d:b7:17:93:3e:8c:ee:46:05: 13:a6:aa:41:63:84:ae:3b:29:97:e6:bd:20:3a:aa: 86:fa:87:8b:d1:07:df:09:be:71:64:80:45:9a:80: 70:90:12:3f:0e:cf:1d:44:19:1d:28:b8:ba:36:6e: e3:e4:83:b1:fd:2d:dd:5a:a4:fa:c6:eb:24:40:3a: 68:47:a2:af:b9:dc:29:8e:a1:79:22:66:83:1d:14: 4a:41:1c:7c:f6:e2:0d:dc:39:f1:4b:9b:91:07:89: 23:ae:82:ac:45:80:35:57:2f:d1:43:39:dc:d6:e9: ed:27:f7:9f:11:45:3b:74:44:bd:17:31:35:ca:48: 33:7a:d7:88:1a:b6:49:ff:35:d9:c7:ba:43:95:91: d7:94:6c:1c:27:15:8f:74:b7:3e:eb:e9:d6:d7:23: 48:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:32:88:97:0E:82:68:BB:D1:77:19:75:8E:AC:45:20:A2:C2:C0:ED X509v3 Authority Key Identifier: keyid:9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/323430363a663334303a3a2f33322d3634203d3e203338383432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:f340::/32 Signature Algorithm: sha256WithRSAEncryption 79:d8:34:7c:05:23:47:84:dd:a6:fd:a9:8c:99:b3:dd:f5:0b: 9f:3a:8a:61:1b:a6:f8:4f:9e:29:9d:53:eb:aa:0c:05:1b:4c: 85:0f:8b:bb:7b:19:0e:ae:d6:70:44:9e:59:e1:63:97:43:4a: 61:78:78:ec:58:a2:68:12:4b:6f:4d:b1:94:85:ae:16:7c:41: 53:78:c3:d4:bd:10:18:11:fe:10:32:93:61:ac:57:cc:0d:6b: 8b:5f:6b:32:2a:5e:e8:c0:13:c0:bd:9e:7a:6b:56:34:ed:33: af:7f:59:e2:f5:61:84:8e:0c:9e:d2:18:bd:d7:1c:d0:8c:bf: 57:32:d2:a6:a4:74:b6:98:c1:b6:93:dc:71:2e:36:c6:ba:68: f3:ca:fa:f0:51:ee:b2:5b:5e:50:8c:1b:bc:59:44:b3:22:32: c0:3d:6f:91:27:bf:f4:ba:9e:4c:8a:d1:0a:b2:6e:51:5f:52: cf:fb:de:c2:c5:00:44:71:6b:77:67:95:1f:ed:9e:d4:b2:3d: b2:27:a4:9b:21:b5:c4:0a:42:42:a2:1b:cc:82:f7:43:db:e2: ee:9f:d9:55:c6:70:cb:ea:2a:81:ef:cc:c6:ae:24:e4:27:4f: 54:46:7c:dd:46:96:73:46:ec:62:b0:c3:df:e2:df:72:3f:ae: 48:b5:3c:a3 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIUAMMuXYwpVrhyUGcxwhFpcToLBCYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdG NzJCRDVDMjAeFw0yNjA1MTExNzI2MjZaFw0yNzA1MTAxNzMxMjZaMDMxMTAvBgNV BAMTKDFEMzI4ODk3MEU4MjY4QkJEMTc3MTk3NThFQUM0NTIwQTJDMkMwRUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9WcdsEzdhWG17QsPcp3EROq13 NvnXYBzYOl7umLBi6OMDnIZKOaEkL6u3Eld1tiujfuKK3QlOJSony3uAhuuHFV/X TIhR0LMguSVro9j1O3x9wFe3DceLZ8khOf+a5U23F5M+jO5GBROmqkFjhK47KZfm vSA6qob6h4vRB98JvnFkgEWagHCQEj8Ozx1EGR0ouLo2buPkg7H9Ld1apPrG6yRA OmhHoq+53CmOoXkiZoMdFEpBHHz24g3cOfFLm5EHiSOugqxFgDVXL9FDOdzW6e0n 958RRTt0RL0XMTXKSDN614gatkn/NdnHukOVkdeUbBwnFY90tz7r6dbXI0jHAgMB AAGjggHiMIIB3jAdBgNVHQ4EFgQUHTKIlw6CaLvRdxl1jqxFIKLCwO0wHwYDVR0j BBgwFoAUnQB9Nz84HMpZbs4g/Cfo1/cr1cIwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVU LzAvOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5jcmww bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p Yy50dy9ycGtpL1RXTklDQ0EvMS85RDAwN0QzNzNGMzgxQ0NBNTk2RUNFMjBGQzI3 RThEN0Y3MkJENUMyLmNlcjB6BggrBgEFBQcBCwRuMGwwagYIKwYBBQUHMAuGXnJz eW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVULzAvMzIzNDMwMzYzYTY2 MzMzNDMwM2EzYTJmMzMzMjJkMzYzNDIwM2QzZTIwMzMzODM4MzQzMi5yb2EwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQG80AwDQYJKoZIhvcNAQELBQADggEBAHnYNHwFI0eE3ab9qYyZs931C586 imEbpvhPnimdU+uqDAUbTIUPi7t7GQ6u1nBEnlnhY5dDSmF4eOxYomgSS29NsZSF rhZ8QVN4w9S9EBgR/hAyk2GsV8wNa4tfazIqXujAE8C9nnprVjTtM69/WeL1YYSO DJ7SGL3XHNCMv1cy0qakdLaYwbaT3HEuNsa6aPPK+vBR7rJbXlCMG7xZRLMiMsA9 b5Env/S6nkyK0QqyblFfUs/73sLFAERxa3dnlR/tntSyPbInpJshtcQKQkKiG8yC 90Pb4u6f2VXGcMvqKoHvzMauJOQnT1RGfN1GlnNG7GKww9/i33I/rki1PKM= -----END CERTIFICATE-----Generated at Wed May 13 21:08:35 2026 by rpki-client