$ rpki-client -vvf rpkica.twnic.tw/rpki/FET/0/AS16625.roa File: AS16625.roa (raw, json) Hash identifier: Uw6g+hlQZIZrMW4fK84JNXmuicKWw9wXXtylpvc6Qa4= Subject key identifier: ED:D9:06:F7:90:B4:9A:D2:E5:34:94:81:35:CF:D4:94:44:75:DB:76 Certificate issuer: /CN=71FA20FC269CE9805B2C67E59B357AA684246D10 Certificate serial: 4293C45CD9DA7EC70278374758CACF972AA2423E Authority key identifier: 71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer Subject info access: rsync://rpkica.twnic.tw/rpki/FET/0/AS16625.roa Signing time: Mon 11 May 2026 17:34:47 +0000 ROA not before: Mon 11 May 2026 17:29:47 +0000 ROA not after: Mon 10 May 2027 17:34:47 +0000 asID: 16625 IP address blocks: 210.203.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 08:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:93:c4:5c:d9:da:7e:c7:02:78:37:47:58:ca:cf:97:2a:a2:42:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71FA20FC269CE9805B2C67E59B357AA684246D10 Validity Not Before: May 11 17:29:47 2026 GMT Not After : May 10 17:34:47 2027 GMT Subject: CN=EDD906F790B49AD2E534948135CFD4944475DB76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7e:ce:9b:86:49:d8:07:07:f6:dd:0e:1a:c0: ec:d9:35:7c:71:db:04:77:26:86:ee:d9:8d:4c:0c: a2:1b:63:0e:a8:f4:bb:d4:ff:0d:19:74:e5:9e:f5: 81:e2:1e:b1:7f:5e:b7:9a:b2:fc:7a:2a:79:4a:f0: ac:f7:05:c9:c7:ea:08:5e:9d:e4:ce:81:22:c7:58: a2:22:39:90:a0:a3:fb:24:e4:68:fd:a1:bf:db:42: 60:65:cf:50:07:7f:88:b4:96:89:f8:90:9c:92:3d: 1f:6c:cb:2b:03:1e:8e:d0:24:7f:30:ee:57:f3:69: e0:d5:c0:53:0c:a1:21:89:4a:1e:6e:43:6d:c9:dc: 9a:13:20:9e:c6:03:56:94:2c:b5:ce:42:bb:82:6f: 30:7b:cd:66:7f:e0:bf:b5:c4:61:5c:52:56:df:26: 62:3a:da:25:77:bf:f9:c8:f8:03:23:f4:00:ca:22: 05:b8:6a:23:74:08:80:09:ce:11:2b:8a:45:89:c0: 1b:cb:f9:0c:72:19:22:8b:c8:fc:97:c3:17:3c:67: 4e:21:2f:2c:89:a3:e7:e6:80:8e:f7:7a:b7:94:e6: 43:e2:39:a3:d8:56:12:08:ff:7e:69:c3:f2:63:37: a4:5a:a4:8f:7a:49:71:cd:08:a7:68:15:7d:76:fa: 96:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:D9:06:F7:90:B4:9A:D2:E5:34:94:81:35:CF:D4:94:44:75:DB:76 X509v3 Authority Key Identifier: keyid:71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/FET/0/AS16625.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 210.203.8.0/21 Signature Algorithm: sha256WithRSAEncryption a8:3e:f6:46:17:a3:e6:04:76:59:02:cb:5c:0c:3a:8c:48:91: b3:09:01:ac:6e:a0:1a:89:ae:96:6b:01:15:5c:32:33:c4:7d: 75:74:0b:23:7e:c4:02:60:a6:c2:d3:eb:de:0e:c1:50:7e:6b: 3f:53:3a:93:0f:9b:26:4c:38:56:be:ef:60:7f:99:e0:c6:e4: 2d:f0:2b:fd:63:68:ff:10:55:b7:a9:ad:9b:8c:11:c9:6e:ec: a2:9f:37:09:a7:dc:99:92:19:42:bb:4b:19:1e:14:88:fc:7c: e5:81:6b:07:fe:a3:6c:8f:0d:7b:3c:43:a0:a6:8d:bf:1a:35: ab:22:f5:a3:bb:dd:d5:18:3e:29:e1:bb:19:68:28:b0:f8:32: 10:9d:c0:b7:c6:16:c4:b5:ad:39:94:94:9e:f5:28:1a:e9:04: a2:04:c0:8b:1f:d8:bf:7f:eb:06:63:b2:50:73:a9:b0:1b:0e: 66:3d:0a:83:42:36:e0:51:6d:06:35:c0:d8:55:f2:d1:74:a9: 69:54:43:fe:ad:48:2f:ea:75:a4:47:ad:86:ce:03:91:23:30: b4:2f:2d:d3:b1:d1:c1:1f:c0:f3:ca:f7:11:dc:84:b8:9b:30: aa:f1:a8:cd:d2:52:c1:8c:81:81:5d:13:85:5e:8b:0d:99:4c: fb:6a:79:7d -----BEGIN CERTIFICATE----- MIIEpDCCA4ygAwIBAgIUQpPEXNnafscCeDdHWMrPlyqiQj4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4 NDI0NkQxMDAeFw0yNjA1MTExNzI5NDdaFw0yNzA1MTAxNzM0NDdaMDMxMTAvBgNV BAMTKEVERDkwNkY3OTBCNDlBRDJFNTM0OTQ4MTM1Q0ZENDk0NDQ3NURCNzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNfs6bhknYBwf23Q4awOzZNXxx 2wR3Jobu2Y1MDKIbYw6o9LvU/w0ZdOWe9YHiHrF/Xreasvx6KnlK8Kz3BcnH6ghe neTOgSLHWKIiOZCgo/sk5Gj9ob/bQmBlz1AHf4i0lon4kJySPR9syysDHo7QJH8w 7lfzaeDVwFMMoSGJSh5uQ23J3JoTIJ7GA1aULLXOQruCbzB7zWZ/4L+1xGFcUlbf JmI62iV3v/nI+AMj9ADKIgW4aiN0CIAJzhErikWJwBvL+QxyGSKLyPyXwxc8Z04h LyyJo+fmgI73ereU5kPiOaPYVhII/35pw/JjN6RapI96SXHNCKdoFX12+pbvAgMB AAGjggGuMIIBqjAdBgNVHQ4EFgQU7dkG95C0mtLlNJSBNc/UlER123YwHwYDVR0j BBgwFoAUcfog/Cac6YBbLGflmzV6poQkbRAwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAv NzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4NDI0NkQxMC5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS83MUZBMjBGQzI2OUNFOTgwNUIyQzY3RTU5QjM1N0FB Njg0MjQ2RDEwLmNlcjBKBggrBgEFBQcBCwQ+MDwwOgYIKwYBBQUHMAuGLnJzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAvQVMxNjYyNS5yb2EwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME A9LLCDANBgkqhkiG9w0BAQsFAAOCAQEAqD72Rhej5gR2WQLLXAw6jEiRswkBrG6g GomulmsBFVwyM8R9dXQLI37EAmCmwtPr3g7BUH5rP1M6kw+bJkw4Vr7vYH+Z4Mbk LfAr/WNo/xBVt6mtm4wRyW7sop83CafcmZIZQrtLGR4UiPx85YFrB/6jbI8NezxD oKaNvxo1qyL1o7vd1Rg+KeG7GWgosPgyEJ3At8YWxLWtOZSUnvUoGukEogTAix/Y v3/rBmOyUHOpsBsOZj0Kg0I24FFtBjXA2FXy0XSpaVRD/q1IL+p1pEeths4DkSMw tC8t07HRwR/A88r3EdyEuJswqvGozdJSwYyBgV0ThV6LDZlM+2p5fQ== -----END CERTIFICATE-----Generated at Wed May 13 21:50:44 2026 by rpki-client