$ rpki-client -vvf rpkica.twnic.tw/rpki/FET/0/AS18419.roa File: AS18419.roa (raw, json) Hash identifier: 28/JA1mpZxGicxQY+xtyO4KLni4gXUUkBFHBuhKm1FA= Subject key identifier: 2B:0D:C1:EC:43:C5:1B:12:1A:C6:8A:C4:9A:4D:FA:21:89:92:B8:79 Certificate issuer: /CN=71FA20FC269CE9805B2C67E59B357AA684246D10 Certificate serial: 5581D74A65D057A7088A46D969309652641100E6 Authority key identifier: 71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer Subject info access: rsync://rpkica.twnic.tw/rpki/FET/0/AS18419.roa Signing time: Mon 11 May 2026 17:38:59 +0000 ROA not before: Mon 11 May 2026 17:33:59 +0000 ROA not after: Mon 10 May 2027 17:38:59 +0000 asID: 18419 IP address blocks: 124.218.0.0/18 maxlen: 24 124.218.96.0/21 maxlen: 24 124.218.96.0/22 maxlen: 24 124.218.100.0/22 maxlen: 24 124.218.104.0/22 maxlen: 24 124.218.108.0/22 maxlen: 24 124.218.112.0/21 maxlen: 24 124.218.116.0/22 maxlen: 24 124.218.120.0/21 maxlen: 24 124.218.192.0/18 maxlen: 24 124.218.192.0/19 maxlen: 24 124.218.224.0/21 maxlen: 24 124.218.232.0/21 maxlen: 24 218.34.96.0/21 maxlen: 24 218.34.104.0/23 maxlen: 24 218.35.0.0/21 maxlen: 24 218.35.8.0/21 maxlen: 24 218.35.16.0/21 maxlen: 24 218.35.24.0/23 maxlen: 24 218.35.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 08:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:81:d7:4a:65:d0:57:a7:08:8a:46:d9:69:30:96:52:64:11:00:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71FA20FC269CE9805B2C67E59B357AA684246D10 Validity Not Before: May 11 17:33:59 2026 GMT Not After : May 10 17:38:59 2027 GMT Subject: CN=2B0DC1EC43C51B121AC68AC49A4DFA218992B879 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:5e:f9:38:8a:18:46:ac:3c:9f:ab:8c:b9:5a: 03:36:6e:64:4b:e2:81:70:45:1b:1e:df:13:65:6e: 38:50:78:bd:12:6a:04:d0:9e:8c:bf:4e:39:58:06: a5:79:ef:bf:bc:a2:43:28:4d:3c:df:0d:36:ea:d0: f3:27:04:7c:20:9e:3e:74:e2:f9:ff:77:7e:b0:dd: ef:63:d0:38:b2:63:5d:3f:ca:ad:1f:30:ee:f6:f2: 31:42:8d:46:c9:5c:f3:f3:39:69:fa:62:1a:f4:59: 97:01:a2:6b:f2:35:50:73:4b:ab:d5:68:95:80:7a: db:d6:cf:29:9f:a4:d1:dd:3a:c8:a5:42:dc:da:6d: 9e:44:19:17:81:6c:85:91:1f:e7:d3:1f:a2:69:cc: 1b:2c:8b:e7:06:84:61:23:56:db:84:7e:3c:e3:bc: cc:e5:87:da:98:f4:4e:b3:bb:1a:51:ae:b0:05:ad: 47:3d:9e:7e:a5:dc:36:41:79:a1:61:f1:e7:97:57: 4f:c5:7e:19:89:c0:a2:d9:d4:52:11:df:2b:d7:41: 71:14:69:51:e6:33:87:df:6c:6e:92:66:ac:c8:09: e0:2f:d1:f2:64:44:ac:6f:60:d6:ce:d9:8e:f9:3c: 3b:cf:b6:e9:d9:47:ab:9c:32:48:36:f5:c3:38:9d: 23:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:0D:C1:EC:43:C5:1B:12:1A:C6:8A:C4:9A:4D:FA:21:89:92:B8:79 X509v3 Authority Key Identifier: keyid:71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/FET/0/AS18419.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 124.218.0.0/18 124.218.96.0/19 124.218.192.0/18 218.34.96.0-218.34.105.255 218.35.0.0-218.35.25.255 218.35.128.0/18 Signature Algorithm: sha256WithRSAEncryption 2f:69:7f:ec:16:d4:74:93:2a:c8:2a:68:89:a2:93:7d:1a:07: 38:25:83:a3:c3:42:6a:49:73:85:97:ac:5c:5d:07:e4:74:a5: f5:43:68:38:13:41:79:6f:6e:b2:d3:10:70:1d:a7:ea:7b:c9: 90:cf:83:45:cd:29:26:14:2e:11:c1:57:c8:f4:b9:cc:08:a5: e7:28:30:33:36:65:54:ed:d4:32:99:5b:f9:de:ab:b4:87:d1: 44:54:a1:99:4b:78:6c:5a:96:91:75:08:43:21:a2:db:5b:86: 8b:5c:5a:e0:19:0c:26:c8:90:38:cc:c5:f1:11:86:bf:6e:5f: 0a:51:c6:63:8f:78:bf:2e:71:04:94:ab:d1:b2:c6:f7:18:b5: 0c:20:b7:4b:f1:a9:a0:bb:80:ad:03:5b:42:ec:b4:ca:0b:9e: 8f:88:bf:ab:1d:01:b7:75:6d:fe:69:cf:3f:e1:51:c3:d8:58: 74:e9:23:9b:61:e4:3c:ad:c3:1a:8e:f2:d9:b7:6e:f0:9e:03: 75:2d:20:7d:4d:1a:52:74:53:11:3d:3c:56:0c:f7:43:74:23: 2a:ae:b7:45:4e:67:82:3d:c1:31:53:03:75:2e:ee:1e:25:5a: ec:ca:87:25:f2:8b:f7:e5:95:1f:0d:e2:72:f8:6e:34:b7:1b: 1c:d0:cd:2b -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgIUVYHXSmXQV6cIikbZaTCWUmQRAOYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4 NDI0NkQxMDAeFw0yNjA1MTExNzMzNTlaFw0yNzA1MTAxNzM4NTlaMDMxMTAvBgNV BAMTKDJCMERDMUVDNDNDNTFCMTIxQUM2OEFDNDlBNERGQTIxODk5MkI4NzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaXvk4ihhGrDyfq4y5WgM2bmRL 4oFwRRse3xNlbjhQeL0SagTQnoy/TjlYBqV577+8okMoTTzfDTbq0PMnBHwgnj50 4vn/d36w3e9j0DiyY10/yq0fMO728jFCjUbJXPPzOWn6Yhr0WZcBomvyNVBzS6vV aJWAetvWzymfpNHdOsilQtzabZ5EGReBbIWRH+fTH6JpzBssi+cGhGEjVtuEfjzj vMzlh9qY9E6zuxpRrrAFrUc9nn6l3DZBeaFh8eeXV0/FfhmJwKLZ1FIR3yvXQXEU aVHmM4ffbG6SZqzICeAv0fJkRKxvYNbO2Y75PDvPtunZR6ucMkg29cM4nSOVAgMB AAGjggHbMIIB1zAdBgNVHQ4EFgQUKw3B7EPFGxIaxorEmk36IYmSuHkwHwYDVR0j BBgwFoAUcfog/Cac6YBbLGflmzV6poQkbRAwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAv NzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4NDI0NkQxMC5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS83MUZBMjBGQzI2OUNFOTgwNUIyQzY3RTU5QjM1N0FB Njg0MjQ2RDEwLmNlcjBKBggrBgEFBQcBCwQ+MDwwOgYIKwYBBQUHMAuGLnJzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAvQVMxODQxOS5yb2EwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDswOQQCAAEwMwME BnzaAAMEBXzaYAMEBnzawDAMAwQF2iJgAwQB2iJoMAsDAwDaIwMEAdojGAMEBtoj gDANBgkqhkiG9w0BAQsFAAOCAQEAL2l/7BbUdJMqyCpoiaKTfRoHOCWDo8NCaklz hZesXF0H5HSl9UNoOBNBeW9ustMQcB2n6nvJkM+DRc0pJhQuEcFXyPS5zAil5ygw MzZlVO3UMplb+d6rtIfRRFShmUt4bFqWkXUIQyGi21uGi1xa4BkMJsiQOMzF8RGG v25fClHGY494vy5xBJSr0bLG9xi1DCC3S/GpoLuArQNbQuy0yguej4i/qx0Bt3Vt /mnPP+FRw9hYdOkjm2HkPK3DGo7y2bdu8J4DdS0gfU0aUnRTET08Vgz3Q3QjKq63 RU5ngj3BMVMDdS7uHiVa7MqHJfKL9+WVHw3icvhuNLcbHNDNKw== -----END CERTIFICATE-----Generated at Wed May 13 21:50:40 2026 by rpki-client