$ rpki-client -vvf rpkica.twnic.tw/rpki/FET/0/AS9674.roa File: AS9674.roa (raw, json) Hash identifier: 9C5K47ndgW2seC4+CPiDYPqScyiQy8GU6bq7cU4Eugk= Subject key identifier: 45:2B:FC:95:F9:4B:D6:A9:11:07:D9:CF:B5:06:C6:50:B1:48:CF:C9 Certificate issuer: /CN=71FA20FC269CE9805B2C67E59B357AA684246D10 Certificate serial: 38FDF46E003896B2C821C14372C28694FD9DBE23 Authority key identifier: 71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer Subject info access: rsync://rpkica.twnic.tw/rpki/FET/0/AS9674.roa Signing time: Mon 11 May 2026 17:58:35 +0000 ROA not before: Mon 11 May 2026 17:53:35 +0000 ROA not after: Mon 10 May 2027 17:58:35 +0000 asID: 9674 IP address blocks: 27.51.0.0/16 maxlen: 24 27.52.0.0/15 maxlen: 24 27.240.0.0/13 maxlen: 24 39.8.0.0/13 maxlen: 24 39.8.0.0/14 maxlen: 24 39.12.0.0/14 maxlen: 24 61.20.0.0/16 maxlen: 24 101.136.0.0/14 maxlen: 24 103.122.148.0/22 maxlen: 24 106.64.0.0/15 maxlen: 24 110.24.0.0/13 maxlen: 24 114.140.0.0/16 maxlen: 24 118.231.0.0/16 maxlen: 24 210.241.192.0/19 maxlen: 24 211.73.128.0/19 maxlen: 24 211.77.0.0/16 maxlen: 24 211.77.64.0/18 maxlen: 24 211.77.128.0/17 maxlen: 24 223.22.0.0/15 maxlen: 24 223.22.0.0/16 maxlen: 24 2401:e180::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 08:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:fd:f4:6e:00:38:96:b2:c8:21:c1:43:72:c2:86:94:fd:9d:be:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71FA20FC269CE9805B2C67E59B357AA684246D10 Validity Not Before: May 11 17:53:35 2026 GMT Not After : May 10 17:58:35 2027 GMT Subject: CN=452BFC95F94BD6A91107D9CFB506C650B148CFC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:69:9f:09:e8:d2:cb:aa:11:ae:b2:a2:42:76: 8d:79:cc:f7:9b:f0:5f:bd:b4:0d:b7:52:95:20:9f: 9a:11:86:f1:c0:d7:d2:5e:a7:85:5a:b7:33:a5:08: 8d:d3:ac:14:38:29:4a:8b:63:9b:54:aa:b3:d4:aa: bb:32:be:fb:e3:65:d7:a8:f9:2f:dd:a3:ee:c6:5b: fc:a6:7a:da:47:36:71:28:7f:f1:a4:84:a5:f8:e6: c7:40:ea:8c:a8:01:7b:58:82:ad:54:c1:ea:b7:ec: 83:fb:56:52:08:ee:45:a2:2f:2a:50:29:38:90:9e: 31:2c:2f:92:a2:2e:58:fa:e6:22:70:01:ae:f0:6b: bf:4c:dc:9e:eb:32:f2:ed:ee:52:e8:b2:b2:8c:05: cb:dd:e9:7f:2a:b6:14:33:46:7b:9e:3c:3b:40:48: c9:22:51:8a:ce:3f:04:20:1e:3c:33:8b:cc:4a:c8: 09:45:2b:f0:0c:9a:7d:e3:89:95:7d:bc:e3:59:65: d6:02:bc:6e:62:22:88:11:a5:8c:96:05:a7:02:cf: 04:ac:11:b8:39:a6:fc:3a:b8:96:bd:fa:ce:1c:46: 40:75:2a:9c:41:06:4f:72:48:4b:71:4a:5b:58:5e: d7:af:8b:22:09:19:3c:e0:d5:3f:b3:c2:b5:0e:7f: e4:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:2B:FC:95:F9:4B:D6:A9:11:07:D9:CF:B5:06:C6:50:B1:48:CF:C9 X509v3 Authority Key Identifier: keyid:71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/FET/0/AS9674.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.51.0.0-27.53.255.255 27.240.0.0/13 39.8.0.0/13 61.20.0.0/16 101.136.0.0/14 103.122.148.0/22 106.64.0.0/15 110.24.0.0/13 114.140.0.0/16 118.231.0.0/16 210.241.192.0/19 211.73.128.0/19 211.77.0.0/16 223.22.0.0/15 IPv6: 2401:e180::/32 Signature Algorithm: sha256WithRSAEncryption 0d:c0:64:2f:79:f8:95:52:39:2f:01:e4:dc:2e:ea:74:8f:13: 53:21:bb:1e:7f:cc:77:66:36:32:e9:3e:8c:7f:55:f8:de:8e: 25:53:80:e0:27:3a:34:64:1b:e5:fd:47:91:62:b5:5a:b5:e6: b3:c2:17:c0:81:68:b6:e3:2e:69:46:62:0f:0d:f1:0a:83:ee: 55:1c:3e:2a:1c:06:74:78:79:84:64:ae:5b:4a:67:17:2d:29: ed:cc:ce:a0:9f:2d:8c:6a:06:8a:30:8c:18:04:56:c8:42:5e: fc:c6:58:73:16:8c:65:72:05:1c:03:31:59:dc:db:74:ce:86: c0:28:e1:88:e8:14:06:7c:0a:09:fa:ff:35:32:bd:47:2c:be: a9:2a:fd:eb:ed:4d:aa:b4:a7:10:36:34:2e:45:59:77:27:d4: 7b:d0:ec:4d:be:92:b6:8c:5d:23:dd:cb:8b:83:7a:a7:8d:3f: 1c:dc:ff:e5:97:d1:8b:31:88:2c:f5:1d:50:15:db:dc:b1:1f: a8:61:a6:0f:08:0b:8b:39:09:9e:a6:d2:95:d2:72:95:15:99: 30:32:90:c7:a0:2e:85:90:40:e7:4f:0b:79:8c:f4:38:ba:8d: 55:ec:76:15:f0:01:44:32:b4:3d:7c:9d:dc:d3:f4:3f:df:84: be:d0:fc:d7 -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgIUOP30bgA4lrLIIcFDcsKGlP2dviMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4 NDI0NkQxMDAeFw0yNjA1MTExNzUzMzVaFw0yNzA1MTAxNzU4MzVaMDMxMTAvBgNV BAMTKDQ1MkJGQzk1Rjk0QkQ2QTkxMTA3RDlDRkI1MDZDNjUwQjE0OENGQzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDraZ8J6NLLqhGusqJCdo15zPeb 8F+9tA23UpUgn5oRhvHA19Jep4VatzOlCI3TrBQ4KUqLY5tUqrPUqrsyvvvjZdeo +S/do+7GW/ymetpHNnEof/GkhKX45sdA6oyoAXtYgq1Uweq37IP7VlII7kWiLypQ KTiQnjEsL5KiLlj65iJwAa7wa79M3J7rMvLt7lLosrKMBcvd6X8qthQzRnuePDtA SMkiUYrOPwQgHjwzi8xKyAlFK/AMmn3jiZV9vONZZdYCvG5iIogRpYyWBacCzwSs Ebg5pvw6uJa9+s4cRkB1KpxBBk9ySEtxSltYXteviyIJGTzg1T+zwrUOf+Q7AgMB AAGjggIGMIICAjAdBgNVHQ4EFgQURSv8lflL1qkRB9nPtQbGULFIz8kwHwYDVR0j BBgwFoAUcfog/Cac6YBbLGflmzV6poQkbRAwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAv NzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4NDI0NkQxMC5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS83MUZBMjBGQzI2OUNFOTgwNUIyQzY3RTU5QjM1N0FB Njg0MjQ2RDEwLmNlcjBJBggrBgEFBQcBCwQ9MDswOQYIKwYBBQUHMAuGLXJzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAvQVM5Njc0LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQMAoD AwAbMwMDARs0AwMDG/ADAwMnCAMDAD0UAwMCZYgDBAJnepQDAwFqQAMDA24YAwMA cowDAwB25wMEBdLxwAMEBdNJgAMDANNNAwMB3xYwDQQCAAIwBwMFACQB4YAwDQYJ KoZIhvcNAQELBQADggEBAA3AZC95+JVSOS8B5Nwu6nSPE1Mhux5/zHdmNjLpPox/ VfjejiVTgOAnOjRkG+X9R5FitVq15rPCF8CBaLbjLmlGYg8N8QqD7lUcPiocBnR4 eYRkrltKZxctKe3MzqCfLYxqBoowjBgEVshCXvzGWHMWjGVyBRwDMVnc23TOhsAo 4YjoFAZ8Cgn6/zUyvUcsvqkq/evtTaq0pxA2NC5FWXcn1HvQ7E2+kraMXSPdy4uD eqeNPxzc/+WX0YsxiCz1HVAV29yxH6hhpg8IC4s5CZ6m0pXScpUVmTAykMegLoWQ QOdPC3mM9Di6jVXsdhXwAUQytD18ndzT9D/fhL7Q/Nc= -----END CERTIFICATE-----Generated at Wed May 13 21:50:42 2026 by rpki-client