$ rpki-client -vvf rpkica.twnic.tw/rpki/GSN/0/323030313a343432303a3a2f33322d3332203d3e2034373832.roa File: 323030313a343432303a3a2f33322d3332203d3e2034373832.roa (raw, json) Hash identifier: gE5uEPlvoHn4YAIcNC7yJMhL4DCCYf0nlEOkebni8Us= Subject key identifier: 82:86:78:EB:C8:64:98:86:69:6B:57:C4:91:19:A9:04:F6:D0:5D:59 Certificate issuer: /CN=C034BD9C7235DC2D2CC1FD7E21D43DD06AFDC351 Certificate serial: 78B6C76BD09789D5A20729791F889840CEE6CF30 Authority key identifier: C0:34:BD:9C:72:35:DC:2D:2C:C1:FD:7E:21:D4:3D:D0:6A:FD:C3:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/C034BD9C7235DC2D2CC1FD7E21D43DD06AFDC351.cer Subject info access: rsync://rpkica.twnic.tw/rpki/GSN/0/323030313a343432303a3a2f33322d3332203d3e2034373832.roa Signing time: Mon 11 May 2026 16:48:33 +0000 ROA not before: Mon 11 May 2026 16:43:33 +0000 ROA not after: Mon 10 May 2027 16:48:33 +0000 asID: 4782 IP address blocks: 2001:4420::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/GSN/0/C034BD9C7235DC2D2CC1FD7E21D43DD06AFDC351.crl rsync://rpkica.twnic.tw/rpki/GSN/0/C034BD9C7235DC2D2CC1FD7E21D43DD06AFDC351.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/C034BD9C7235DC2D2CC1FD7E21D43DD06AFDC351.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 15:26:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:b6:c7:6b:d0:97:89:d5:a2:07:29:79:1f:88:98:40:ce:e6:cf:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C034BD9C7235DC2D2CC1FD7E21D43DD06AFDC351 Validity Not Before: May 11 16:43:33 2026 GMT Not After : May 10 16:48:33 2027 GMT Subject: CN=828678EBC8649886696B57C49119A904F6D05D59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:52:27:2e:ba:87:14:a7:0f:7a:82:fb:5f:3b: d3:28:a7:a6:4e:d9:76:98:05:e4:93:60:2c:4e:81: 10:52:41:d2:77:49:a3:12:83:89:7b:bd:b1:1b:a7: 35:44:8e:5c:fc:3d:6f:8a:22:c0:f3:67:d2:fa:a8: 0d:43:39:55:b9:c7:4d:a6:fa:25:5b:6e:af:2e:db: 97:b8:45:22:3d:92:70:46:1e:73:0b:61:47:9d:b1: 11:7e:3b:2b:02:86:69:b1:27:f1:7f:0f:be:e4:dc: be:25:42:45:0e:24:ed:0d:84:b5:e6:bf:52:cf:69: 64:8b:fb:65:b8:7e:2a:4a:a6:91:c8:e4:80:51:fc: 3e:2d:85:ef:df:14:98:21:08:c3:8f:73:39:ee:1b: 20:f5:61:5c:97:8a:c7:a3:4c:d0:ed:27:91:47:81: d5:ca:5e:fd:28:53:c9:c8:13:b2:0a:02:80:a2:47: f1:c5:b9:5b:2f:d1:2a:c8:de:d0:60:80:7a:a5:f7: d0:43:35:6b:03:68:d0:26:17:07:1a:6d:65:19:8b: b6:1b:3a:2c:1d:5f:b3:21:df:42:e6:6c:ae:1f:50: 97:71:3b:f1:d8:e2:f9:52:2c:32:b1:9d:40:da:97: 54:85:b2:31:5a:5f:79:78:5f:e7:79:75:60:eb:b4: d0:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:86:78:EB:C8:64:98:86:69:6B:57:C4:91:19:A9:04:F6:D0:5D:59 X509v3 Authority Key Identifier: keyid:C0:34:BD:9C:72:35:DC:2D:2C:C1:FD:7E:21:D4:3D:D0:6A:FD:C3:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/GSN/0/C034BD9C7235DC2D2CC1FD7E21D43DD06AFDC351.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/C034BD9C7235DC2D2CC1FD7E21D43DD06AFDC351.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/GSN/0/323030313a343432303a3a2f33322d3332203d3e2034373832.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:4420::/32 Signature Algorithm: sha256WithRSAEncryption 22:ab:9f:ee:4e:3c:5d:e0:8f:da:69:2b:60:cf:a5:22:4a:3b: 1b:f7:8f:70:ff:96:50:c7:27:12:81:e8:2b:09:c5:18:ab:2b: 74:d1:d7:8f:24:2b:6a:0f:0c:37:dc:bd:c1:77:75:d5:4e:76: 7c:f8:72:08:25:e1:06:f0:b1:f6:ca:c0:78:e6:09:7a:fb:d2: 11:03:23:c0:e9:04:b1:fe:a9:61:b9:3c:2f:e1:b8:ce:3b:0c: 3f:85:3f:c1:5b:d5:eb:07:2a:99:75:5d:f8:24:56:12:70:11: 6a:95:4f:f8:8e:6a:b1:6d:1b:54:fa:69:03:3e:1f:0c:03:37: 19:63:81:ee:77:32:e4:42:2c:07:6d:cc:8a:ca:99:38:b2:e2: 87:b0:8b:f2:43:47:09:b6:13:bb:c7:6f:a7:8f:c8:9c:1d:8c: 1f:0d:9f:02:ab:4a:2f:60:2f:d8:76:b5:62:3c:eb:9c:15:d2: 9a:d7:95:1f:35:05:9d:46:f4:e7:6a:a5:78:bd:d7:ab:a1:2f: 2b:59:68:6f:15:20:38:e5:ed:d0:bb:60:57:f0:e6:c0:58:94: ed:54:cf:88:81:3e:24:e9:92:b8:a2:52:7b:70:10:fb:a4:9c: d6:34:4a:f9:fc:26:09:7f:a3:82:30:31:fb:de:0b:4f:9e:0a: 83:ba:73:c4 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgIUeLbHa9CXidWiByl5H4iYQM7mzzAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzAzNEJEOUM3MjM1REMyRDJDQzFGRDdFMjFENDNERDA2 QUZEQzM1MTAeFw0yNjA1MTExNjQzMzNaFw0yNzA1MTAxNjQ4MzNaMDMxMTAvBgNV BAMTKDgyODY3OEVCQzg2NDk4ODY2OTZCNTdDNDkxMTlBOTA0RjZEMDVENTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmUicuuocUpw96gvtfO9Mop6ZO 2XaYBeSTYCxOgRBSQdJ3SaMSg4l7vbEbpzVEjlz8PW+KIsDzZ9L6qA1DOVW5x02m +iVbbq8u25e4RSI9knBGHnMLYUedsRF+OysChmmxJ/F/D77k3L4lQkUOJO0NhLXm v1LPaWSL+2W4fipKppHI5IBR/D4the/fFJghCMOPcznuGyD1YVyXisejTNDtJ5FH gdXKXv0oU8nIE7IKAoCiR/HFuVsv0SrI3tBggHql99BDNWsDaNAmFwcabWUZi7Yb OiwdX7Mh30LmbK4fUJdxO/HY4vlSLDKxnUDal1SFsjFaX3l4X+d5dWDrtNCXAgMB AAGjggHaMIIB1jAdBgNVHQ4EFgQUgoZ468hkmIZpa1fEkRmpBPbQXVkwHwYDVR0j BBgwFoAUwDS9nHI13C0swf1+IdQ90Gr9w1EwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvR1NOLzAv QzAzNEJEOUM3MjM1REMyRDJDQzFGRDdFMjFENDNERDA2QUZEQzM1MS5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS9DMDM0QkQ5QzcyMzVEQzJEMkNDMUZEN0UyMUQ0M0RE MDZBRkRDMzUxLmNlcjB1BggrBgEFBQcBCwRpMGcwZQYIKwYBBQUHMAuGWXJzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvR1NOLzAvMzIzMDMwMzEzYTM0MzQzMjMw M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzQzNzM4MzIucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAgAUQg MA0GCSqGSIb3DQEBCwUAA4IBAQAiq5/uTjxd4I/aaStgz6UiSjsb949w/5ZQxycS gegrCcUYqyt00dePJCtqDww33L3Bd3XVTnZ8+HIIJeEG8LH2ysB45gl6+9IRAyPA 6QSx/qlhuTwv4bjOOww/hT/BW9XrByqZdV34JFYScBFqlU/4jmqxbRtU+mkDPh8M AzcZY4HudzLkQiwHbcyKypk4suKHsIvyQ0cJthO7x2+nj8icHYwfDZ8Cq0ovYC/Y drViPOucFdKa15UfNQWdRvTnaqV4vderoS8rWWhvFSA45e3Qu2BX8ObAWJTtVM+I gT4k6ZK4olJ7cBD7pJzWNEr5/CYJf6OCMDH73gtPngqDunPE -----END CERTIFICATE-----Generated at Wed May 13 21:09:01 2026 by rpki-client