$ rpki-client -vvf rpkica.twnic.tw/rpki/KBT/0/3230322e322e35322e302f32322d3234203d3e203138303432.roa File: 3230322e322e35322e302f32322d3234203d3e203138303432.roa (raw, json) Hash identifier: P+pcmD9O8bQ2nASWWlDvJjo1NQ4sCTqpX/DLYwVWoUU= Subject key identifier: AC:60:9E:6E:8F:64:B5:1D:0C:E2:A8:DD:6C:90:D0:83:2A:53:D5:77 Certificate issuer: /CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Certificate serial: 2B2266CE780B9D00550B9C217F62C992566CAF39 Authority key identifier: 91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject info access: rsync://rpkica.twnic.tw/rpki/KBT/0/3230322e322e35322e302f32322d3234203d3e203138303432.roa Signing time: Mon 22 Jun 2026 02:43:49 +0000 ROA not before: Mon 22 Jun 2026 02:38:49 +0000 ROA not after: Mon 21 Jun 2027 02:43:49 +0000 asID: 18042 IP address blocks: 202.2.52.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Jul 2026 08:44:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:22:66:ce:78:0b:9d:00:55:0b:9c:21:7f:62:c9:92:56:6c:af:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Validity Not Before: Jun 22 02:38:49 2026 GMT Not After : Jun 21 02:43:49 2027 GMT Subject: CN=AC609E6E8F64B51D0CE2A8DD6C90D0832A53D577 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d5:f8:51:74:6e:25:14:a5:62:64:d4:c2:11: c6:57:e4:36:b0:46:5a:07:3b:cb:96:02:a3:f0:03: e4:6c:ba:f3:41:87:f1:49:0f:ce:81:31:49:ff:e0: f0:0f:60:b8:7f:e8:0a:36:a1:d4:0c:1a:86:b3:1b: e5:bf:d0:bf:74:33:3c:76:fe:98:8f:45:83:f5:c7: b8:a4:d2:4d:89:e8:c6:ff:46:54:df:7d:75:6d:dd: af:49:41:4a:a5:04:d5:7d:7c:0f:50:b6:b9:d5:35: 83:e5:39:0e:ef:c5:7a:1c:45:09:e5:50:25:f3:77: a7:ab:00:14:bf:46:69:5f:d0:44:3d:e8:31:af:2a: bf:06:60:e8:3d:94:86:8a:b3:44:6e:95:dd:42:6c: 7e:e7:f2:c3:db:f4:8a:5e:d4:bd:7f:93:27:b3:6d: 42:34:84:f5:dc:ad:a4:57:46:da:62:11:ec:f5:62: 99:d5:42:20:89:b0:1b:f9:c6:4a:a1:12:f2:f5:65: 79:b3:10:c1:9b:bc:bc:2c:e1:22:0c:67:6d:bc:50: 66:81:9a:6e:34:e2:05:26:4d:0e:ab:c2:a9:df:37: 3e:ad:8a:d9:2e:90:17:51:2b:b6:df:d0:35:e1:f4: 17:8d:4a:71:88:72:25:a3:3a:7b:b5:a8:c4:9f:43: db:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:60:9E:6E:8F:64:B5:1D:0C:E2:A8:DD:6C:90:D0:83:2A:53:D5:77 X509v3 Authority Key Identifier: keyid:91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/KBT/0/3230322e322e35322e302f32322d3234203d3e203138303432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.2.52.0/22 Signature Algorithm: sha256WithRSAEncryption 02:a1:88:44:3b:56:61:04:f9:4b:9f:3b:fa:4c:01:ec:46:3d: 18:5e:92:47:f8:19:3d:27:29:3e:e3:a9:a7:2f:20:99:08:ba: 96:30:bb:b8:fc:d7:58:8b:73:8f:7e:0f:3d:4b:82:0e:e3:7e: 11:1d:a2:bc:6f:d3:92:a2:35:61:00:07:1c:1e:d0:a0:4a:d9: de:5f:ad:2e:e4:b0:c8:e3:22:82:82:62:ad:b9:a9:48:81:4b: 86:35:b3:a1:40:17:b0:0c:b8:bd:57:52:d8:2a:2e:1d:5b:2e: 68:bd:4d:ff:f7:b6:1e:73:42:d8:fb:c5:7b:f4:8a:ad:12:92: da:37:a1:e2:04:b5:76:37:53:a7:81:29:f0:63:d3:01:fa:18: 7f:ad:8b:7f:fb:49:1e:a6:6a:08:1e:6d:18:bc:12:a7:d0:91: 5a:c7:a5:57:2b:0f:bb:63:4f:0a:ba:64:e1:42:b4:10:f9:40: bc:50:aa:97:df:ad:39:06:f3:d5:fb:bb:7a:4c:5a:94:5a:5d: f6:12:ca:42:8e:3e:43:52:58:84:42:8d:40:61:a1:56:22:94: 53:25:fd:3d:8e:eb:b5:6a:43:4e:70:91:53:57:92:c1:71:f9: 41:fb:41:28:06:d8:18:84:11:e9:30:c1:20:de:14:af:db:16: 97:37:5a:e6 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgIUKyJmzngLnQBVC5whf2LJklZsrzkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFC N0VBMTU4OTAeFw0yNjA2MjIwMjM4NDlaFw0yNzA2MjEwMjQzNDlaMDMxMTAvBgNV BAMTKEFDNjA5RTZFOEY2NEI1MUQwQ0UyQThERDZDOTBEMDgzMkE1M0Q1NzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY1fhRdG4lFKViZNTCEcZX5Daw RloHO8uWAqPwA+RsuvNBh/FJD86BMUn/4PAPYLh/6Ao2odQMGoazG+W/0L90Mzx2 /piPRYP1x7ik0k2J6Mb/RlTffXVt3a9JQUqlBNV9fA9QtrnVNYPlOQ7vxXocRQnl UCXzd6erABS/Rmlf0EQ96DGvKr8GYOg9lIaKs0Ruld1CbH7n8sPb9Ipe1L1/kyez bUI0hPXcraRXRtpiEez1YpnVQiCJsBv5xkqhEvL1ZXmzEMGbvLws4SIMZ228UGaB mm404gUmTQ6rwqnfNz6titkukBdRK7bf0DXh9BeNSnGIciWjOnu1qMSfQ9uZAgMB AAGjggHZMIIB1TAdBgNVHQ4EFgQUrGCebo9ktR0M4qjdbJDQgypT1XcwHwYDVR0j BBgwFoAUkUCdocH68xqj3yk22qorSrfqFYkwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAv OTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFCN0VBMTU4OS5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS85MTQwOURBMUMxRkFGMzFBQTNERjI5MzZEQUFBMkI0 QUI3RUExNTg5LmNlcjB1BggrBgEFBQcBCwRpMGcwZQYIKwYBBQUHMAuGWXJzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAvMzIzMDMyMmUzMjJlMzUzMjJl MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMxMzgzMDM0MzIucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALKAjQw DQYJKoZIhvcNAQELBQADggEBAAKhiEQ7VmEE+UufO/pMAexGPRhekkf4GT0nKT7j qacvIJkIupYwu7j811iLc49+Dz1Lgg7jfhEdorxv05KiNWEABxwe0KBK2d5frS7k sMjjIoKCYq25qUiBS4Y1s6FAF7AMuL1XUtgqLh1bLmi9Tf/3th5zQtj7xXv0iq0S kto3oeIEtXY3U6eBKfBj0wH6GH+ti3/7SR6maggebRi8EqfQkVrHpVcrD7tjTwq6 ZOFCtBD5QLxQqpffrTkG89X7u3pMWpRaXfYSykKOPkNSWIRCjUBhoVYilFMl/T2O 67VqQ05wkVNXksFx+UH7QSgG2BiEEekwwSDeFK/bFpc3WuY= -----END CERTIFICATE-----Generated at Tue Jun 30 20:12:54 2026 by rpki-client