$ rpki-client -vvf rpkica.twnic.tw/rpki/KBT/0/3231392e36382e302e302f31362d3234203d3e2039343136.roa File: 3231392e36382e302e302f31362d3234203d3e2039343136.roa (raw, json) Hash identifier: SMxYDusTSbkMUn1lunuEmp34DkRtG05r9BaIVg6t/ok= Subject key identifier: 44:3D:CB:4E:01:BB:29:0A:F1:B0:7B:D7:54:29:AA:C3:5E:0A:9E:B2 Certificate issuer: /CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Certificate serial: 19D620E98FA76027DFC23973EBE6221011051651 Authority key identifier: 91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject info access: rsync://rpkica.twnic.tw/rpki/KBT/0/3231392e36382e302e302f31362d3234203d3e2039343136.roa Signing time: Thu 25 Jun 2026 02:43:48 +0000 ROA not before: Thu 25 Jun 2026 02:38:48 +0000 ROA not after: Thu 24 Jun 2027 02:43:48 +0000 asID: 9416 IP address blocks: 219.68.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Jul 2026 08:44:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:d6:20:e9:8f:a7:60:27:df:c2:39:73:eb:e6:22:10:11:05:16:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Validity Not Before: Jun 25 02:38:48 2026 GMT Not After : Jun 24 02:43:48 2027 GMT Subject: CN=443DCB4E01BB290AF1B07BD75429AAC35E0A9EB2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:1b:c6:66:da:22:c9:01:f5:a3:fb:6b:bd:2f: a2:87:6d:95:2f:c2:90:f2:65:40:44:88:2b:e1:01: a4:d9:74:26:84:12:56:1a:f8:95:6a:d5:98:55:d9: 30:c1:1f:64:04:55:64:04:1a:4d:ff:54:f8:b8:2f: 26:35:50:f8:dd:d2:70:36:e0:cc:9c:05:d7:2c:29: 31:52:2d:bc:f1:42:51:89:8c:16:c6:3b:b1:35:4b: 93:99:7f:9d:16:cb:75:60:a2:1d:25:d6:8e:ef:ac: 29:cd:3a:3d:78:fc:ce:cf:62:d0:78:e3:7a:ec:54: ff:97:16:a7:f2:16:d9:79:d1:dd:99:31:31:88:21: 6c:c4:e0:c4:c5:08:a5:7f:ae:24:5a:47:2b:34:68: 4a:1e:6e:3a:76:db:cb:d3:b0:9e:86:6d:77:68:eb: d1:f4:5c:f6:32:12:f6:62:0c:67:22:9e:4a:57:f8: 9b:06:29:e0:d7:6f:e0:eb:ea:61:23:e9:a2:b7:f6: 1b:37:a3:a7:db:ca:84:c4:a0:4c:f8:3e:3c:d8:4c: 8b:5c:33:9e:63:b2:9b:97:05:e7:1b:6b:cf:2d:73: 7e:de:5c:f6:86:59:78:5d:0c:4c:00:36:5a:c1:51: fd:f2:4b:31:30:d7:1a:c6:7e:aa:01:1f:02:35:fd: 9e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:3D:CB:4E:01:BB:29:0A:F1:B0:7B:D7:54:29:AA:C3:5E:0A:9E:B2 X509v3 Authority Key Identifier: keyid:91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/KBT/0/3231392e36382e302e302f31362d3234203d3e2039343136.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 219.68.0.0/16 Signature Algorithm: sha256WithRSAEncryption 76:d1:93:8d:85:49:0f:9a:bc:90:83:b6:1e:92:3e:56:28:35: 69:5d:76:fb:2c:ef:b9:aa:46:3c:9a:aa:a2:29:3b:e7:f0:f8: 09:4d:5a:7e:58:ad:c4:6a:af:b5:b0:69:5a:78:d0:ad:75:5f: 69:e2:b3:f6:af:73:e2:09:31:d0:8e:43:76:af:93:79:67:78: 6b:dc:ca:83:00:b2:d7:09:c3:62:ac:bb:af:48:9f:d7:df:b6: 2d:d2:ff:ff:e9:99:31:a0:e3:70:e7:97:de:3f:a7:9a:88:49: fa:d0:bc:96:51:3c:6a:98:28:f8:7f:be:83:dd:13:81:0d:2b: eb:c6:d0:c2:8b:00:bb:01:9b:8b:a5:51:e5:40:52:93:9d:57: b8:e6:40:93:b8:6a:92:89:3a:e7:ea:37:7e:10:68:9e:86:eb: 8a:48:3f:cd:e7:7b:23:1f:29:fb:29:92:8d:af:87:ad:cc:a2: 57:b4:e1:33:bc:74:c3:63:62:94:9a:05:9b:98:75:f8:3f:58: cc:19:c4:c7:60:14:1a:02:34:86:d1:c1:b6:ea:44:ef:90:88: 31:f5:27:f9:bc:a6:11:31:91:f7:ca:6b:1c:ee:8d:bf:67:e0: 53:93:4d:67:77:cd:12:a0:8a:76:57:4c:93:38:9a:8e:1f:ae: ce:b4:ce:b4 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgIUGdYg6Y+nYCffwjlz6+YiEBEFFlEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFC N0VBMTU4OTAeFw0yNjA2MjUwMjM4NDhaFw0yNzA2MjQwMjQzNDhaMDMxMTAvBgNV BAMTKDQ0M0RDQjRFMDFCQjI5MEFGMUIwN0JENzU0MjlBQUMzNUUwQTlFQjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8G8Zm2iLJAfWj+2u9L6KHbZUv wpDyZUBEiCvhAaTZdCaEElYa+JVq1ZhV2TDBH2QEVWQEGk3/VPi4LyY1UPjd0nA2 4MycBdcsKTFSLbzxQlGJjBbGO7E1S5OZf50Wy3Vgoh0l1o7vrCnNOj14/M7PYtB4 43rsVP+XFqfyFtl50d2ZMTGIIWzE4MTFCKV/riRaRys0aEoebjp228vTsJ6GbXdo 69H0XPYyEvZiDGcinkpX+JsGKeDXb+Dr6mEj6aK39hs3o6fbyoTEoEz4PjzYTItc M55jspuXBecba88tc37eXPaGWXhdDEwANlrBUf3ySzEw1xrGfqoBHwI1/Z45AgMB AAGjggHWMIIB0jAdBgNVHQ4EFgQURD3LTgG7KQrxsHvXVCmqw14KnrIwHwYDVR0j BBgwFoAUkUCdocH68xqj3yk22qorSrfqFYkwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAv OTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFCN0VBMTU4OS5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS85MTQwOURBMUMxRkFGMzFBQTNERjI5MzZEQUFBMkI0 QUI3RUExNTg5LmNlcjBzBggrBgEFBQcBCwRnMGUwYwYIKwYBBQUHMAuGV3JzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAvMzIzMTM5MmUzNjM4MmUzMDJl MzAyZjMxMzYyZDMyMzQyMDNkM2UyMDM5MzQzMTM2LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA20QwDQYJ KoZIhvcNAQELBQADggEBAHbRk42FSQ+avJCDth6SPlYoNWlddvss77mqRjyaqqIp O+fw+AlNWn5YrcRqr7WwaVp40K11X2nis/avc+IJMdCOQ3avk3lneGvcyoMAstcJ w2Ksu69In9ffti3S///pmTGg43Dnl94/p5qISfrQvJZRPGqYKPh/voPdE4ENK+vG 0MKLALsBm4ulUeVAUpOdV7jmQJO4apKJOufqN34QaJ6G64pIP83neyMfKfspko2v h63Mole04TO8dMNjYpSaBZuYdfg/WMwZxMdgFBoCNIbRwbbqRO+QiDH1J/m8phEx kffKaxzujb9n4FOTTWd3zRKginZXTJM4mo4frs60zrQ= -----END CERTIFICATE-----Generated at Tue Jun 30 20:13:01 2026 by rpki-client