$ rpki-client -vvf rpkica.twnic.tw/rpki/KBT/0/3231392e37302e302e302f31352d3234203d3e203138303432.roa File: 3231392e37302e302e302f31352d3234203d3e203138303432.roa (raw, json) Hash identifier: aKWHu2MFaSS+irStw3Kqi3VtsihbBfOPMd3ux2tmTBQ= Subject key identifier: B7:68:78:9D:9A:18:86:76:EE:30:0B:58:E8:EE:3A:B6:10:A8:6F:0A Certificate issuer: /CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Certificate serial: 4B866E8CA940077A7AC957C10028F64670F405DA Authority key identifier: 91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject info access: rsync://rpkica.twnic.tw/rpki/KBT/0/3231392e37302e302e302f31352d3234203d3e203138303432.roa Signing time: Mon 22 Jun 2026 03:24:05 +0000 ROA not before: Mon 22 Jun 2026 03:19:05 +0000 ROA not after: Mon 21 Jun 2027 03:24:05 +0000 asID: 18042 IP address blocks: 219.70.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Jul 2026 08:44:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:86:6e:8c:a9:40:07:7a:7a:c9:57:c1:00:28:f6:46:70:f4:05:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Validity Not Before: Jun 22 03:19:05 2026 GMT Not After : Jun 21 03:24:05 2027 GMT Subject: CN=B768789D9A188676EE300B58E8EE3AB610A86F0A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:b8:fb:1b:d3:dd:97:04:34:c9:cb:f0:e3:ba: 92:51:3f:70:bc:e2:ed:41:f0:43:8a:f5:b7:fb:81: 98:e4:56:a3:ec:bf:0a:a0:e4:df:ae:e8:60:02:0e: cb:d6:45:12:9b:72:34:10:02:e2:e6:f9:3c:03:81: 23:dd:39:ac:9c:c9:a4:a9:69:4d:7d:99:ab:97:76: 4b:c0:d0:9e:2d:0a:5e:e9:c8:72:64:b4:c0:c2:2a: 0d:43:f3:59:e6:67:9c:c6:68:b7:b8:01:7f:f3:ac: 83:bb:94:e2:45:af:55:32:0e:07:f3:3a:8a:7e:1b: f8:47:4f:69:cf:72:37:36:2e:25:67:a5:67:79:47: d1:af:f4:e3:5d:cb:b9:9e:23:10:05:58:86:9d:81: 21:79:25:94:2a:37:e9:88:e3:ce:7d:df:e2:a6:41: d4:bc:b1:98:e4:47:29:59:cb:02:87:b7:56:f3:73: 01:27:ff:c5:0c:b6:96:8d:a7:f0:d0:bd:43:07:4c: 69:af:5c:ea:7f:da:36:fe:6f:7d:2d:8b:52:97:da: ff:99:90:f0:d5:93:40:2c:f2:e5:61:9a:09:29:54: 46:e8:ed:f6:25:a0:00:87:19:b6:38:fa:f4:63:30: 82:1e:ee:96:3a:6f:4b:db:99:ef:d1:e8:91:df:16: 7c:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:68:78:9D:9A:18:86:76:EE:30:0B:58:E8:EE:3A:B6:10:A8:6F:0A X509v3 Authority Key Identifier: keyid:91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/KBT/0/3231392e37302e302e302f31352d3234203d3e203138303432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 219.70.0.0/15 Signature Algorithm: sha256WithRSAEncryption 96:2b:2e:75:ee:cc:33:70:7e:12:1c:fd:4b:91:be:9a:25:7a: 68:61:77:ab:cb:c5:52:6d:57:eb:6f:2e:08:92:ea:b7:41:37: 9b:bb:c0:eb:55:94:22:28:2e:63:60:f8:a3:aa:dc:4a:a1:8c: 95:0b:3a:ce:d6:d5:62:e8:fd:36:66:42:0c:77:49:fc:39:bf: 24:4e:50:0e:d5:ea:5d:f5:11:d8:fa:14:47:76:96:62:b7:e4: 48:31:11:6d:02:9a:de:73:f2:e8:23:32:2c:a5:2b:ca:b2:2a: 1a:9a:31:7a:59:4f:94:5e:14:e7:57:ae:29:c3:2b:15:01:30: a8:56:3a:93:dc:69:6a:1d:9c:1f:f6:61:a1:5e:42:6c:f7:fc: 4f:de:8e:fa:6c:6c:76:65:dd:0b:ae:25:b4:c1:a5:e2:a2:9b: 02:42:75:ad:d2:04:99:c5:08:26:23:60:87:ed:c1:b2:56:38: fd:ad:57:b7:e0:e0:fc:52:ea:ca:46:46:c7:7d:80:ad:e4:70: cd:1c:a5:3f:89:cc:58:d4:62:07:bc:8b:cc:aa:d8:cc:5a:eb: 36:f5:ae:43:0f:75:04:14:c6:55:31:91:e5:7e:a0:ef:75:db: 67:60:7e:01:9d:30:a6:e3:5c:db:b8:29:c2:7a:6e:91:ee:4b: be:16:ac:09 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgIUS4ZujKlAB3p6yVfBACj2RnD0BdowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFC N0VBMTU4OTAeFw0yNjA2MjIwMzE5MDVaFw0yNzA2MjEwMzI0MDVaMDMxMTAvBgNV BAMTKEI3Njg3ODlEOUExODg2NzZFRTMwMEI1OEU4RUUzQUI2MTBBODZGMEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+uPsb092XBDTJy/DjupJRP3C8 4u1B8EOK9bf7gZjkVqPsvwqg5N+u6GACDsvWRRKbcjQQAuLm+TwDgSPdOaycyaSp aU19mauXdkvA0J4tCl7pyHJktMDCKg1D81nmZ5zGaLe4AX/zrIO7lOJFr1UyDgfz Oop+G/hHT2nPcjc2LiVnpWd5R9Gv9ONdy7meIxAFWIadgSF5JZQqN+mI48593+Km QdS8sZjkRylZywKHt1bzcwEn/8UMtpaNp/DQvUMHTGmvXOp/2jb+b30ti1KX2v+Z kPDVk0As8uVhmgkpVEbo7fYloACHGbY4+vRjMIIe7pY6b0vbme/R6JHfFnzVAgMB AAGjggHYMIIB1DAdBgNVHQ4EFgQUt2h4nZoYhnbuMAtY6O46thCobwowHwYDVR0j BBgwFoAUkUCdocH68xqj3yk22qorSrfqFYkwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAv OTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFCN0VBMTU4OS5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS85MTQwOURBMUMxRkFGMzFBQTNERjI5MzZEQUFBMkI0 QUI3RUExNTg5LmNlcjB1BggrBgEFBQcBCwRpMGcwZQYIKwYBBQUHMAuGWXJzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAvMzIzMTM5MmUzNzMwMmUzMDJl MzAyZjMxMzUyZDMyMzQyMDNkM2UyMDMxMzgzMDM0MzIucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwHbRjAN BgkqhkiG9w0BAQsFAAOCAQEAlisude7MM3B+Ehz9S5G+miV6aGF3q8vFUm1X628u CJLqt0E3m7vA61WUIiguY2D4o6rcSqGMlQs6ztbVYuj9NmZCDHdJ/Dm/JE5QDtXq XfUR2PoUR3aWYrfkSDERbQKa3nPy6CMyLKUryrIqGpoxellPlF4U51euKcMrFQEw qFY6k9xpah2cH/ZhoV5CbPf8T96O+mxsdmXdC64ltMGl4qKbAkJ1rdIEmcUIJiNg h+3BslY4/a1Xt+Dg/FLqykZGx32AreRwzRylP4nMWNRiB7yLzKrYzFrrNvWuQw91 BBTGVTGR5X6g73XbZ2B+AZ0wpuNc27gpwnpuke5LvhasCQ== -----END CERTIFICATE-----Generated at Tue Jun 30 20:13:01 2026 by rpki-client