$ rpki-client -vvf rpkica.twnic.tw/rpki/KBT/0/3231392e37312e302e302f31362d3234203d3e2039343136.roa File: 3231392e37312e302e302f31362d3234203d3e2039343136.roa (raw, json) Hash identifier: 97P2WL5g9oFxCSzQPB8BxoiH+imD4Cx++C0GhUUVSCM= Subject key identifier: 4E:2D:44:A7:3B:0E:2D:FD:79:A5:4F:A0:5A:E5:14:77:EB:8B:E1:54 Certificate issuer: /CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Certificate serial: 213C2FFE383C1D035D9A691C9A51192C268169D4 Authority key identifier: 91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject info access: rsync://rpkica.twnic.tw/rpki/KBT/0/3231392e37312e302e302f31362d3234203d3e2039343136.roa Signing time: Mon 22 Jun 2026 03:23:59 +0000 ROA not before: Mon 22 Jun 2026 03:18:59 +0000 ROA not after: Mon 21 Jun 2027 03:23:59 +0000 asID: 9416 IP address blocks: 219.71.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Jul 2026 08:44:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:3c:2f:fe:38:3c:1d:03:5d:9a:69:1c:9a:51:19:2c:26:81:69:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Validity Not Before: Jun 22 03:18:59 2026 GMT Not After : Jun 21 03:23:59 2027 GMT Subject: CN=4E2D44A73B0E2DFD79A54FA05AE51477EB8BE154 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:6c:48:ff:14:57:f4:f0:20:f1:4f:a3:47:a3: 83:0d:64:ea:4b:1e:00:aa:ce:57:49:95:7e:ed:8e: 16:4b:9e:f0:41:d2:3d:d0:f1:5f:bd:34:f7:0f:c7: ef:e2:30:de:ef:c1:5f:04:7c:66:9e:43:fd:a5:ea: 8f:55:f0:ac:fc:00:1c:53:94:85:36:0f:77:c2:c3: 7e:c2:25:32:43:26:d0:c5:4c:3d:ad:e4:7c:46:79: c4:f8:26:68:e7:7d:66:44:35:3e:5b:c4:ed:31:ad: e3:15:5f:29:70:6d:d2:35:e0:f2:e5:39:bf:99:77: d6:a6:cc:98:23:45:40:6f:17:dd:f2:76:0a:16:3e: 2a:fc:de:39:1a:53:1f:47:29:f0:b2:54:8e:3d:2d: 53:61:79:0d:36:93:60:32:e6:4a:66:4c:62:96:48: d6:38:dd:de:42:02:62:9b:d4:6f:5e:2a:33:ca:55: 83:70:62:53:5f:b9:1b:4c:ee:33:79:22:fb:97:d1: 6d:fd:10:92:8f:c5:f7:ff:0f:2b:90:3d:1e:c8:b7: 7d:9a:a1:1d:94:96:fa:81:a1:6b:ca:e1:76:cb:12: 3a:3e:b0:71:0c:f0:1d:c3:9a:56:0e:d3:50:85:8b: 08:1a:5d:ac:28:f8:35:cf:d4:92:0b:ba:63:44:e3: 2a:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:2D:44:A7:3B:0E:2D:FD:79:A5:4F:A0:5A:E5:14:77:EB:8B:E1:54 X509v3 Authority Key Identifier: keyid:91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/KBT/0/3231392e37312e302e302f31362d3234203d3e2039343136.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 219.71.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0c:4e:4d:fd:fb:a3:f6:04:c1:fd:fa:52:8c:94:04:51:9b:01: af:99:cf:d1:8f:57:ae:73:0f:a8:46:b6:58:62:df:dc:bb:48: 93:06:98:ff:37:1e:92:1a:fb:46:e2:bf:f8:ed:a9:c4:e6:1c: 20:61:0e:7e:2a:f7:a0:f1:a2:35:ca:e1:95:0e:b9:a7:e7:b7: d5:e3:2d:51:c6:8d:97:1b:f4:3a:88:df:06:18:3f:20:ac:9e: 1e:1c:6a:6d:c1:66:c5:29:e9:02:d6:34:f5:42:87:4c:db:e0: ea:9d:b2:1c:fc:c5:39:60:8c:84:94:4d:e5:3c:d2:6b:c9:c4: eb:dd:62:2c:1b:84:84:98:0d:92:23:ce:e4:11:be:af:df:61: fd:92:3e:f0:bb:ed:17:88:e3:a9:aa:e0:5c:10:7e:0b:d4:5d: f3:b6:80:4a:8e:73:83:91:bd:f5:e7:1f:3c:69:0e:2b:69:f8: 70:48:a3:c0:2c:29:ae:95:c6:73:89:a5:1e:d3:0f:af:45:d2: 99:ed:90:5c:33:c1:98:8c:9e:ad:d6:98:cc:48:2c:6a:68:09: cf:37:0f:6e:0a:f5:34:22:88:90:a6:53:ad:0a:8f:72:72:42: 0a:d9:cc:3b:c1:e1:d8:44:85:5b:65:8d:e2:58:2d:76:d2:32: 19:a4:22:de -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgIUITwv/jg8HQNdmmkcmlEZLCaBadQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFC N0VBMTU4OTAeFw0yNjA2MjIwMzE4NTlaFw0yNzA2MjEwMzIzNTlaMDMxMTAvBgNV BAMTKDRFMkQ0NEE3M0IwRTJERkQ3OUE1NEZBMDVBRTUxNDc3RUI4QkUxNTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZbEj/FFf08CDxT6NHo4MNZOpL HgCqzldJlX7tjhZLnvBB0j3Q8V+9NPcPx+/iMN7vwV8EfGaeQ/2l6o9V8Kz8ABxT lIU2D3fCw37CJTJDJtDFTD2t5HxGecT4JmjnfWZENT5bxO0xreMVXylwbdI14PLl Ob+Zd9amzJgjRUBvF93ydgoWPir83jkaUx9HKfCyVI49LVNheQ02k2Ay5kpmTGKW SNY43d5CAmKb1G9eKjPKVYNwYlNfuRtM7jN5IvuX0W39EJKPxff/DyuQPR7It32a oR2UlvqBoWvK4XbLEjo+sHEM8B3DmlYO01CFiwgaXawo+DXP1JILumNE4yrhAgMB AAGjggHWMIIB0jAdBgNVHQ4EFgQUTi1EpzsOLf15pU+gWuUUd+uL4VQwHwYDVR0j BBgwFoAUkUCdocH68xqj3yk22qorSrfqFYkwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAv OTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFCN0VBMTU4OS5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS85MTQwOURBMUMxRkFGMzFBQTNERjI5MzZEQUFBMkI0 QUI3RUExNTg5LmNlcjBzBggrBgEFBQcBCwRnMGUwYwYIKwYBBQUHMAuGV3JzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAvMzIzMTM5MmUzNzMxMmUzMDJl MzAyZjMxMzYyZDMyMzQyMDNkM2UyMDM5MzQzMTM2LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA20cwDQYJ KoZIhvcNAQELBQADggEBAAxOTf37o/YEwf36UoyUBFGbAa+Zz9GPV65zD6hGtlhi 39y7SJMGmP83HpIa+0biv/jtqcTmHCBhDn4q96DxojXK4ZUOuafnt9XjLVHGjZcb 9DqI3wYYPyCsnh4cam3BZsUp6QLWNPVCh0zb4Oqdshz8xTlgjISUTeU80mvJxOvd YiwbhISYDZIjzuQRvq/fYf2SPvC77ReI46mq4FwQfgvUXfO2gEqOc4ORvfXnHzxp Ditp+HBIo8AsKa6VxnOJpR7TD69F0pntkFwzwZiMnq3WmMxILGpoCc83D24K9TQi iJCmU60Kj3JyQgrZzDvB4dhEhVtljeJYLXbSMhmkIt4= -----END CERTIFICATE-----Generated at Tue Jun 30 20:13:01 2026 by rpki-client