$ rpki-client -vvf rpkica.twnic.tw/rpki/KBT/0/35382e38362e33382e302f32342d3234203d3e203138303432.roa File: 35382e38362e33382e302f32342d3234203d3e203138303432.roa (raw, json) Hash identifier: x+wQOmPJBk402vFkKynJ1KMOhPDLrjCi5MsaMLe/QZo= Subject key identifier: 20:D7:97:2B:74:10:80:2A:CB:72:6F:D2:59:44:2D:03:15:F6:5B:D0 Certificate issuer: /CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Certificate serial: 3B08F1335FF995CD3B591CD163B733C2949E807A Authority key identifier: 91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject info access: rsync://rpkica.twnic.tw/rpki/KBT/0/35382e38362e33382e302f32342d3234203d3e203138303432.roa Signing time: Mon 11 May 2026 16:49:00 +0000 ROA not before: Mon 11 May 2026 16:44:00 +0000 ROA not after: Mon 10 May 2027 16:49:00 +0000 asID: 18042 IP address blocks: 58.86.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 15:23:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:08:f1:33:5f:f9:95:cd:3b:59:1c:d1:63:b7:33:c2:94:9e:80:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589 Validity Not Before: May 11 16:44:00 2026 GMT Not After : May 10 16:49:00 2027 GMT Subject: CN=20D7972B7410802ACB726FD259442D0315F65BD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:b9:8a:9e:0a:b4:3f:20:ce:9f:25:8c:d4:fe: af:ff:43:7a:c6:8c:67:ec:14:1d:cb:65:34:ef:07: 63:4b:e1:cd:86:fc:96:cc:93:6f:d4:77:dd:58:9e: 51:a8:db:9c:37:da:78:67:09:c5:62:c3:66:00:16: c9:79:2f:7b:14:72:4f:4f:68:f2:61:5a:f6:28:ba: f9:e8:b7:bf:47:78:20:f2:33:84:50:f3:be:3d:e2: df:b2:7c:8a:1b:ba:c2:2c:e7:5a:ce:d7:03:0c:18: 09:53:07:5d:6d:f2:6a:d6:5b:8c:d2:d9:36:19:05: d2:6b:81:d7:ef:0f:e6:eb:07:4a:84:0f:46:8a:34: 1b:0b:e5:41:25:b9:c7:61:14:08:69:68:b3:a7:ed: 31:62:43:c9:75:3e:17:ef:32:52:62:40:1f:9a:23: 13:a9:5c:aa:97:f0:a1:44:7f:43:69:50:76:9f:93: 61:86:a4:fa:01:0b:5c:52:3a:af:14:7a:10:d0:4e: 99:03:ac:37:d3:78:91:fb:de:b1:69:f9:9c:15:34: b3:75:bb:03:e1:3f:66:44:f5:aa:81:b5:06:8a:00: 60:10:e5:a9:18:a2:30:2c:cb:2c:6d:ed:e6:d6:d0: 14:56:25:e5:af:7e:7f:fb:f3:58:c7:06:03:33:3c: e6:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:D7:97:2B:74:10:80:2A:CB:72:6F:D2:59:44:2D:03:15:F6:5B:D0 X509v3 Authority Key Identifier: keyid:91:40:9D:A1:C1:FA:F3:1A:A3:DF:29:36:DA:AA:2B:4A:B7:EA:15:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/KBT/0/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/91409DA1C1FAF31AA3DF2936DAAA2B4AB7EA1589.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/KBT/0/35382e38362e33382e302f32342d3234203d3e203138303432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 58.86.38.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:a3:27:2e:f3:e1:76:40:71:da:93:aa:35:30:c2:6b:79:b5: 69:ee:17:9f:3f:9b:26:30:e3:c8:8a:4c:3f:be:54:71:b0:18: 12:80:7c:b4:df:08:aa:5b:e0:4d:ef:79:e9:30:68:31:9b:a0: 74:65:96:48:39:cb:69:f7:b2:b5:9a:62:e2:0d:1c:5c:fd:28: 6f:67:58:c6:2d:41:e6:cc:09:6c:5e:42:30:11:38:58:7e:cb: 0a:92:2f:c2:a0:3d:3c:89:83:8e:e7:fb:23:56:6c:d3:55:b7: ab:4d:30:8b:9b:ff:99:d9:7d:83:9b:93:6b:4f:64:05:c1:bd: 50:c8:db:cd:5f:22:f3:fc:bf:ec:c7:2a:00:0b:f2:26:10:4f: f2:cd:d6:cb:93:56:95:98:8e:84:09:c4:04:27:4a:8b:44:74: 72:9e:3f:a4:08:03:9d:2c:d5:75:eb:14:35:2e:5b:41:a3:c1: db:d1:20:bb:f1:41:e8:ba:08:73:f8:35:97:b5:25:77:59:2f: 44:d9:dc:70:20:e3:c4:66:cd:f6:9c:79:e1:fa:3a:e3:62:f7: 6c:21:92:bd:5a:8f:9a:fa:34:15:dd:c7:05:a3:22:7b:63:dd: 63:ae:c9:cb:77:f0:c8:e4:38:3d:85:08:77:f9:c7:51:ed:a5: ac:c1:17:7e -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgIUOwjxM1/5lc07WRzRY7czwpSegHowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFC N0VBMTU4OTAeFw0yNjA1MTExNjQ0MDBaFw0yNzA1MTAxNjQ5MDBaMDMxMTAvBgNV BAMTKDIwRDc5NzJCNzQxMDgwMkFDQjcyNkZEMjU5NDQyRDAzMTVGNjVCRDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjuYqeCrQ/IM6fJYzU/q//Q3rG jGfsFB3LZTTvB2NL4c2G/JbMk2/Ud91YnlGo25w32nhnCcViw2YAFsl5L3sUck9P aPJhWvYouvnot79HeCDyM4RQ87494t+yfIobusIs51rO1wMMGAlTB11t8mrWW4zS 2TYZBdJrgdfvD+brB0qED0aKNBsL5UElucdhFAhpaLOn7TFiQ8l1PhfvMlJiQB+a IxOpXKqX8KFEf0NpUHafk2GGpPoBC1xSOq8UehDQTpkDrDfTeJH73rFp+ZwVNLN1 uwPhP2ZE9aqBtQaKAGAQ5akYojAsyyxt7ebW0BRWJeWvfn/781jHBgMzPOYZAgMB AAGjggHZMIIB1TAdBgNVHQ4EFgQUINeXK3QQgCrLcm/SWUQtAxX2W9AwHwYDVR0j BBgwFoAUkUCdocH68xqj3yk22qorSrfqFYkwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAv OTE0MDlEQTFDMUZBRjMxQUEzREYyOTM2REFBQTJCNEFCN0VBMTU4OS5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS85MTQwOURBMUMxRkFGMzFBQTNERjI5MzZEQUFBMkI0 QUI3RUExNTg5LmNlcjB1BggrBgEFBQcBCwRpMGcwZQYIKwYBBQUHMAuGWXJzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0JULzAvMzUzODJlMzgzNjJlMzMzODJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzgzMDM0MzIucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6ViYw DQYJKoZIhvcNAQELBQADggEBAH6jJy7z4XZAcdqTqjUwwmt5tWnuF58/myYw48iK TD++VHGwGBKAfLTfCKpb4E3veekwaDGboHRllkg5y2n3srWaYuINHFz9KG9nWMYt QebMCWxeQjAROFh+ywqSL8KgPTyJg47n+yNWbNNVt6tNMIub/5nZfYObk2tPZAXB vVDI281fIvP8v+zHKgAL8iYQT/LN1suTVpWYjoQJxAQnSotEdHKeP6QIA50s1XXr FDUuW0GjwdvRILvxQei6CHP4NZe1JXdZL0TZ3HAg48RmzfaceeH6OuNi92whkr1a j5r6NBXdxwWjIntj3WOuyct38MjkOD2FCHf5x1HtpazBF34= -----END CERTIFICATE-----Generated at Wed May 13 21:08:46 2026 by rpki-client