$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/1iCjNQpmu2LgfPCvSoAHp3cXuTM.roa File: 1iCjNQpmu2LgfPCvSoAHp3cXuTM.roa (raw, json) Hash identifier: yXn0ye8rN5r/PuKixqmWi6tQZBvB1ZCshTB0kr+5GOk= Subject key identifier: D6:20:A3:35:0A:66:BB:62:E0:7C:F0:AF:4A:80:07:A7:77:17:B9:33 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1449 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/1iCjNQpmu2LgfPCvSoAHp3cXuTM.roa Signing time: Fri 12 Sep 2025 08:14:40 +0000 ROA not before: Fri 12 Sep 2025 08:14:40 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17408 IP address blocks: 150.116.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Sep 2025 07:49:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5193 (0x1449) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 12 08:14:40 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D620A3350A66BB62E07CF0AF4A8007A77717B933 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:be:f4:64:ed:9c:03:66:5f:88:ba:eb:70:7e: 02:5c:37:9d:28:25:56:ae:80:b0:d2:bd:27:40:8c: a1:57:5a:ff:a8:cd:40:9f:50:4f:e9:35:a3:1b:7a: 12:df:9b:fa:f2:1a:06:63:a3:04:fd:f7:f0:72:91: 23:77:06:a7:f0:88:cb:34:67:77:f5:e0:81:d7:19: ee:bb:13:40:81:fd:c5:68:63:32:ba:71:62:58:88: a5:1b:34:2c:b8:b3:15:37:d0:6b:a3:1c:a6:c9:21: e1:53:1a:6d:a9:f2:06:3c:12:15:6c:12:80:b3:2f: ca:24:68:00:fd:57:2f:e4:2b:24:00:a3:88:ed:30: bf:e7:5e:db:e1:93:d0:e9:a7:18:00:1e:0b:4d:02: a6:90:f1:58:0d:f0:f4:54:88:0b:d0:71:0a:0d:c6: 4d:e7:92:f3:40:ca:94:ee:bc:bc:d0:54:07:d0:49: 7f:69:3f:fa:3c:9f:15:70:63:55:4c:c7:c7:ea:45: 39:b7:4b:fa:53:89:74:74:41:8f:3e:0f:81:3c:2a: d2:13:c4:48:34:57:ea:04:2b:e9:1e:94:4a:08:51: 48:d0:60:bc:d3:47:87:0e:43:d2:a5:c5:dd:0d:f7: 91:27:48:d4:9d:14:34:ae:16:04:27:50:cb:8a:6f: 77:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:20:A3:35:0A:66:BB:62:E0:7C:F0:AF:4A:80:07:A7:77:17:B9:33 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/1iCjNQpmu2LgfPCvSoAHp3cXuTM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.119.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:86:2d:f4:93:dc:63:c4:68:2c:59:52:fc:71:f5:da:17:9e: d8:74:8c:a6:6a:c3:11:45:cd:9a:3f:7c:1a:3b:45:39:8a:8b: 82:a2:4f:08:a2:48:6e:74:9c:07:c1:d6:4d:04:a1:fb:e2:be: e0:9c:6e:97:64:98:37:0e:c5:a7:53:f0:35:25:fb:cb:d9:5f: 44:68:0c:3a:12:00:95:b1:46:1a:91:7e:a3:cb:24:cf:09:f0: 31:cd:60:fb:90:b3:71:9e:26:40:94:24:49:db:de:3d:d8:a6: 26:d1:c3:c7:71:96:4d:a4:6f:63:36:41:30:30:7e:6d:41:18: dc:4e:01:29:d3:29:0d:d9:0e:28:06:18:db:ec:8c:aa:d4:cd: 7c:ff:f1:45:3c:b7:cc:c4:4c:90:88:12:59:ba:a3:b1:e8:aa: 30:3e:5e:ba:23:59:ed:9c:05:8c:8d:7e:a5:1d:5d:c3:7d:46: cb:24:23:f4:b2:5d:00:83:ac:eb:90:98:05:d6:d8:14:aa:c1: d2:fb:58:2d:89:b4:13:11:30:5c:e7:52:2a:33:59:29:5e:0e: 1b:5d:b7:b8:12:ce:bf:de:72:c7:f3:c0:d9:e2:60:f0:65:52: cb:57:9c:1c:1d:f1:45:65:13:89:d4:88:90:e3:db:14:73:f2: b8:9a:63:b3 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA5MTIw ODE0NDBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQ2MjBBMzM1MEE2NkJC NjJFMDdDRjBBRjRBODAwN0E3NzcxN0I5MzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDvvRk7ZwDZl+IuutwfgJcN50oJVaugLDSvSdAjKFXWv+ozUCf UE/pNaMbehLfm/ryGgZjowT99/BykSN3BqfwiMs0Z3f14IHXGe67E0CB/cVoYzK6 cWJYiKUbNCy4sxU30GujHKbJIeFTGm2p8gY8EhVsEoCzL8okaAD9Vy/kKyQAo4jt ML/nXtvhk9DppxgAHgtNAqaQ8VgN8PRUiAvQcQoNxk3nkvNAypTuvLzQVAfQSX9p P/o8nxVwY1VMx8fqRTm3S/pTiXR0QY8+D4E8KtITxEg0V+oEK+kelEoIUUjQYLzT R4cOQ9Klxd0N95EnSNSdFDSuFgQnUMuKb3fzAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU1iCjNQpmu2LgfPCvSoAHp3cXuTMwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8xaUNqTlFwbXUyTGdm UEN2U29BSHAzY1h1VE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAlnR3MA0GCSqGSIb3DQEBCwUAA4IBAQAthi30k9xjxGgsWVL8cfXaF57YdIym asMRRc2aP3waO0U5iouCok8IokhudJwHwdZNBKH74r7gnG6XZJg3DsWnU/A1JfvL 2V9EaAw6EgCVsUYakX6jyyTPCfAxzWD7kLNxniZAlCRJ29492KYm0cPHcZZNpG9j NkEwMH5tQRjcTgEp0ykN2Q4oBhjb7Iyq1M18//FFPLfMxEyQiBJZuqOx6KowPl66 I1ntnAWMjX6lHV3DfUbLJCP0sl0Ag6zrkJgF1tgUqsHS+1gtibQTETBc51IqM1kp Xg4bXbe4Es6/3nLH88DZ4mDwZVLLV5wcHfFFZROJ1IiQ49sUc/K4mmOz -----END CERTIFICATE-----Generated at Fri Sep 19 07:32:22 2025 by rpki-client