$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BF2vHCU3Wznm5JPKyEHYbMnwj38.roa File: BF2vHCU3Wznm5JPKyEHYbMnwj38.roa (raw, json) Hash identifier: 1rv9RRaqWGWHpuCwlm7nzJysSAIMdaIepZhwdduKki0= Subject key identifier: 04:5D:AF:1C:25:37:5B:39:E6:E4:93:CA:C8:41:D8:6C:C9:F0:8F:7F Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 13DE Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BF2vHCU3Wznm5JPKyEHYbMnwj38.roa Signing time: Fri 22 Aug 2025 08:57:21 +0000 ROA not before: Fri 22 Aug 2025 08:57:21 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131627 IP address blocks: 150.116.168.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 14:46:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5086 (0x13de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:21 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=045DAF1C25375B39E6E493CAC841D86CC9F08F7F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:97:2a:0b:92:53:2b:7e:8d:1f:3b:d2:67:64: dd:19:6b:43:b3:5f:ba:ea:bd:9b:29:e2:37:20:be: ef:00:5d:7e:8b:03:80:2e:4e:2b:cc:b1:37:03:68: 7e:c8:f2:f3:22:57:fb:32:0e:6d:f9:af:05:3a:ab: e4:0e:88:2d:cf:48:4f:22:32:b9:36:4e:c4:21:c1: e6:a5:ac:47:24:74:a0:d6:ef:31:6f:c1:00:d6:07: fe:47:f4:a0:51:5c:30:12:52:0a:30:75:97:e0:85: a3:c5:3d:fb:fd:97:bd:d2:be:a2:75:67:63:3a:c2: 39:31:c1:11:de:02:79:07:48:49:10:df:dc:db:f8: 35:15:db:25:84:50:78:c8:51:a4:18:78:79:d7:dc: a2:f0:4e:0d:17:c6:8f:d1:82:03:93:42:b0:75:37: e8:d6:68:05:0f:73:01:c9:f1:23:54:74:b4:05:65: 28:ec:b5:08:9e:28:0f:b3:52:55:be:47:37:b2:d3: e2:7e:e0:53:4c:90:15:65:c4:d3:65:e4:61:18:a1: 88:da:24:a5:eb:23:17:c0:ae:87:34:61:2a:2a:4d: 09:7c:4b:fa:ec:d5:c5:45:32:f0:7d:4e:fb:59:ac: be:ef:ba:f9:21:7d:de:91:09:9d:f4:81:f2:72:3d: 3f:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:5D:AF:1C:25:37:5B:39:E6:E4:93:CA:C8:41:D8:6C:C9:F0:8F:7F X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BF2vHCU3Wznm5JPKyEHYbMnwj38.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.168.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:dc:e8:7c:c5:9d:0a:fb:31:1f:19:b9:31:21:05:df:0b:4e: 33:4c:66:4a:d2:da:a3:51:24:ff:1a:d4:f0:56:24:59:d1:fe: 3f:19:28:6a:e3:e9:25:9e:40:b3:8f:8d:91:df:95:af:30:39: fc:ca:a0:69:35:8c:f3:b2:05:7f:8d:dd:14:d7:6a:63:ed:f9: 05:42:3c:5c:db:44:a7:f0:19:b7:06:61:b6:61:37:53:68:30: bd:12:06:23:69:42:1a:9e:90:11:2f:f7:cc:eb:41:02:50:78: 32:0d:5b:fe:29:f4:6c:35:d1:c7:7e:0a:0e:e8:67:75:d4:09: 9b:8f:8c:8f:79:07:57:5a:43:20:86:41:fb:74:56:c7:e0:5a: 2f:8a:0b:5d:86:1f:29:15:14:1f:ee:1a:27:14:2a:92:16:bd: 88:cb:da:04:0a:a9:13:ac:17:49:0b:85:b1:38:bd:50:52:18: 52:ed:5e:3a:d5:dc:64:e9:7b:8a:68:ed:cc:28:da:5f:6b:5e: a5:76:cf:2e:be:4c:d7:6a:af:e1:b9:6c:cd:81:79:41:e6:78: fd:d5:35:cc:ee:fc:21:29:50:f9:fc:b2:d1:93:41:5d:30:8e: 47:3f:59:6b:96:f8:08:f1:57:dc:b1:8e:27:20:b2:04:b1:90: 3d:f3:8b:5b -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICE94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MjFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA0NURBRjFDMjUzNzVC MzlFNkU0OTNDQUM4NDFEODZDQzlGMDhGN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCylyoLklMrfo0fO9JnZN0Za0OzX7rqvZsp4jcgvu8AXX6LA4Au TivMsTcDaH7I8vMiV/syDm35rwU6q+QOiC3PSE8iMrk2TsQhwealrEckdKDW7zFv wQDWB/5H9KBRXDASUgowdZfghaPFPfv9l73SvqJ1Z2M6wjkxwRHeAnkHSEkQ39zb +DUV2yWEUHjIUaQYeHnX3KLwTg0Xxo/RggOTQrB1N+jWaAUPcwHJ8SNUdLQFZSjs tQieKA+zUlW+Rzey0+J+4FNMkBVlxNNl5GEYoYjaJKXrIxfAroc0YSoqTQl8S/rs 1cVFMvB9TvtZrL7vuvkhfd6RCZ30gfJyPT+DAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUBF2vHCU3Wznm5JPKyEHYbMnwj38wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9CRjJ2SENVM1d6bm01 SlBLeUVIWWJNbndqMzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBlnSoMA0GCSqGSIb3DQEBCwUAA4IBAQCM3Oh8xZ0K+zEfGbkxIQXfC04zTGZK 0tqjUST/GtTwViRZ0f4/GShq4+klnkCzj42R35WvMDn8yqBpNYzzsgV/jd0U12pj 7fkFQjxc20Sn8Bm3BmG2YTdTaDC9EgYjaUIanpARL/fM60ECUHgyDVv+KfRsNdHH fgoO6Gd11Ambj4yPeQdXWkMghkH7dFbH4Fovigtdhh8pFRQf7honFCqSFr2Iy9oE CqkTrBdJC4WxOL1QUhhS7V461dxk6XuKaO3MKNpfa16lds8uvkzXaq/huWzNgXlB 5nj91TXM7vwhKVD5/LLRk0FdMI5HP1lrlvgI8VfcsY4nILIEsZA984tb -----END CERTIFICATE-----Generated at Sat Sep 6 13:50:29 2025 by rpki-client