$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BH7RX2d-H5izHJOTW745H_zEswc.roa File: BH7RX2d-H5izHJOTW745H_zEswc.roa (raw, json) Hash identifier: ZcDuPQYDDGx/rApVHOrOsw1OvBNXYYvYOUDVhNT81o4= Subject key identifier: 04:7E:D1:5F:67:7E:1F:98:B3:1C:93:93:5B:BE:39:1F:FC:C4:B3:07 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1429 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BH7RX2d-H5izHJOTW745H_zEswc.roa Signing time: Fri 22 Aug 2025 08:57:37 +0000 ROA not before: Fri 22 Aug 2025 08:57:37 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 10085 IP address blocks: 223.26.96.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 18:17:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5161 (0x1429) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:37 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=047ED15F677E1F98B31C93935BBE391FFCC4B307 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:bf:05:bb:86:95:71:7b:45:41:5f:e9:d3:7b: c4:c0:98:a9:d3:87:d1:77:17:35:12:88:fb:32:f7: 4f:f4:b4:cc:38:76:1e:57:da:8a:75:bf:5d:c7:de: 3b:0d:e3:52:fe:d8:15:ef:de:f2:83:b3:9d:c7:56: 68:63:b7:66:f3:76:f1:4e:3d:e1:47:b0:a7:07:ec: 7b:b9:cc:5d:98:46:5e:e2:47:bd:7b:f2:78:0e:12: 6f:02:53:e7:3e:a0:a9:60:3c:9a:87:05:e8:78:8a: 09:f1:85:8f:95:63:98:62:a0:e3:41:66:d1:01:8c: ce:94:f6:8e:c3:09:bf:88:6e:b8:ac:a1:a3:30:80: 70:02:e2:ca:b2:4b:55:fd:6c:29:48:65:42:63:6b: 4b:a7:4c:20:97:a9:de:70:28:c2:f4:33:14:a3:d0: 76:f5:9c:08:fa:09:0d:55:d2:e1:7f:8d:73:c4:27: 97:2e:7f:c8:a0:a7:06:5c:7b:0c:7b:39:de:c3:53: 10:df:89:6f:50:77:ca:16:24:24:6c:eb:b8:82:1f: da:a3:38:a1:7c:4c:29:75:dd:fc:61:f7:cb:ae:69: 8c:53:26:76:01:9a:47:50:28:c4:3e:48:cb:b0:66: 8d:85:c3:86:6b:d7:f1:c4:c7:14:ae:03:36:e1:9d: f4:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:7E:D1:5F:67:7E:1F:98:B3:1C:93:93:5B:BE:39:1F:FC:C4:B3:07 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BH7RX2d-H5izHJOTW745H_zEswc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.26.96.0/21 Signature Algorithm: sha256WithRSAEncryption 45:fc:cf:de:d6:6a:1f:9e:f0:5d:09:0c:92:78:8b:69:bf:a0: 18:86:7a:68:5c:3e:bb:81:80:49:82:e9:c6:e6:95:7a:91:b4: a5:fd:fd:57:c6:9e:3d:b7:d8:87:cc:fe:3a:00:e3:70:ba:39: 05:a5:20:8c:fa:4a:1e:c2:fc:0b:d7:7e:90:1c:dc:28:63:49: 06:3d:e9:e6:8c:d0:19:df:f3:23:24:a4:a3:d6:bf:7b:78:e1: 07:b8:e1:ed:24:49:78:7a:b8:e8:32:66:db:2a:aa:31:d1:7f: 58:18:f4:bf:d0:4d:97:5e:a1:b6:9f:bf:43:75:d8:7d:03:9f: 35:4f:9c:84:4c:41:85:a6:1d:fa:8e:c6:1c:f5:a6:ef:f9:7d: 69:84:9e:e8:7b:cb:c1:de:08:c4:dd:d0:01:31:3a:83:84:9e: bb:72:59:53:3e:28:46:ed:58:bf:39:4c:ee:71:f7:c7:2f:dc: 27:db:e3:fb:60:11:8e:96:fc:75:f4:74:81:1e:b4:cd:56:a7: cd:30:a2:30:36:08:54:2e:c7:3a:96:66:d0:6c:ac:38:71:99: 69:bc:45:48:88:9e:e2:44:bf:56:d9:10:22:4c:5c:ff:85:ab: 3c:9f:24:40:dd:05:08:df:6a:09:75:c5:58:09:48:c1:f6:36: ab:24:3f:eb -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFCkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MzdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA0N0VEMTVGNjc3RTFG OThCMzFDOTM5MzVCQkUzOTFGRkNDNEIzMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIvwW7hpVxe0VBX+nTe8TAmKnTh9F3FzUSiPsy90/0tMw4dh5X 2op1v13H3jsN41L+2BXv3vKDs53HVmhjt2bzdvFOPeFHsKcH7Hu5zF2YRl7iR717 8ngOEm8CU+c+oKlgPJqHBeh4ignxhY+VY5hioONBZtEBjM6U9o7DCb+IbrisoaMw gHAC4sqyS1X9bClIZUJja0unTCCXqd5wKML0MxSj0Hb1nAj6CQ1V0uF/jXPEJ5cu f8igpwZcewx7Od7DUxDfiW9Qd8oWJCRs67iCH9qjOKF8TCl13fxh98uuaYxTJnYB mkdQKMQ+SMuwZo2Fw4Zr1/HExxSuAzbhnfShAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUBH7RX2d+H5izHJOTW745H/zEswcwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9CSDdSWDJkLUg1aXpI Sk9UVzc0NUhfekVzd2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQD3xpgMA0GCSqGSIb3DQEBCwUAA4IBAQBF/M/e1mofnvBdCQySeItpv6AYhnpo XD67gYBJgunG5pV6kbSl/f1Xxp49t9iHzP46AONwujkFpSCM+koewvwL136QHNwo Y0kGPenmjNAZ3/MjJKSj1r97eOEHuOHtJEl4erjoMmbbKqox0X9YGPS/0E2XXqG2 n79Dddh9A581T5yETEGFph36jsYc9abv+X1phJ7oe8vB3gjE3dABMTqDhJ67cllT PihG7Vi/OUzucffHL9wn2+P7YBGOlvx19HSBHrTNVqfNMKIwNghULsc6lmbQbKw4 cZlpvEVIiJ7iRL9W2RAiTFz/has8nyRA3QUI32oJdcVYCUjB9jarJD/r -----END CERTIFICATE-----Generated at Sun Sep 7 16:22:47 2025 by rpki-client