$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/LdFXqezP9IWLemN6BVzK-AYMWUk.roa File: LdFXqezP9IWLemN6BVzK-AYMWUk.roa (raw, json) Hash identifier: +7+9K7aWN3chOLEPZOBcsr2E1XCMH1Jl94eShZ8oVK8= Subject key identifier: 2D:D1:57:A9:EC:CF:F4:85:8B:7A:63:7A:05:5C:CA:F8:06:0C:59:49 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1425 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/LdFXqezP9IWLemN6BVzK-AYMWUk.roa Signing time: Fri 22 Aug 2025 08:57:36 +0000 ROA not before: Fri 22 Aug 2025 08:57:36 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17408 IP address blocks: 119.31.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 18:17:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5157 (0x1425) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:36 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=2DD157A9ECCFF4858B7A637A055CCAF8060C5949 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:77:a2:19:55:5d:e5:74:89:cd:d2:0f:cc:4f: c6:64:62:05:db:e4:d7:b3:2e:cb:20:ac:38:80:0d: 61:e6:7d:b8:ff:7d:01:51:71:1e:38:c0:bc:71:e7: 54:b7:39:55:fa:4a:a4:f1:e0:cf:ae:e1:f2:58:40: c2:db:c6:d9:5f:13:4b:17:fb:ae:b4:16:20:13:83: 62:64:72:64:64:6c:40:c5:1f:7b:85:ac:86:d5:40: ab:76:11:e0:de:da:bb:12:de:ba:cb:6d:6e:ca:52: 25:a4:43:f4:c3:8d:29:03:7b:c2:fe:12:95:f9:44: f6:dc:44:e5:e1:9b:e4:af:97:cd:a9:66:8f:95:39: 82:8b:c5:f7:4a:c6:fb:7e:7e:db:8c:bf:bb:8f:6c: 3d:50:13:6e:2b:73:c6:4b:d8:b1:a9:13:d5:b5:33: f3:85:d7:1f:ff:4e:1f:69:86:bd:a1:5e:78:3c:4e: 56:ba:3e:7d:e8:22:3c:c7:58:c5:89:27:1f:30:28: 05:8a:57:fd:7a:ab:a7:25:3f:68:81:88:e3:6f:97: a1:72:01:43:47:a4:99:3e:4e:5d:8c:83:f1:a1:0d: a4:b7:37:13:14:9e:c4:09:3b:44:14:e3:77:73:ec: 2a:55:68:29:93:ba:af:e5:56:e7:aa:27:a7:fd:e2: 12:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:D1:57:A9:EC:CF:F4:85:8B:7A:63:7A:05:5C:CA:F8:06:0C:59:49 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/LdFXqezP9IWLemN6BVzK-AYMWUk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.31.176.0/20 Signature Algorithm: sha256WithRSAEncryption 31:51:3d:dd:fe:31:c5:99:36:6e:d7:00:a6:c8:0e:15:cc:ea: d4:ad:18:38:64:b5:ab:0c:59:5f:31:e6:bb:b5:ac:17:f4:7d: 0f:6c:bf:be:a7:ab:22:39:6a:f5:67:eb:02:d5:58:72:ae:94: a9:3b:06:99:d5:a2:8e:e1:f5:40:89:f1:cc:60:21:fa:d9:5f: 3a:d1:49:f0:fc:49:d3:44:07:96:11:7b:f6:98:28:b4:80:82: 20:8a:eb:bb:bc:12:df:ee:f5:a8:49:ae:bd:26:3f:ab:ac:2d: 1c:39:55:54:0a:37:5f:de:3d:01:c3:8b:ee:cb:24:47:02:2a: 9e:5c:5e:45:e7:99:14:4b:28:42:80:3d:b2:f4:50:af:44:ba: b1:db:72:8f:58:8b:d4:a9:27:5e:ce:d8:af:9c:4d:65:c2:f4: d3:fe:35:d4:81:fd:a8:0c:77:20:fe:a2:06:32:8c:7b:09:d6: 9f:7f:80:44:73:1c:87:07:9a:9f:e0:b2:14:1a:7d:c5:de:b7: 43:4e:73:c6:6f:eb:9f:84:e8:00:f2:c1:f4:2c:97:58:c6:12: 25:7c:58:ec:5c:5f:2b:c5:bf:f1:cf:26:ef:ec:2b:ed:3c:9d: 0a:7b:b8:1c:49:9e:cb:fa:cb:f4:67:c6:1a:12:95:5a:c9:c0: fc:67:6c:e7 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MzZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDJERDE1N0E5RUNDRkY0 ODU4QjdBNjM3QTA1NUNDQUY4MDYwQzU5NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvd6IZVV3ldInN0g/MT8ZkYgXb5NezLssgrDiADWHmfbj/fQFR cR44wLxx51S3OVX6SqTx4M+u4fJYQMLbxtlfE0sX+660FiATg2JkcmRkbEDFH3uF rIbVQKt2EeDe2rsS3rrLbW7KUiWkQ/TDjSkDe8L+EpX5RPbcROXhm+Svl82pZo+V OYKLxfdKxvt+ftuMv7uPbD1QE24rc8ZL2LGpE9W1M/OF1x//Th9phr2hXng8Tla6 Pn3oIjzHWMWJJx8wKAWKV/16q6clP2iBiONvl6FyAUNHpJk+Tl2Mg/GhDaS3NxMU nsQJO0QU43dz7CpVaCmTuq/lVueqJ6f94hK9AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQULdFXqezP9IWLemN6BVzK+AYMWUkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9MZEZYcWV6UDlJV0xl bU42QlZ6Sy1BWU1XVWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQEdx+wMA0GCSqGSIb3DQEBCwUAA4IBAQAxUT3d/jHFmTZu1wCmyA4VzOrUrRg4 ZLWrDFlfMea7tawX9H0PbL++p6siOWr1Z+sC1VhyrpSpOwaZ1aKO4fVAifHMYCH6 2V860Unw/EnTRAeWEXv2mCi0gIIgiuu7vBLf7vWoSa69Jj+rrC0cOVVUCjdf3j0B w4vuyyRHAiqeXF5F55kUSyhCgD2y9FCvRLqx23KPWIvUqSdeztivnE1lwvTT/jXU gf2oDHcg/qIGMox7Cdaff4BEcxyHB5qf4LIUGn3F3rdDTnPGb+ufhOgA8sH0LJdY xhIlfFjsXF8rxb/xzybv7CvtPJ0Ke7gcSZ7L+sv0Z8YaEpVaycD8Z2zn -----END CERTIFICATE-----Generated at Sun Sep 7 16:22:47 2025 by rpki-client