$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XG-QfEWcx7yQ4S7HacYtlhjlmIQ.roa File: XG-QfEWcx7yQ4S7HacYtlhjlmIQ.roa (raw, json) Hash identifier: iG0/wbel/haG7xElDjz/Si5pl6jiRZnnBx4VAaebyU4= Subject key identifier: 5C:6F:90:7C:45:9C:C7:BC:90:E1:2E:C7:69:C6:2D:96:18:E5:98:84 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1400 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XG-QfEWcx7yQ4S7HacYtlhjlmIQ.roa Signing time: Fri 22 Aug 2025 08:57:28 +0000 ROA not before: Fri 22 Aug 2025 08:57:28 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 10085 IP address blocks: 150.117.112.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 18:17:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5120 (0x1400) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:28 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=5C6F907C459CC7BC90E12EC769C62D9618E59884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:3f:62:a5:4c:80:65:3b:d2:80:ff:51:1d:2e: 57:f1:90:1c:2d:a8:ec:18:64:4e:aa:bb:e4:39:fd: fd:df:bd:62:68:33:36:95:22:b7:a9:1a:9d:37:d9: 46:cb:23:ef:ea:76:7b:f2:1a:32:69:eb:75:00:d6: 0b:35:a6:9f:36:f6:a2:1a:a9:8a:b1:9d:27:6f:b8: bd:a6:27:e3:59:4c:54:37:2f:2f:ee:5f:b9:d5:fe: 4c:c2:cb:a5:97:56:86:ee:87:1d:ac:e2:59:fd:e8: 2a:04:a6:99:f4:22:21:38:d4:2b:f9:4d:ca:d6:4a: e7:27:3d:7d:c0:cf:78:65:fc:a6:5c:af:a3:2e:f5: ec:7b:6c:54:56:4c:ca:d9:e8:3b:32:a0:0e:43:46: 24:c6:36:dd:45:7f:88:ed:0d:20:8e:47:ee:e0:0a: 46:0c:e9:c7:a3:97:a2:69:cd:c0:1d:36:b8:05:88: 00:13:b1:37:d9:42:67:8e:9f:64:1d:b8:2a:d3:b1: e9:59:50:12:a6:e0:6f:ac:ef:45:05:d2:6a:8d:a8: fd:82:43:c6:cd:33:28:fc:03:8a:8e:b0:7e:7e:12: a7:86:5a:79:98:b2:5e:d2:74:a3:16:8f:28:04:f3: e5:a7:8b:a2:16:32:79:70:dd:b3:dd:da:fa:66:ef: c3:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:6F:90:7C:45:9C:C7:BC:90:E1:2E:C7:69:C6:2D:96:18:E5:98:84 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XG-QfEWcx7yQ4S7HacYtlhjlmIQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.112.0/21 Signature Algorithm: sha256WithRSAEncryption 9e:64:86:fa:de:f6:ee:9a:ed:22:42:a5:4c:4e:3d:83:8d:b3: 4e:24:a3:23:84:28:7e:45:7b:ef:56:82:6b:0c:ac:04:79:70: af:46:bd:d5:02:d0:20:c5:08:1f:35:0f:9e:36:56:c1:7c:ab: 29:66:20:a5:56:10:7b:ba:d0:36:1d:bc:e1:82:19:9b:60:6d: 14:14:c4:c9:a4:4f:d1:40:2c:e9:53:19:09:c0:31:8d:aa:45: a7:58:55:3b:3d:f0:d9:e4:72:22:eb:b4:52:76:98:2b:d6:bd: c0:fb:44:6c:20:97:13:61:4a:20:7c:b2:7b:ae:64:16:c7:41: 01:b0:d5:5e:45:e3:c7:9b:a4:75:80:09:35:84:b1:5a:7d:7d: 56:99:fe:48:60:8b:21:3a:e1:0d:7c:ad:2a:4e:0a:ed:df:d7: 06:da:bf:b6:97:b1:e0:f0:25:79:91:4c:78:8d:c3:5e:c0:36: 78:5b:79:d7:d8:92:b2:af:b3:28:58:ff:04:34:ba:ae:c2:94: 7a:c9:bf:8c:51:9b:40:f2:db:7c:fe:a7:af:3f:f5:7a:ba:80: 51:20:d1:4c:33:d1:0c:12:43:32:36:af:6b:4a:41:d3:7a:73: cb:92:a7:35:da:43:e8:87:81:2b:d8:9a:be:2a:82:90:c2:26: 5a:63:f1:e3 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFAAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MjhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDVDNkY5MDdDNDU5Q0M3 QkM5MEUxMkVDNzY5QzYyRDk2MThFNTk4ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3P2KlTIBlO9KA/1EdLlfxkBwtqOwYZE6qu+Q5/f3fvWJoMzaV IrepGp032UbLI+/qdnvyGjJp63UA1gs1pp829qIaqYqxnSdvuL2mJ+NZTFQ3Ly/u X7nV/kzCy6WXVobuhx2s4ln96CoEppn0IiE41Cv5TcrWSucnPX3Az3hl/KZcr6Mu 9ex7bFRWTMrZ6DsyoA5DRiTGNt1Ff4jtDSCOR+7gCkYM6cejl6JpzcAdNrgFiAAT sTfZQmeOn2QduCrTselZUBKm4G+s70UF0mqNqP2CQ8bNMyj8A4qOsH5+EqeGWnmY sl7SdKMWjygE8+Wni6IWMnlw3bPd2vpm78MNAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUXG+QfEWcx7yQ4S7HacYtlhjlmIQwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9YRy1RZkVXY3g3eVE0 UzdIYWNZdGxoamxtSVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnVwMA0GCSqGSIb3DQEBCwUAA4IBAQCeZIb63vbumu0iQqVMTj2DjbNOJKMj hCh+RXvvVoJrDKwEeXCvRr3VAtAgxQgfNQ+eNlbBfKspZiClVhB7utA2Hbzhghmb YG0UFMTJpE/RQCzpUxkJwDGNqkWnWFU7PfDZ5HIi67RSdpgr1r3A+0RsIJcTYUog fLJ7rmQWx0EBsNVeRePHm6R1gAk1hLFafX1Wmf5IYIshOuENfK0qTgrt39cG2r+2 l7Hg8CV5kUx4jcNewDZ4W3nX2JKyr7MoWP8ENLquwpR6yb+MUZtA8tt8/qevP/V6 uoBRINFMM9EMEkMyNq9rSkHTenPLkqc12kPoh4Er2Jq+KoKQwiZaY/Hj -----END CERTIFICATE-----Generated at Sun Sep 7 16:22:45 2025 by rpki-client