$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/cFOuw1iaoHgHx80Qhu-_QGRR5Ww.roa File: cFOuw1iaoHgHx80Qhu-_QGRR5Ww.roa (raw, json) Hash identifier: 9sS/bfOjfa1D9B55AsvYEMb1rl8zVrHQqigtDpPoavI= Subject key identifier: 70:53:AE:C3:58:9A:A0:78:07:C7:CD:10:86:EF:BF:40:64:51:E5:6C Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 140D Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/cFOuw1iaoHgHx80Qhu-_QGRR5Ww.roa Signing time: Fri 22 Aug 2025 08:57:31 +0000 ROA not before: Fri 22 Aug 2025 08:57:31 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17408 IP address blocks: 150.117.160.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 18:17:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5133 (0x140d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:31 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=7053AEC3589AA07807C7CD1086EFBF406451E56C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:2a:40:a1:5f:aa:6a:c6:d7:e9:d4:77:e9:70: 34:eb:78:cd:c4:6f:00:8d:d4:29:cd:69:56:cd:c4: 4b:f4:e9:da:8a:20:a8:9e:05:f2:fd:2a:1b:7a:0c: f9:e5:42:7d:cb:98:60:b5:ff:8f:1f:62:99:8e:12: ce:ef:e2:75:2e:c7:5b:6d:a8:5e:3c:fd:2e:f0:9b: 15:62:94:10:d6:be:c5:23:c3:f4:29:93:e9:f9:28: ba:56:35:51:de:c4:2d:77:55:33:d0:5d:56:6e:e4: 9e:f7:45:33:9f:08:0c:87:a9:0c:76:18:d7:4f:9d: ea:ee:9d:96:f4:2a:25:f2:bf:84:f3:03:08:7a:a0: 65:87:c6:fb:aa:9d:94:1a:2b:1f:77:92:27:a9:b8: 96:01:e9:8b:bc:d0:03:2d:b1:53:15:86:98:ef:73: 6f:75:92:b4:4e:35:8d:a4:6b:7c:be:f8:35:93:bd: 16:dd:d4:4c:7b:7a:ab:b7:44:d7:7f:3a:03:84:18: e2:b1:8d:51:99:82:56:b7:5b:41:10:48:af:b6:d5: fe:01:56:cf:f2:74:e0:08:39:d6:b3:14:24:fd:6f: 37:9b:6e:ca:cd:f6:b2:a8:1f:23:85:18:b5:95:f6: b9:19:7d:88:dd:31:68:c6:44:10:a5:66:90:a5:61: 7a:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:53:AE:C3:58:9A:A0:78:07:C7:CD:10:86:EF:BF:40:64:51:E5:6C X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/cFOuw1iaoHgHx80Qhu-_QGRR5Ww.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.160.0/21 Signature Algorithm: sha256WithRSAEncryption 11:b2:32:bd:fb:b3:1a:33:a6:af:c6:ce:32:5c:5b:b0:8d:f8: c3:81:fd:1b:a6:42:06:2c:86:70:4a:28:45:05:84:b4:a5:20: 91:c7:11:67:5c:e0:d3:9d:2b:17:f5:24:f6:8e:59:fe:4c:83: bf:45:93:8e:fa:0b:f9:e1:84:ee:fe:ea:0b:62:ff:73:a6:80: 8f:c6:6b:38:91:46:d0:8a:39:58:2e:1f:9b:40:16:46:d9:ce: 34:0d:19:ee:ea:2a:6c:1d:24:1b:2c:aa:eb:8c:b5:08:0d:9c: 7c:2b:ec:ee:93:e1:1e:d3:76:00:03:48:30:92:75:df:28:39: f2:2f:e8:d5:6e:33:af:8b:b2:c7:76:79:ca:ab:e6:7e:4d:3f: d0:b5:bf:f4:70:0d:57:36:58:be:1e:7f:f8:12:72:8f:4c:46: 77:00:c3:0c:54:0e:49:1b:de:f7:0f:f3:43:a1:5c:c3:ee:bd: 99:c7:47:1e:2a:c6:20:d6:cf:cf:5a:e5:8f:df:bc:e2:11:13: 85:48:7d:7a:e7:27:5f:bf:c4:2f:1e:ae:65:8a:1a:52:ea:1e: 02:6c:e6:ed:b3:c1:51:e2:7a:4f:4b:7e:7a:9d:cb:f9:65:0c: a5:3d:02:5e:f8:e5:ef:b9:45:ca:92:b1:27:07:fa:69:fc:23: c5:f2:c9:ee -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MzFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDcwNTNBRUMzNTg5QUEw NzgwN0M3Q0QxMDg2RUZCRjQwNjQ1MUU1NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPKkChX6pqxtfp1HfpcDTreM3EbwCN1CnNaVbNxEv06dqKIKie BfL9Kht6DPnlQn3LmGC1/48fYpmOEs7v4nUux1ttqF48/S7wmxVilBDWvsUjw/Qp k+n5KLpWNVHexC13VTPQXVZu5J73RTOfCAyHqQx2GNdPnerunZb0KiXyv4TzAwh6 oGWHxvuqnZQaKx93kiepuJYB6Yu80AMtsVMVhpjvc291krRONY2ka3y++DWTvRbd 1Ex7equ3RNd/OgOEGOKxjVGZgla3W0EQSK+21f4BVs/ydOAIOdazFCT9bzebbsrN 9rKoHyOFGLWV9rkZfYjdMWjGRBClZpClYXpdAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUcFOuw1iaoHgHx80Qhu+/QGRR5WwwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9jRk91dzFpYW9IZ0h4 ODBRaHUtX1FHUlI1V3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnWgMA0GCSqGSIb3DQEBCwUAA4IBAQARsjK9+7MaM6avxs4yXFuwjfjDgf0b pkIGLIZwSihFBYS0pSCRxxFnXODTnSsX9ST2jln+TIO/RZOO+gv54YTu/uoLYv9z poCPxms4kUbQijlYLh+bQBZG2c40DRnu6ipsHSQbLKrrjLUIDZx8K+zuk+Ee03YA A0gwknXfKDnyL+jVbjOvi7LHdnnKq+Z+TT/Qtb/0cA1XNli+Hn/4EnKPTEZ3AMMM VA5JG973D/NDoVzD7r2Zx0ceKsYg1s/PWuWP37ziEROFSH165ydfv8QvHq5lihpS 6h4CbObts8FR4npPS356ncv5ZQylPQJe+OXvuUXKkrEnB/pp/CPF8snu -----END CERTIFICATE-----Generated at Sun Sep 7 16:22:42 2025 by rpki-client