$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/mda7E8mDyi_neHg0KZrvv2R6c2s.roa File: mda7E8mDyi_neHg0KZrvv2R6c2s.roa (raw, json) Hash identifier: 9IVyhd9GjtG+WPcgFnU5o9+osDg2RgdKx8/ym2hUJ20= Subject key identifier: 99:D6:BB:13:C9:83:CA:2F:E7:78:78:34:29:9A:EF:BF:64:7A:73:6B Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 13C2 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/mda7E8mDyi_neHg0KZrvv2R6c2s.roa Signing time: Fri 22 Aug 2025 08:57:15 +0000 ROA not before: Fri 22 Aug 2025 08:57:15 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 10085 IP address blocks: 150.117.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 18:17:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5058 (0x13c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:15 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=99D6BB13C983CA2FE7787834299AEFBF647A736B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:65:80:95:34:05:fe:25:9e:3d:6b:45:81:da: 91:df:96:0f:e8:bc:f5:2c:b2:40:98:3b:d0:ef:d1: c3:e6:ea:df:7e:28:85:f6:01:df:b9:70:52:72:bd: 32:74:8e:63:be:ac:1b:be:93:15:f1:1f:99:f6:5b: 2b:7d:16:79:5b:4a:1d:2b:63:76:56:d9:2a:fd:5b: c5:41:17:cc:19:f1:14:ce:bf:82:ac:c9:a3:91:5e: fa:52:44:ff:ae:dc:76:c7:d6:58:99:01:ea:16:3c: 23:87:22:db:93:05:b4:5d:4c:2f:d5:44:ae:48:f0: d4:4c:d5:bf:cb:5b:c6:82:88:2e:96:9a:d0:9c:93: 99:d7:35:55:93:63:1c:92:55:93:89:e9:ae:43:1f: 34:38:f8:cf:56:02:5d:c6:c9:ce:f3:7b:16:8f:11: b8:28:f3:69:5e:01:7c:aa:87:b4:4c:16:02:cf:15: cc:1d:45:32:4e:f3:09:ff:47:d6:2e:e1:ec:70:61: 96:82:94:4f:57:de:92:6e:92:e0:5a:6c:d2:e0:ad: 13:64:2e:b5:81:c5:67:bd:10:b2:db:32:50:38:3a: d3:e8:c6:11:e5:fd:1a:17:22:aa:f7:69:f8:02:f7: c3:50:cc:b9:8b:dd:16:e6:5a:fd:b5:d4:df:0c:d1: 18:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:D6:BB:13:C9:83:CA:2F:E7:78:78:34:29:9A:EF:BF:64:7A:73:6B X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/mda7E8mDyi_neHg0KZrvv2R6c2s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.104.0/21 Signature Algorithm: sha256WithRSAEncryption 9a:48:7a:6b:fc:c3:79:1b:9d:d7:8a:3e:0e:03:6a:d3:89:44: 07:a9:04:0f:6f:0d:85:a7:5f:57:5d:2e:43:f9:c2:58:6a:15: f7:f2:a7:e7:0b:e8:ef:bb:99:10:ed:99:5e:c0:d3:ed:24:61: 5e:da:2c:14:f5:6a:f1:af:3e:33:7b:71:5d:b0:91:2b:0f:3d: f8:93:ed:97:bf:48:5f:5f:a3:0b:c3:dd:f0:2e:c5:87:ed:2e: fd:3e:41:ef:d0:84:a0:60:ae:a6:97:62:89:32:5c:e4:a2:99: 8d:76:e0:a1:61:18:e4:00:fa:91:c8:f3:25:a3:1b:5f:30:6c: 85:48:32:ba:ac:46:66:e2:df:12:51:cb:9a:e3:2d:42:7e:09: e7:49:a0:1f:19:3f:4b:ac:12:cc:4d:48:42:87:f9:b5:38:db: d2:f4:38:2f:2b:89:1d:0a:68:2b:15:19:de:12:4f:9d:37:a3: 6f:78:45:88:7d:86:00:a0:00:39:36:86:a7:fa:11:3a:dd:4f: 80:83:08:9c:77:5d:1b:4e:28:0d:ba:5a:91:87:36:74:16:93: e2:df:88:e2:70:1c:e6:05:10:49:2e:9c:d7:3e:66:29:ca:14: b2:ff:98:80:4e:b6:f9:b9:51:b5:8c:41:2a:3f:1a:2f:a9:35: eb:1b:c7:e8 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICE8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MTVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDk5RDZCQjEzQzk4M0NB MkZFNzc4NzgzNDI5OUFFRkJGNjQ3QTczNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgZYCVNAX+JZ49a0WB2pHflg/ovPUsskCYO9Dv0cPm6t9+KIX2 Ad+5cFJyvTJ0jmO+rBu+kxXxH5n2Wyt9FnlbSh0rY3ZW2Sr9W8VBF8wZ8RTOv4Ks yaORXvpSRP+u3HbH1liZAeoWPCOHItuTBbRdTC/VRK5I8NRM1b/LW8aCiC6WmtCc k5nXNVWTYxySVZOJ6a5DHzQ4+M9WAl3Gyc7zexaPEbgo82leAXyqh7RMFgLPFcwd RTJO8wn/R9Yu4exwYZaClE9X3pJukuBabNLgrRNkLrWBxWe9ELLbMlA4OtPoxhHl /RoXIqr3afgC98NQzLmL3RbmWv211N8M0RgdAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUmda7E8mDyi/neHg0KZrvv2R6c2swHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9tZGE3RThtRHlpX25l SGcwS1pydnYyUjZjMnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnVoMA0GCSqGSIb3DQEBCwUAA4IBAQCaSHpr/MN5G53Xij4OA2rTiUQHqQQP bw2Fp19XXS5D+cJYahX38qfnC+jvu5kQ7ZlewNPtJGFe2iwU9Wrxrz4ze3FdsJEr Dz34k+2Xv0hfX6MLw93wLsWH7S79PkHv0ISgYK6ml2KJMlzkopmNduChYRjkAPqR yPMloxtfMGyFSDK6rEZm4t8SUcua4y1CfgnnSaAfGT9LrBLMTUhCh/m1ONvS9Dgv K4kdCmgrFRneEk+dN6NveEWIfYYAoAA5Noan+hE63U+Agwicd10bTigNulqRhzZ0 FpPi34jicBzmBRBJLpzXPmYpyhSy/5iATrb5uVG1jEEqPxovqTXrG8fo -----END CERTIFICATE-----Generated at Sun Sep 7 16:20:08 2025 by rpki-client