$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/rZ9TaLvbuDGa2kMRq6x3LKWaAck.roa File: rZ9TaLvbuDGa2kMRq6x3LKWaAck.roa (raw, json) Hash identifier: SEpcpzDZUttbb6KXye+ngqz5v0+Brb/dmKcrtNhv8lM= Subject key identifier: AD:9F:53:68:BB:DB:B8:31:9A:DA:43:11:AB:AC:77:2C:A5:9A:01:C9 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 13D4 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/rZ9TaLvbuDGa2kMRq6x3LKWaAck.roa Signing time: Fri 22 Aug 2025 08:57:18 +0000 ROA not before: Fri 22 Aug 2025 08:57:18 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 10085 IP address blocks: 203.163.202.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 18:17:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5076 (0x13d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:18 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=AD9F5368BBDBB8319ADA4311ABAC772CA59A01C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:62:d6:3e:dc:86:02:7d:9b:4f:64:ed:a0:0f: 6f:7f:96:a3:85:c4:0a:e7:42:81:71:60:2e:0a:f3: f9:a2:c2:4a:ef:07:ff:d1:97:d5:0a:85:c0:04:85: da:1a:a3:94:b2:fc:89:d5:43:f9:a9:ac:68:4f:0d: 85:0b:6c:a2:a1:8e:e2:f7:33:b0:97:81:66:4f:10: 0d:99:d3:d2:db:74:e0:ef:9b:3b:90:42:7c:e2:64: 39:a8:45:f9:76:34:eb:25:66:56:40:7e:10:fb:bf: 08:f0:ec:a5:14:fb:cf:59:38:f1:83:f3:8e:3c:ea: cf:97:9a:76:56:6b:bc:ae:e3:ca:81:92:e4:fc:45: ee:7e:a3:f0:74:fb:1e:03:77:c9:77:ee:ae:9e:cc: 6f:8d:ae:ac:8a:b7:3f:76:1d:2c:a2:bf:9f:a4:e9: 5d:1c:18:4a:2a:d5:cd:5e:f8:3b:e9:48:0b:8b:ed: 89:f1:b3:16:c4:9d:7a:dd:62:25:c4:af:1e:e6:b9: 66:18:42:44:4c:56:51:d4:1c:42:07:83:9e:4b:2a: 53:e2:58:62:f6:0f:ef:e8:c0:9d:40:07:f2:6b:7e: 94:58:ac:72:61:48:20:51:04:fc:83:07:fe:1a:76: aa:41:87:f2:b8:3f:b2:60:d8:da:d5:34:34:ce:4d: 50:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:9F:53:68:BB:DB:B8:31:9A:DA:43:11:AB:AC:77:2C:A5:9A:01:C9 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/rZ9TaLvbuDGa2kMRq6x3LKWaAck.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.163.202.0/23 Signature Algorithm: sha256WithRSAEncryption 2b:cb:bc:3b:37:a0:1c:18:69:dd:96:6f:96:4e:33:1b:d3:c5: 57:a3:a9:42:56:60:59:d2:96:6e:f4:2e:5f:f9:19:45:3c:a3: ec:7f:45:6e:cf:d9:85:91:90:f1:fa:17:07:9e:67:86:27:1f: 17:e2:e8:9d:a9:af:b0:cb:7e:37:5d:c1:55:ec:cc:23:28:f4: cb:8e:cd:d1:d0:36:ef:f5:af:de:4b:55:e4:16:cd:0b:01:70: 85:e8:ee:ea:61:09:8f:b4:99:20:e9:5b:29:fb:3a:cf:b1:f6: 6d:18:5e:83:b7:a1:f3:1b:6c:5f:2f:52:f5:ed:fe:1a:65:36: 03:3a:cc:8a:83:95:e3:5a:87:32:29:06:6d:df:61:0d:5b:cb: 61:13:a6:69:71:02:9e:d4:cd:c0:72:73:dc:0b:20:2e:be:3e: f1:2a:a5:8f:92:e8:6c:d6:84:1a:46:b7:45:e2:22:c1:b5:46: f5:a1:75:1e:67:30:b3:c8:6a:9f:ba:c8:06:9d:b6:46:d5:6f: a8:3b:12:dd:99:2a:b9:e7:dd:99:07:00:c1:5f:94:75:ea:3e: 2b:0f:db:a1:c5:88:68:4c:86:5f:75:ef:7a:16:9e:cf:15:c7: 52:2f:ab:99:67:f9:c0:f1:dd:8c:c7:bd:21:57:3c:22:9d:06: c1:c3:ae:1b -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICE9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEFEOUY1MzY4QkJEQkI4 MzE5QURBNDMxMUFCQUM3NzJDQTU5QTAxQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKYtY+3IYCfZtPZO2gD29/lqOFxArnQoFxYC4K8/miwkrvB//R l9UKhcAEhdoao5Sy/InVQ/mprGhPDYULbKKhjuL3M7CXgWZPEA2Z09LbdODvmzuQ QnziZDmoRfl2NOslZlZAfhD7vwjw7KUU+89ZOPGD84486s+XmnZWa7yu48qBkuT8 Re5+o/B0+x4Dd8l37q6ezG+NrqyKtz92HSyiv5+k6V0cGEoq1c1e+DvpSAuL7Ynx sxbEnXrdYiXErx7muWYYQkRMVlHUHEIHg55LKlPiWGL2D+/owJ1AB/JrfpRYrHJh SCBRBPyDB/4adqpBh/K4P7Jg2NrVNDTOTVBDAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUrZ9TaLvbuDGa2kMRq6x3LKWaAckwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9yWjlUYUx2YnVER2Ey a01ScTZ4M0xLV2FBY2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBy6PKMA0GCSqGSIb3DQEBCwUAA4IBAQAry7w7N6AcGGndlm+WTjMb08VXo6lC VmBZ0pZu9C5f+RlFPKPsf0Vuz9mFkZDx+hcHnmeGJx8X4uidqa+wy343XcFV7Mwj KPTLjs3R0Dbv9a/eS1XkFs0LAXCF6O7qYQmPtJkg6Vsp+zrPsfZtGF6Dt6HzG2xf L1L17f4aZTYDOsyKg5XjWocyKQZt32ENW8thE6ZpcQKe1M3AcnPcCyAuvj7xKqWP kuhs1oQaRrdF4iLBtUb1oXUeZzCzyGqfusgGnbZG1W+oOxLdmSq5592ZBwDBX5R1 6j4rD9uhxYhoTIZfde96Fp7PFcdSL6uZZ/nA8d2Mx70hVzwinQbBw64b -----END CERTIFICATE-----Generated at Sun Sep 7 16:22:44 2025 by rpki-client