$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/NvaWkBaND9dB2pG9K5QIu9qOoJU.roa File: NvaWkBaND9dB2pG9K5QIu9qOoJU.roa (raw, json) Hash identifier: xJVD5PsgRWco6mgThjfXshxiuA7o5nfBmOgLlmcuLbw= Subject key identifier: 36:F6:96:90:16:8D:0F:D7:41:DA:91:BD:2B:94:08:BB:DA:8E:A0:95 Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Certificate serial: 0D62 Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/NvaWkBaND9dB2pG9K5QIu9qOoJU.roa Signing time: Fri 22 Aug 2025 08:56:53 +0000 ROA not before: Fri 22 Aug 2025 08:56:53 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 16509 IP address blocks: 103.119.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 06:17:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3426 (0xd62) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Validity Not Before: Aug 22 08:56:53 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=36F69690168D0FD741DA91BD2B9408BBDA8EA095 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:cb:da:81:23:35:67:4c:5b:d8:7d:1c:1c:e9: 08:8b:98:0b:bb:92:39:b3:ae:ae:04:5d:9c:36:8d: 5b:3c:56:8f:fe:2f:62:4d:5d:2f:a1:06:ec:2d:22: 07:70:ab:92:cf:29:c9:fd:5e:15:4d:75:c0:ba:9e: 54:e3:da:ba:76:3d:14:04:aa:e2:ec:72:15:30:e0: 2a:1d:41:d9:f4:cb:56:9a:4b:72:0e:65:ae:dc:55: bc:7d:1a:11:6e:de:52:6f:56:77:7a:ca:d2:c5:49: e9:13:99:1d:2a:e4:95:31:65:d3:b5:65:31:ca:4f: 2a:68:05:51:8e:31:93:9c:11:93:81:08:c0:15:5c: b6:93:9b:9a:58:8e:f5:29:87:a1:45:65:33:2e:db: 26:44:93:90:f9:ca:e6:d8:df:64:cf:6c:d0:2b:ec: 38:de:91:42:b7:5d:1a:87:93:3d:13:ec:61:38:58: b8:6a:9f:a6:1d:f2:21:fa:92:63:06:5d:b1:eb:8a: 0f:53:7f:24:3b:9a:1e:ba:9b:0c:bb:27:ea:b6:8a: 22:90:e2:36:32:0b:7f:f4:53:e3:27:e2:d8:b8:40: 14:9d:40:29:5f:2b:23:df:c1:bd:7f:f1:84:35:f1: e4:82:e6:0e:19:e0:8c:3f:19:d6:4f:c5:8e:d1:1f: 4f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:F6:96:90:16:8D:0F:D7:41:DA:91:BD:2B:94:08:BB:DA:8E:A0:95 X509v3 Authority Key Identifier: keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/NvaWkBaND9dB2pG9K5QIu9qOoJU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.213.0/24 Signature Algorithm: sha256WithRSAEncryption 62:ce:52:fa:2b:bc:5c:81:0b:7d:07:16:c7:21:83:ea:74:2a: fd:38:7d:fb:22:a7:27:e2:f1:4e:e4:e1:01:1b:34:ed:11:43: 2c:8e:50:93:ab:f9:d8:d4:a2:8e:d1:ef:1b:c1:ae:ee:14:81: ee:5e:a5:c8:8f:e2:d4:49:11:f3:4f:54:6f:ed:83:f8:4a:9f: 3b:8c:aa:5e:8b:af:12:3f:a4:fb:f9:27:03:e6:a6:ac:27:b2: db:b4:b9:9a:b2:f5:ed:1e:6e:1c:17:40:64:2f:4a:0f:84:26: 95:d0:00:64:c0:5b:79:18:7e:7f:1b:54:d0:5a:7d:d3:22:a4: 6d:33:a7:e4:31:83:9f:6e:dd:15:3a:b1:cd:a7:58:bb:1d:7c: a6:21:f7:b2:34:ba:02:c7:d6:7b:84:78:d2:39:81:50:77:f5: c4:91:d6:2c:3d:a4:dc:1e:9e:79:ec:af:3c:08:d1:ed:cc:2e: 24:82:57:58:3c:19:76:c1:7d:a4:ae:ba:de:2f:74:73:25:89: 45:38:58:5f:b4:a5:e0:32:86:1d:8e:a8:f4:f6:74:45:5e:32: fe:09:a7:b0:e2:58:84:b0:55:fd:a1:aa:29:81:e0:c8:f1:a5: 24:e1:7d:2c:2c:b5:91:4e:ad:99:de:fb:2d:e8:a0:80:89:84: 76:83:0a:10 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNTA4MjIw ODU2NTNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM2RjY5NjkwMTY4RDBG RDc0MURBOTFCRDJCOTQwOEJCREE4RUEwOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCay9qBIzVnTFvYfRwc6QiLmAu7kjmzrq4EXZw2jVs8Vo/+L2JN XS+hBuwtIgdwq5LPKcn9XhVNdcC6nlTj2rp2PRQEquLschUw4CodQdn0y1aaS3IO Za7cVbx9GhFu3lJvVnd6ytLFSekTmR0q5JUxZdO1ZTHKTypoBVGOMZOcEZOBCMAV XLaTm5pYjvUph6FFZTMu2yZEk5D5yubY32TPbNAr7DjekUK3XRqHkz0T7GE4WLhq n6Yd8iH6kmMGXbHrig9TfyQ7mh66mwy7J+q2iiKQ4jYyC3/0U+Mn4ti4QBSdQClf KyPfwb1/8YQ18eSC5g4Z4Iw/GdZPxY7RH0/LAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUNvaWkBaND9dB2pG9K5QIu9qOoJUwHwYDVR0jBBgwFoAUXNEK1bakd108UE1m EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvTnZhV2tCYU5EOWRCMnBH OUs1UUl1OXFPb0pVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGd31TANBgkqhkiG9w0BAQsFAAOCAQEAYs5S+iu8XIELfQcWxyGD6nQq/Th9+yKn J+LxTuThARs07RFDLI5Qk6v52NSijtHvG8Gu7hSB7l6lyI/i1EkR809Ub+2D+Eqf O4yqXouvEj+k+/knA+amrCey27S5mrL17R5uHBdAZC9KD4QmldAAZMBbeRh+fxtU 0Fp90yKkbTOn5DGDn27dFTqxzadYux18piH3sjS6AsfWe4R40jmBUHf1xJHWLD2k 3B6eeeyvPAjR7cwuJIJXWDwZdsF9pK663i90cyWJRThYX7Sl4DKGHY6o9PZ0RV4y /gmnsOJYhLBV/aGqKYHgyPGlJOF9LCy1kU6tmd77LeiggImEdoMKEA== -----END CERTIFICATE-----Generated at Tue Sep 9 04:04:57 2025 by rpki-client