$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWINS/rBakGhGdVxmV7cAOQ5feWUcAzRc.roa File: rBakGhGdVxmV7cAOQ5feWUcAzRc.roa (raw, json) Hash identifier: XfzOCvy93TDQGua48YlLUo0/wazaFVajUoEZ5DrfAro= Subject key identifier: AC:16:A4:1A:11:9D:57:19:95:ED:C0:0E:43:97:DE:59:47:00:CD:17 Certificate issuer: /CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791 Certificate serial: 0DD1 Authority key identifier: 61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/rBakGhGdVxmV7cAOQ5feWUcAzRc.roa Signing time: Fri 22 Aug 2025 08:52:47 +0000 ROA not before: Fri 22 Aug 2025 08:52:47 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 204677 IP address blocks: 43.224.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 07:56:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3537 (0xdd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791 Validity Not Before: Aug 22 08:52:47 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=AC16A41A119D571995EDC00E4397DE594700CD17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:00:22:ca:d0:e5:40:7a:27:f7:13:07:fa:88: 52:ff:84:11:0e:81:22:fc:19:eb:dd:44:09:3d:52: 12:cb:3e:a4:c3:4f:9c:8c:52:97:ee:89:cb:c4:56: 1c:a6:90:91:f2:5e:e7:1c:50:21:b1:84:54:ed:0f: 27:7b:e4:44:4e:0c:ac:50:db:61:97:f8:81:59:27: ab:1b:8e:7c:c5:ca:0e:b7:bf:5f:b7:92:0a:80:37: 54:10:b9:67:0d:47:d6:dc:0b:92:51:c0:bc:fe:3c: 75:42:52:53:ff:f5:88:0f:d9:31:fc:b0:6a:ad:3e: e0:ce:13:23:c9:69:d6:56:2b:ff:3e:cb:22:55:90: 0a:d1:8a:f2:bf:e5:f5:f5:51:f8:ae:4b:bd:39:56: 79:1a:df:88:81:e2:a0:fe:43:27:ef:97:0b:a6:68: ba:d0:2f:2f:c5:c2:61:c1:c4:05:53:0a:b2:c7:8e: 16:c0:14:07:2a:a2:44:48:66:00:40:50:da:c5:1a: 28:58:05:24:29:ec:7c:8b:4c:59:6c:34:e0:f9:6f: 2a:79:20:16:d6:9e:6d:b4:e2:cc:53:86:8d:48:13: 0e:ac:6b:7b:c7:ef:d7:61:09:e1:b5:28:bb:92:9e: de:a0:46:cb:c8:34:4d:7f:eb:80:8a:d9:c4:c5:23: 15:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:16:A4:1A:11:9D:57:19:95:ED:C0:0E:43:97:DE:59:47:00:CD:17 X509v3 Authority Key Identifier: keyid:61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/rBakGhGdVxmV7cAOQ5feWUcAzRc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.224.21.0/24 Signature Algorithm: sha256WithRSAEncryption 12:e6:4a:41:b7:51:ef:3c:49:53:0f:67:a3:ac:9c:13:a1:63: 0c:de:ba:67:ed:13:4b:3c:32:2a:0a:e0:58:09:12:2d:20:df: 6c:ba:76:3a:9a:8e:cf:f7:01:c3:20:0b:5f:04:e4:e3:33:b7: ea:63:b4:1e:30:03:3e:2e:63:59:b8:f4:5d:91:64:f1:fd:93: 1a:fc:42:b7:42:5a:a3:c4:3d:8a:27:b7:66:b7:71:23:2b:72: 58:57:a0:67:3b:ca:39:49:92:bd:d2:40:b3:ed:98:4e:57:3a: eb:3b:91:50:28:d6:d7:ef:3d:23:b4:61:da:5e:57:1a:c3:d5: b4:7d:33:c4:52:c1:b7:c1:d8:59:ac:e7:77:02:db:cb:3e:2d: 02:28:be:1f:2e:f7:1a:a2:b3:09:51:35:f7:c7:42:05:8a:71: fe:ad:a3:1b:32:18:94:e0:cb:2d:00:14:ee:9e:81:c8:b8:3b: 31:73:c5:d4:b6:4d:95:ba:a1:d0:22:94:f8:5c:ad:ce:53:68: c3:06:71:14:d0:21:f0:b6:dc:55:96:f7:e4:ff:8f:ea:11:87: 9e:0d:c2:da:56:92:6f:b2:c0:01:1b:58:97:f8:cb:c0:6c:8f: 86:ea:7e:81:61:79:14:55:6d:cb:9c:87:9c:58:f5:09:75:15: c0:be:f5:4e -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDdEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE1 RjlCRDk4Q0M3MEU4ODM2RDAxQTk0ODFDMTlDNUMyRDQ1RDc5MTAeFw0yNTA4MjIw ODUyNDdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEFDMTZBNDFBMTE5RDU3 MTk5NUVEQzAwRTQzOTdERTU5NDcwMENEMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjACLK0OVAeif3Ewf6iFL/hBEOgSL8GevdRAk9UhLLPqTDT5yM UpfuicvEVhymkJHyXuccUCGxhFTtDyd75ERODKxQ22GX+IFZJ6sbjnzFyg63v1+3 kgqAN1QQuWcNR9bcC5JRwLz+PHVCUlP/9YgP2TH8sGqtPuDOEyPJadZWK/8+yyJV kArRivK/5fX1UfiuS705Vnka34iB4qD+QyfvlwumaLrQLy/FwmHBxAVTCrLHjhbA FAcqokRIZgBAUNrFGihYBSQp7HyLTFlsNOD5byp5IBbWnm204sxTho1IEw6sa3vH 79dhCeG1KLuSnt6gRsvINE1/64CK2cTFIxXnAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUrBakGhGdVxmV7cAOQ5feWUcAzRcwHwYDVR0jBBgwFoAUYV+b2YzHDog20BqU gcGcXC1F15EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdJTlMv WVYtYjJZekhEb2cyMEJxVWdjR2NYQzFGMTVFLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9ZVi1iMll6SERvZzIwQnFVZ2NHY1hDMUYxNUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9EV0lOUy9yQmFrR2hHZFZ4bVY3Y0FPUTVm ZVdVY0F6UmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK+AV MA0GCSqGSIb3DQEBCwUAA4IBAQAS5kpBt1HvPElTD2ejrJwToWMM3rpn7RNLPDIq CuBYCRItIN9sunY6mo7P9wHDIAtfBOTjM7fqY7QeMAM+LmNZuPRdkWTx/ZMa/EK3 QlqjxD2KJ7dmt3EjK3JYV6BnO8o5SZK90kCz7ZhOVzrrO5FQKNbX7z0jtGHaXlca w9W0fTPEUsG3wdhZrOd3AtvLPi0CKL4fLvcaorMJUTX3x0IFinH+raMbMhiU4Mst ABTunoHIuDsxc8XUtk2VuqHQIpT4XK3OU2jDBnEU0CHwttxVlvfk/4/qEYeeDcLa VpJvssABG1iX+MvAbI+G6n6BYXkUVW3LnIecWPUJdRXAvvVO -----END CERTIFICATE-----Generated at Fri Oct 24 07:03:33 2025 by rpki-client