$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IMCRS/2hDC2uRlzDb2lONQVJNKJYiemRc.roa File: 2hDC2uRlzDb2lONQVJNKJYiemRc.roa (raw, json) Hash identifier: PrE2A13rXu1Rw+WqjYL/5mhc+wnL8bhlRTDIgACgB74= Subject key identifier: DA:10:C2:DA:E4:65:CC:36:F6:94:E3:50:54:93:4A:25:88:9E:99:17 Certificate issuer: /CN=22C51298D97A102902731FDC49BDFAB39D52AB2B Certificate serial: 043F Authority key identifier: 22:C5:12:98:D9:7A:10:29:02:73:1F:DC:49:BD:FA:B3:9D:52:AB:2B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IsUSmNl6ECkCcx_cSb36s51Sqys.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/2hDC2uRlzDb2lONQVJNKJYiemRc.roa Signing time: Wed 22 Oct 2025 10:04:00 +0000 ROA not before: Wed 22 Oct 2025 10:04:00 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 134823 IP address blocks: 103.227.224.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/IsUSmNl6ECkCcx_cSb36s51Sqys.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/IsUSmNl6ECkCcx_cSb36s51Sqys.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/IsUSmNl6ECkCcx_cSb36s51Sqys.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 12:27:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1087 (0x43f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22C51298D97A102902731FDC49BDFAB39D52AB2B Validity Not Before: Oct 22 10:04:00 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=DA10C2DAE465CC36F694E35054934A25889E9917 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:22:c3:78:e6:ba:f7:c5:d6:c2:74:ed:d1:d0: bf:fa:0b:2f:00:41:93:51:1e:40:d1:9a:8e:c6:47: d1:a5:22:0c:99:c7:e9:44:10:7c:4c:b5:6a:5b:f5: f2:c0:8d:7c:c3:36:2a:6d:d4:71:8f:08:a3:4e:f9: ed:c5:53:88:0c:fd:b6:b3:78:67:61:03:9a:49:b6: af:ca:8f:13:39:22:75:28:a2:36:e2:73:46:80:78: cf:7a:fe:9e:14:5c:3d:4a:f5:32:c7:87:e4:c7:16: 5c:ab:2b:6f:5e:18:d6:e5:4a:51:da:fd:42:13:09: b1:5c:0e:ca:ac:52:6e:a0:aa:7a:03:8b:a5:b6:5e: d9:ea:67:6a:30:ee:63:e4:cd:da:53:06:70:91:8c: 68:89:ab:5f:43:d2:87:40:c9:d3:69:90:c4:b2:6d: 6d:ce:73:d1:c3:ca:79:29:0e:bd:f6:2c:65:34:cc: c3:a4:ee:c0:5b:04:a6:02:b6:74:18:3a:f5:4e:5f: f3:4f:4d:af:c6:48:9e:84:d2:09:1f:88:f2:45:21: f2:6c:0e:e8:3e:58:8d:0e:b0:7a:b9:10:a5:81:82: 37:bc:de:86:d6:36:00:bb:c2:12:27:27:7a:29:ea: dc:98:bd:34:89:8f:ed:ea:93:39:ab:3c:18:fb:a3: e8:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:10:C2:DA:E4:65:CC:36:F6:94:E3:50:54:93:4A:25:88:9E:99:17 X509v3 Authority Key Identifier: keyid:22:C5:12:98:D9:7A:10:29:02:73:1F:DC:49:BD:FA:B3:9D:52:AB:2B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/IsUSmNl6ECkCcx_cSb36s51Sqys.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IsUSmNl6ECkCcx_cSb36s51Sqys.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/2hDC2uRlzDb2lONQVJNKJYiemRc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.227.224.0/23 Signature Algorithm: sha256WithRSAEncryption 38:f3:6d:40:72:49:b6:5a:7d:1d:a5:7c:35:55:d2:2a:7d:3a: d8:c7:7f:3a:91:0a:cf:9b:47:c9:63:62:97:e6:4f:db:a8:16: 1f:4e:8b:84:05:2e:5c:f5:3c:8d:33:fd:32:61:b1:95:d1:5b: c0:02:13:b8:bb:73:0c:b2:b6:9a:c2:b7:25:0f:96:44:e7:cc: 20:03:56:7e:63:f7:3b:39:c3:51:3d:4c:6d:a7:39:1a:23:47: 60:2c:16:5e:da:6e:a9:c0:30:89:34:cd:f8:8d:13:ac:0e:84: 29:29:93:bf:b1:bd:12:8b:b0:1f:52:c6:03:b2:94:0c:b4:cd: f1:67:68:a5:40:68:dc:3d:e0:7b:c0:90:59:f6:25:64:cb:4e: 14:07:fc:ce:8c:c8:69:66:33:aa:cf:cf:af:52:53:28:4a:2b: 62:64:0b:0c:22:d6:16:a1:75:b2:8f:bb:52:06:c2:2e:a9:2b: 73:6b:9f:c3:f2:18:47:a4:16:42:b6:28:35:00:c8:75:ee:3b: 3c:21:63:a8:13:70:5c:af:a1:03:cb:60:fa:69:06:91:46:4f: 00:fb:21:5c:fc:f2:17:a7:35:de:27:dc:13:ed:f1:61:fb:4d: 1b:1c:7b:51:16:59:6e:79:cf:12:db:fe:86:b4:28:e6:8d:96: 04:a3:1c:8a -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICBD8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjJD NTEyOThEOTdBMTAyOTAyNzMxRkRDNDlCREZBQjM5RDUyQUIyQjAeFw0yNTEwMjIx MDA0MDBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKERBMTBDMkRBRTQ2NUND MzZGNjk0RTM1MDU0OTM0QTI1ODg5RTk5MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuIsN45rr3xdbCdO3R0L/6Cy8AQZNRHkDRmo7GR9GlIgyZx+lE EHxMtWpb9fLAjXzDNipt1HGPCKNO+e3FU4gM/bazeGdhA5pJtq/KjxM5InUoojbi c0aAeM96/p4UXD1K9TLHh+THFlyrK29eGNblSlHa/UITCbFcDsqsUm6gqnoDi6W2 XtnqZ2ow7mPkzdpTBnCRjGiJq19D0odAydNpkMSybW3Oc9HDynkpDr32LGU0zMOk 7sBbBKYCtnQYOvVOX/NPTa/GSJ6E0gkfiPJFIfJsDug+WI0OsHq5EKWBgje83obW NgC7whInJ3op6tyYvTSJj+3qkzmrPBj7o+j3AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU2hDC2uRlzDb2lONQVJNKJYiemRcwHwYDVR0jBBgwFoAUIsUSmNl6ECkCcx/c Sb36s51SqyswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSU1DUlMv SXNVU21ObDZFQ2tDY3hfY1NiMzZzNTFTcXlzLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9Jc1VTbU5sNkVDa0NjeF9jU2IzNnM1MVNxeXMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JTUNSUy8yaERDMnVSbHpEYjJsT05RVkpO S0pZaWVtUmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ+Pg MA0GCSqGSIb3DQEBCwUAA4IBAQA4821Ackm2Wn0dpXw1VdIqfTrYx386kQrPm0fJ Y2KX5k/bqBYfTouEBS5c9TyNM/0yYbGV0VvAAhO4u3MMsraawrclD5ZE58wgA1Z+ Y/c7OcNRPUxtpzkaI0dgLBZe2m6pwDCJNM34jROsDoQpKZO/sb0Si7AfUsYDspQM tM3xZ2ilQGjcPeB7wJBZ9iVky04UB/zOjMhpZjOqz8+vUlMoSitiZAsMItYWoXWy j7tSBsIuqStza5/D8hhHpBZCtig1AMh17js8IWOoE3Bcr6EDy2D6aQaRRk8A+yFc /PIXpzXeJ9wT7fFh+00bHHtRFlluec8S2/6GtCjmjZYEoxyK -----END CERTIFICATE-----Generated at Sat Oct 25 11:32:17 2025 by rpki-client