$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/di1EVhgl9c3vh9WSCnNkQPpmGPw.roa File: di1EVhgl9c3vh9WSCnNkQPpmGPw.roa (raw, json) Hash identifier: U8jubDflIXGra1mIftGf32c9iYQ1bBUZj2l6f87hWqc= Subject key identifier: 76:2D:44:56:18:25:F5:CD:EF:87:D5:92:0A:73:64:40:FA:66:18:FC Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Certificate serial: 0E29 Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/di1EVhgl9c3vh9WSCnNkQPpmGPw.roa Signing time: Fri 22 Aug 2025 09:03:30 +0000 ROA not before: Fri 22 Aug 2025 09:03:30 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18042 IP address blocks: 61.63.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 09:28:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3625 (0xe29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Validity Not Before: Aug 22 09:03:30 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=762D44561825F5CDEF87D5920A736440FA6618FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:a6:f5:48:14:59:ae:e1:37:04:9a:cb:13:6f: 25:61:a9:37:32:0e:ad:ae:3a:9d:a8:09:c3:17:8d: 00:86:65:c7:9c:5e:6d:9b:b3:02:28:13:0a:a9:f8: a7:df:9a:10:ce:e2:b9:e1:fa:06:33:a6:03:7a:52: 93:5e:92:ec:3e:69:5c:07:9f:35:23:ed:39:73:8d: 86:aa:09:e1:79:f4:77:43:e6:15:28:3b:ee:2e:ff: da:d4:f5:5d:b3:a7:2c:6c:b9:14:08:33:c4:b5:54: 80:b2:1f:23:68:b8:1d:e7:61:ba:35:e7:b1:77:ee: 32:c1:8a:94:fe:cd:52:d3:e2:07:f8:fe:89:4e:26: fc:c6:5b:0e:e6:49:eb:ae:49:65:57:69:4c:9f:f8: 4b:12:37:62:27:bc:5e:8e:c5:73:a4:da:b9:4c:62: a7:8f:79:42:c1:0b:59:2b:6a:96:eb:b4:7e:b8:74: ad:f9:a6:72:d0:b9:71:df:86:ed:f7:61:0d:40:18: d8:82:b3:f4:00:38:08:f5:4f:93:eb:c6:61:e6:d6: ea:fd:6e:fd:18:a0:8d:6b:8d:19:df:b3:46:e6:6c: 9c:b6:fa:22:c2:19:b8:f7:1c:a0:35:c8:71:30:e5: f4:a5:ed:23:bd:92:34:c3:2b:27:2a:a4:7f:bb:d2: 7f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:2D:44:56:18:25:F5:CD:EF:87:D5:92:0A:73:64:40:FA:66:18:FC X509v3 Authority Key Identifier: keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/di1EVhgl9c3vh9WSCnNkQPpmGPw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.63.87.0/24 Signature Algorithm: sha256WithRSAEncryption 30:05:c4:44:05:b7:82:a5:bb:60:89:c5:7d:e0:f5:62:0d:89: df:21:c4:2e:cd:4e:52:eb:71:67:c6:b6:85:e6:e0:23:29:6e: a6:80:88:40:eb:61:57:cf:68:f0:9f:72:bb:bd:2b:ca:af:23: 35:3d:4b:a0:1c:31:dd:bb:2e:86:66:6a:be:4f:cf:70:9d:91: c5:f7:c5:d2:70:62:d8:d8:c1:30:5a:5d:2d:be:28:cc:1f:6b: 3d:4c:eb:58:33:b4:a7:bb:49:c1:b5:fe:d9:86:2c:3d:53:4f: 15:cf:78:28:10:58:19:ef:c6:f8:f6:8f:12:03:16:e0:32:fe: 8d:ad:c7:c0:33:2a:d4:2f:01:49:91:94:08:7f:4a:10:47:48: bb:7a:19:9d:4e:b4:90:02:22:ee:36:3a:83:91:d3:db:fa:81: aa:97:b0:86:db:95:ae:c0:21:41:1e:fa:6e:44:e7:95:b8:4e: 6c:ca:11:d4:c5:4b:eb:db:cc:e5:ea:ee:a8:c7:14:b6:bc:fe: 3a:f3:54:6e:91:c7:e2:e2:65:b3:17:2d:6c:db:f5:2c:0d:73: 72:65:2f:31:cd:b7:99:a6:48:5e:8a:b3:85:d8:e2:91:f8:78: dd:f8:1f:29:7e:f7:af:41:ae:e5:8e:f6:6a:28:ad:20:0e:15: 4c:4f:91:d9 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDikwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTA4MjIw OTAzMzBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDc2MkQ0NDU2MTgyNUY1 Q0RFRjg3RDU5MjBBNzM2NDQwRkE2NjE4RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4pvVIFFmu4TcEmssTbyVhqTcyDq2uOp2oCcMXjQCGZcecXm2b swIoEwqp+KffmhDO4rnh+gYzpgN6UpNekuw+aVwHnzUj7TlzjYaqCeF59HdD5hUo O+4u/9rU9V2zpyxsuRQIM8S1VICyHyNouB3nYbo157F37jLBipT+zVLT4gf4/olO JvzGWw7mSeuuSWVXaUyf+EsSN2InvF6OxXOk2rlMYqePeULBC1krapbrtH64dK35 pnLQuXHfhu33YQ1AGNiCs/QAOAj1T5PrxmHm1ur9bv0YoI1rjRnfs0bmbJy2+iLC Gbj3HKA1yHEw5fSl7SO9kjTDKycqpH+70n/LAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUdi1EVhgl9c3vh9WSCnNkQPpmGPwwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL2RpMUVWaGdsOWMzdmg5V1NDbk5rUVBw bUdQdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9P1cwDQYJ KoZIhvcNAQELBQADggEBADAFxEQFt4Klu2CJxX3g9WINid8hxC7NTlLrcWfGtoXm 4CMpbqaAiEDrYVfPaPCfcru9K8qvIzU9S6AcMd27LoZmar5Pz3CdkcX3xdJwYtjY wTBaXS2+KMwfaz1M61gztKe7ScG1/tmGLD1TTxXPeCgQWBnvxvj2jxIDFuAy/o2t x8AzKtQvAUmRlAh/ShBHSLt6GZ1OtJACIu42OoOR09v6gaqXsIbbla7AIUEe+m5E 55W4TmzKEdTFS+vbzOXq7qjHFLa8/jrzVG6Rx+LiZbMXLWzb9SwNc3JlLzHNt5mm SF6Ks4XY4pH4eN34Hyl+969BruWO9moorSAOFUxPkdk= -----END CERTIFICATE-----Generated at Wed Oct 29 08:20:21 2025 by rpki-client