$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MFE/iDAaPbgqEXPifLtOaAK1p4VK_O0.roa File: iDAaPbgqEXPifLtOaAK1p4VK_O0.roa (raw, json) Hash identifier: hQghnBz6pE2OuhEpwRM+XFpde5LlTcwf17qL+FsXMxA= Subject key identifier: 88:30:1A:3D:B8:2A:11:73:E2:7C:BB:4E:68:02:B5:A7:85:4A:FC:ED Certificate issuer: /CN=AB0CB3B24069501EB4E8A5C04E0EEC6511C2C91C Certificate serial: 0A Authority key identifier: AB:0C:B3:B2:40:69:50:1E:B4:E8:A5:C0:4E:0E:EC:65:11:C2:C9:1C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/qwyzskBpUB606KXATg7sZRHCyRw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MFE/iDAaPbgqEXPifLtOaAK1p4VK_O0.roa Signing time: Mon 27 Oct 2025 07:03:29 +0000 ROA not before: Mon 27 Oct 2025 07:03:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 21859 IP address blocks: 103.117.132.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/MFE/qwyzskBpUB606KXATg7sZRHCyRw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/MFE/qwyzskBpUB606KXATg7sZRHCyRw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/qwyzskBpUB606KXATg7sZRHCyRw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 09:28:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10 (0xa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AB0CB3B24069501EB4E8A5C04E0EEC6511C2C91C Validity Not Before: Oct 27 07:03:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=88301A3DB82A1173E27CBB4E6802B5A7854AFCED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fc:dd:5b:02:c6:82:9a:1b:75:7f:2c:f4:9f:14: b3:4a:cc:44:8c:1a:80:06:af:96:53:6d:e0:d9:29: 32:42:4a:36:eb:a2:d2:16:4f:88:d6:1a:03:0f:d8: 3b:5d:33:1f:25:1a:d5:11:38:ef:48:17:12:76:b5: a6:d3:26:b1:9b:3d:12:ed:1b:d5:b5:ab:83:b7:9d: df:33:27:88:b1:2f:b5:b5:ca:90:cf:eb:f8:0f:64: c9:5b:71:6d:fa:91:61:5e:63:6a:fb:04:d6:69:32: 25:e4:88:44:a4:48:09:55:08:9a:e2:dd:73:90:76: 91:f8:69:f4:fb:3e:1a:25:91:f6:0d:c7:6a:9b:b2: 86:b5:32:fe:5c:68:54:5d:76:8e:92:3b:36:7b:86: ca:56:16:6c:cd:ac:05:93:4b:2a:d2:1e:d4:6c:b2: 34:e4:01:36:91:7d:0f:04:dd:00:3a:f2:06:63:51: 4f:df:d1:b3:d4:b4:f1:bc:bb:47:2b:22:ad:28:e8: ce:af:1e:60:54:11:80:b0:56:a1:26:0d:a6:9e:12: 20:19:4f:72:24:2f:b6:b5:dd:fc:b7:54:95:fa:0b: ff:8e:46:69:c9:54:a6:55:b2:de:7c:77:5f:ad:b4: a1:c3:be:f5:e3:8b:8c:b7:28:6e:12:70:96:6c:0f: d7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:30:1A:3D:B8:2A:11:73:E2:7C:BB:4E:68:02:B5:A7:85:4A:FC:ED X509v3 Authority Key Identifier: keyid:AB:0C:B3:B2:40:69:50:1E:B4:E8:A5:C0:4E:0E:EC:65:11:C2:C9:1C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MFE/qwyzskBpUB606KXATg7sZRHCyRw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/qwyzskBpUB606KXATg7sZRHCyRw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MFE/iDAaPbgqEXPifLtOaAK1p4VK_O0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.117.132.0/23 Signature Algorithm: sha256WithRSAEncryption 9b:a9:00:6c:b5:4d:c1:02:47:a8:db:14:f6:54:b8:a2:80:bf: 6d:78:c1:e2:37:50:14:6a:5f:91:7d:90:ba:2c:eb:53:d8:48: 6d:4d:b8:bb:c2:4c:a3:4b:8d:e7:d5:03:0a:d1:4b:9f:9e:a8: 27:e7:6e:cb:fe:14:4e:7f:9a:3d:41:50:80:57:7f:a9:36:da: 4e:f9:02:12:8a:6f:e2:89:3a:f4:49:97:cb:ec:86:e6:cb:18: 5a:c9:73:44:d6:7c:c9:d9:a5:85:c9:dd:b9:52:ee:f0:f8:35: 9e:8d:b1:01:d2:11:d4:24:4e:ff:78:9c:4b:4a:05:1c:7f:ee: ae:a4:a6:4e:ee:94:e1:4e:e8:ce:59:55:83:43:bc:56:1f:d7: a8:de:ce:3c:cb:4b:b6:08:93:65:3d:96:2e:f1:8a:56:5d:6a: 7c:91:cf:d2:f0:f9:90:98:5a:ae:6c:27:42:5e:47:df:70:2f: 6c:2a:ba:a2:e9:4d:6c:97:70:2b:7a:70:54:b3:74:52:74:fa: 73:da:25:48:5e:21:1f:89:a5:f3:df:1c:ca:ec:81:ac:1d:27: 45:5b:51:27:4e:0a:7a:3a:44:1a:cd:07:90:14:42:35:19:3d: 06:fe:a1:bf:7d:29:0f:ea:8f:f6:2d:61:f4:19:35:71:1a:2d: ea:99:f5:f7 -----BEGIN CERTIFICATE----- MIIEyzCCA7OgAwIBAgIBCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBQjBD QjNCMjQwNjk1MDFFQjRFOEE1QzA0RTBFRUM2NTExQzJDOTFDMB4XDTI1MTAyNzA3 MDMyOVoXDTI2MDgyMjA4MTQyOFowMzExMC8GA1UEAxMoODgzMDFBM0RCODJBMTE3 M0UyN0NCQjRFNjgwMkI1QTc4NTRBRkNFRDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAPzdWwLGgpobdX8s9J8Us0rMRIwagAavllNt4NkpMkJKNuui0hZP iNYaAw/YO10zHyUa1RE470gXEna1ptMmsZs9Eu0b1bWrg7ed3zMniLEvtbXKkM/r +A9kyVtxbfqRYV5javsE1mkyJeSIRKRICVUImuLdc5B2kfhp9Ps+GiWR9g3Hapuy hrUy/lxoVF12jpI7NnuGylYWbM2sBZNLKtIe1GyyNOQBNpF9DwTdADryBmNRT9/R s9S08by7RysirSjozq8eYFQRgLBWoSYNpp4SIBlPciQvtrXd/LdUlfoL/45GaclU plWy3nx3X620ocO+9eOLjLcobhJwlmwP180CAwEAAaOCAegwggHkMB0GA1UdDgQW BBSIMBo9uCoRc+J8u05oArWnhUr87TAfBgNVHSMEGDAWgBSrDLOyQGlQHrTopcBO DuxlEcLJHDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkGA1UdHwRSMFAwTqBM oEqGSHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRkUvcXd5 enNrQnBVQjYwNktYQVRnN3NaUkhDeVJ3LmNybDBgBggrBgEFBQcBAQRUMFIwUAYI KwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9x d3l6c2tCcFVCNjA2S1hBVGc3c1pSSEN5UncuY2VyMA4GA1UdDwEB/wQEAwIHgDCB mQYIKwYBBQUHAQsEgYwwgYkwVAYIKwYBBQUHMAuGSHJzeW5jOi8vcnBraWNhLnR3 bmljLnR3L3Jwa2kvVFdOSUNDQS9NRkUvaURBYVBiZ3FFWFBpZkx0T2FBSzFwNFZL X08wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAv bm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWd1hDANBgkq hkiG9w0BAQsFAAOCAQEAm6kAbLVNwQJHqNsU9lS4ooC/bXjB4jdQFGpfkX2Quizr U9hIbU24u8JMo0uN59UDCtFLn56oJ+duy/4UTn+aPUFQgFd/qTbaTvkCEopv4ok6 9EmXy+yG5ssYWslzRNZ8ydmlhcnduVLu8Pg1no2xAdIR1CRO/3icS0oFHH/urqSm Tu6U4U7ozllVg0O8Vh/XqN7OPMtLtgiTZT2WLvGKVl1qfJHP0vD5kJharmwnQl5H 33AvbCq6oulNbJdwK3pwVLN0UnT6c9olSF4hH4ml898cyuyBrB0nRVtRJ04KejpE Gs0HkBRCNRk9Bv6hv30pD+qP9i1h9Bk1cRot6pn19w== -----END CERTIFICATE-----Generated at Wed Oct 29 08:39:02 2025 by rpki-client