$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/4Gh0KNvnCXsoXl7OfI2FmSfQ5Hk.roa File: 4Gh0KNvnCXsoXl7OfI2FmSfQ5Hk.roa (raw, json) Hash identifier: d05owbUsv0d5Pic9SJw/lhm/bLR/KzbGBIPKkpJ8Z5s= Subject key identifier: E0:68:74:28:DB:E7:09:7B:28:5E:5E:CE:7C:8D:85:99:27:D0:E4:79 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 1A17 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/4Gh0KNvnCXsoXl7OfI2FmSfQ5Hk.roa Signing time: Fri 22 Aug 2025 08:53:42 +0000 ROA not before: Fri 22 Aug 2025 08:53:42 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9919 IP address blocks: 123.51.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 03:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6679 (0x1a17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 22 08:53:42 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=E0687428DBE7097B285E5ECE7C8D859927D0E479 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:74:eb:c7:ea:35:fc:19:87:c1:6a:5a:7d:0f: 0c:69:29:1c:5d:85:96:1b:76:dc:ab:b6:9e:ab:9f: 5e:52:17:01:66:3b:c3:63:e6:9c:c5:46:fc:b9:63: 13:42:63:7f:1c:c3:ab:66:73:ce:1e:f3:5a:fe:db: 45:fa:8a:e6:12:30:40:84:11:f9:b6:f3:1d:31:00: 70:2e:fd:e7:b7:c0:57:49:72:00:96:bb:3f:b4:fa: 06:4e:3b:97:08:b0:8b:22:00:ac:1a:5c:f2:3f:31: 2f:0d:9f:8d:52:bd:fa:ce:2b:ab:c1:69:8f:a7:4c: c8:cf:39:30:1e:43:91:80:16:fb:e9:5b:49:47:9c: 07:31:59:ee:61:df:44:1a:da:37:60:96:2d:85:38: 1b:ab:3a:8b:c9:89:9d:4a:4d:9e:84:e0:af:0c:31: 6b:62:43:16:ae:4f:c4:75:3e:72:9a:7f:91:47:2f: f4:84:f3:d3:44:bc:98:22:a3:c2:00:90:91:2e:10: 1e:e9:a3:38:6e:f6:af:2d:5a:58:e8:78:a9:c7:99: 77:b3:75:6f:8f:28:5c:f6:20:86:aa:9a:91:36:bc: b3:43:14:8e:8b:6c:b5:2f:81:82:4f:4e:84:52:a2: a3:65:49:d8:67:6c:54:6d:ff:5c:3f:1a:b5:ad:54: 0d:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:68:74:28:DB:E7:09:7B:28:5E:5E:CE:7C:8D:85:99:27:D0:E4:79 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/4Gh0KNvnCXsoXl7OfI2FmSfQ5Hk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.51.128.0/17 Signature Algorithm: sha256WithRSAEncryption cc:23:80:5c:82:92:9a:7e:cc:e8:f6:6d:4b:e9:36:14:b8:95: 83:a1:a5:01:52:16:ef:45:87:ae:4b:99:77:42:40:21:02:6b: a5:18:72:9f:46:7c:b5:bb:a5:37:8b:d1:fd:6a:99:18:13:e3: 1f:29:f9:d3:f5:b4:53:21:1c:33:35:9e:05:82:aa:79:2e:7d: a6:e0:f8:d6:fb:f6:87:29:5a:97:9e:10:86:d2:42:2f:3b:8d: 83:0e:5b:38:4d:df:4a:75:ae:07:16:9f:58:0a:b6:07:cf:da: 86:ac:29:ab:70:da:1d:6c:c9:81:30:b4:20:80:b0:33:b0:63: 91:a8:83:5b:cb:e1:34:52:d8:7a:ba:07:d3:11:35:16:8f:0d: fc:24:7e:d4:b5:2e:18:46:91:91:06:7b:bf:bb:1d:08:3a:34: 45:90:5f:4b:ff:be:c3:b8:e7:20:27:66:8b:68:3b:eb:e0:33: 4d:d5:5d:98:aa:a2:7b:f6:ad:f5:c6:b8:bb:d3:c3:a1:fc:2b: ea:e9:f9:e9:19:0a:9c:2d:f8:13:ca:64:05:c7:db:1f:b0:35: 5c:5a:c3:c5:9d:45:65:1d:84:e0:4a:d9:45:70:95:59:31:fb: d3:a0:7c:79:7c:57:07:22:fb:25:a2:5d:02:4a:2d:06:22:c2: d4:fa:81:91 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGhcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw ODUzNDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEUwNjg3NDI4REJFNzA5 N0IyODVFNUVDRTdDOEQ4NTk5MjdEMEU0NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkdOvH6jX8GYfBalp9DwxpKRxdhZYbdtyrtp6rn15SFwFmO8Nj 5pzFRvy5YxNCY38cw6tmc84e81r+20X6iuYSMECEEfm28x0xAHAu/ee3wFdJcgCW uz+0+gZOO5cIsIsiAKwaXPI/MS8Nn41SvfrOK6vBaY+nTMjPOTAeQ5GAFvvpW0lH nAcxWe5h30Qa2jdgli2FOBurOovJiZ1KTZ6E4K8MMWtiQxauT8R1PnKaf5FHL/SE 89NEvJgio8IAkJEuEB7pozhu9q8tWljoeKnHmXezdW+PKFz2IIaqmpE2vLNDFI6L bLUvgYJPToRSoqNlSdhnbFRt/1w/GrWtVA2JAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU4Gh0KNvnCXsoXl7OfI2FmSfQ5HkwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvNEdoMEtOdm5DWHNvWGw3T2ZJMkZt U2ZRNUhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3szgDAN BgkqhkiG9w0BAQsFAAOCAQEAzCOAXIKSmn7M6PZtS+k2FLiVg6GlAVIW70WHrkuZ d0JAIQJrpRhyn0Z8tbulN4vR/WqZGBPjHyn50/W0UyEcMzWeBYKqeS59puD41vv2 hylal54QhtJCLzuNgw5bOE3fSnWuBxafWAq2B8/ahqwpq3DaHWzJgTC0IICwM7Bj kaiDW8vhNFLYeroH0xE1Fo8N/CR+1LUuGEaRkQZ7v7sdCDo0RZBfS/++w7jnICdm i2g76+AzTdVdmKqie/at9ca4u9PDofwr6un56RkKnC34E8pkBcfbH7A1XFrDxZ1F ZR2E4ErZRXCVWTH706B8eXxXByL7JaJdAkotBiLC1PqBkQ== -----END CERTIFICATE-----Generated at Sun Sep 7 23:34:16 2025 by rpki-client