$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/IhTOO0ZU1Rof8WaPA2x_5O9PbDA.roa File: IhTOO0ZU1Rof8WaPA2x_5O9PbDA.roa (raw, json) Hash identifier: UL4XwqbsoW2oybtRGLDJD4KPJKdpk7Hd+e0aQMBW6iI= Subject key identifier: 22:14:CE:3B:46:54:D5:1A:1F:F1:66:8F:03:6C:7F:E4:EF:4F:6C:30 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 1A2B Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/IhTOO0ZU1Rof8WaPA2x_5O9PbDA.roa Signing time: Fri 22 Aug 2025 08:53:47 +0000 ROA not before: Fri 22 Aug 2025 08:53:47 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131627 IP address blocks: 106.105.0.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 14:46:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6699 (0x1a2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 22 08:53:47 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=2214CE3B4654D51A1FF1668F036C7FE4EF4F6C30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:79:3c:3e:ef:9a:f8:32:53:92:bc:62:07:be: 2b:08:02:da:07:49:77:c4:07:bf:d6:47:39:cc:c6: 7e:01:90:00:35:63:f8:ab:bc:db:19:6e:3f:b5:26: a2:44:5b:d0:7a:03:da:48:a2:3c:57:a1:c7:84:e4: c0:64:01:8b:bd:4e:d2:19:08:93:c2:82:15:31:7c: 07:2d:d2:6e:51:d3:38:65:73:11:30:1d:ca:76:e9: c3:bc:dd:21:f2:23:02:c2:1d:c2:98:28:68:81:d4: 9e:01:51:72:eb:c7:95:7a:7b:5e:71:fb:50:c8:90: 72:e9:39:f5:2d:ec:06:8e:cf:94:6c:99:85:e1:5e: 71:6d:6f:75:2d:f8:74:2b:79:89:6a:16:3c:96:f1: 91:2a:b5:5c:89:db:f1:51:93:ba:cd:89:54:02:8b: 7b:5d:bd:f8:c3:0a:41:79:d2:ae:a8:3c:bd:25:15: 55:f0:7c:ac:be:37:f2:8b:a0:0b:c3:d0:a3:5d:ab: 38:8d:2d:81:6b:70:28:45:7f:6a:b6:16:ea:14:a4: 22:61:f7:bf:5c:1e:d9:1b:ec:7c:d2:04:d9:34:8d: c9:d0:e3:4d:dc:fc:0a:46:f9:5a:f9:64:d5:37:d2: dd:da:e1:de:60:41:a8:b6:76:b8:4c:f1:37:b5:ea: 65:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:14:CE:3B:46:54:D5:1A:1F:F1:66:8F:03:6C:7F:E4:EF:4F:6C:30 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/IhTOO0ZU1Rof8WaPA2x_5O9PbDA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.105.0.0/20 Signature Algorithm: sha256WithRSAEncryption 5a:b6:20:f9:87:ee:83:b5:d4:2f:13:55:8b:5f:67:64:85:8d: a5:94:d6:8f:9e:e7:b6:f3:9f:6b:ed:26:44:38:66:90:29:5a: 6f:93:bf:f5:99:6b:fa:1d:54:17:8b:4d:de:55:b5:9a:5e:37: 1d:0b:01:02:5c:d1:4e:73:19:8e:8a:78:8b:d5:d8:18:2e:30: 0a:1f:27:cd:a0:38:8c:f5:8f:0f:d7:55:dc:69:45:39:e6:58: 7f:6a:66:1d:fe:93:16:eb:3a:ac:1b:e9:02:4b:d3:24:2d:f2: 08:a0:a6:77:60:0f:7a:95:01:a8:54:e8:6a:9f:f6:56:52:08: 20:c0:a9:fa:23:de:2d:35:10:ec:a9:cc:e4:4d:05:e4:b8:9c: 12:b7:ad:af:31:7a:15:40:b9:78:8a:29:25:49:ef:a8:38:f9: 4c:52:eb:20:24:cc:2f:fc:0f:d2:c0:4e:6f:d7:80:81:de:ae: ed:31:01:75:a7:b9:93:04:02:b9:1d:77:81:0a:d5:dc:46:3f: 19:17:25:55:75:81:67:f5:92:3c:cb:2c:fa:6c:ed:28:74:29: 13:5d:9f:e9:ed:c8:3c:cc:26:ac:2d:7c:20:0e:e6:44:97:e0: 0c:a4:9b:61:75:0c:c9:1a:4d:23:79:00:30:94:6d:79:6d:e2: 79:3c:30:20 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw ODUzNDdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDIyMTRDRTNCNDY1NEQ1 MUExRkYxNjY4RjAzNkM3RkU0RUY0RjZDMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDveTw+75r4MlOSvGIHvisIAtoHSXfEB7/WRznMxn4BkAA1Y/ir vNsZbj+1JqJEW9B6A9pIojxXoceE5MBkAYu9TtIZCJPCghUxfAct0m5R0zhlcxEw Hcp26cO83SHyIwLCHcKYKGiB1J4BUXLrx5V6e15x+1DIkHLpOfUt7AaOz5RsmYXh XnFtb3Ut+HQreYlqFjyW8ZEqtVyJ2/FRk7rNiVQCi3tdvfjDCkF50q6oPL0lFVXw fKy+N/KLoAvD0KNdqziNLYFrcChFf2q2FuoUpCJh979cHtkb7HzSBNk0jcnQ403c /ApG+Vr5ZNU30t3a4d5gQai2drhM8Te16mWDAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUIhTOO0ZU1Rof8WaPA2x/5O9PbDAwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSWhUT08wWlUxUm9mOFdhUEEyeF81 TzlQYkRBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGppADAN BgkqhkiG9w0BAQsFAAOCAQEAWrYg+Yfug7XULxNVi19nZIWNpZTWj57ntvOfa+0m RDhmkClab5O/9Zlr+h1UF4tN3lW1ml43HQsBAlzRTnMZjop4i9XYGC4wCh8nzaA4 jPWPD9dV3GlFOeZYf2pmHf6TFus6rBvpAkvTJC3yCKCmd2APepUBqFToap/2VlII IMCp+iPeLTUQ7KnM5E0F5LicEretrzF6FUC5eIopJUnvqDj5TFLrICTML/wP0sBO b9eAgd6u7TEBdae5kwQCuR13gQrV3EY/GRclVXWBZ/WSPMss+mztKHQpE12f6e3I PMwmrC18IA7mRJfgDKSbYXUMyRpNI3kAMJRteW3ieTwwIA== -----END CERTIFICATE-----Generated at Sat Sep 6 13:50:57 2025 by rpki-client