$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/qGjZ_7u9-AVSfM0cNgeifR1ulNo.roa File: qGjZ_7u9-AVSfM0cNgeifR1ulNo.roa (raw, json) Hash identifier: 5mX+/FMfsGs1ypEGquV+U4XylrK1xNr/N02LuZEv7W0= Subject key identifier: A8:68:D9:FF:BB:BD:F8:05:52:7C:CD:1C:36:07:A2:7D:1D:6E:94:DA Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 199D Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qGjZ_7u9-AVSfM0cNgeifR1ulNo.roa Signing time: Fri 22 Aug 2025 08:53:12 +0000 ROA not before: Fri 22 Aug 2025 08:53:12 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9919 IP address blocks: 103.234.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 03:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6557 (0x199d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 22 08:53:12 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=A868D9FFBBBDF805527CCD1C3607A27D1D6E94DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a7:d8:f7:74:22:29:87:1c:b0:a7:49:80:95: 50:53:37:83:16:2b:de:c0:23:00:f3:04:3e:57:cb: c8:62:b2:93:f4:52:de:5e:87:e2:2c:d6:b5:6c:28: 2d:21:34:7c:63:e3:53:0a:56:ca:e5:a6:34:72:b9: a3:1b:12:06:75:c5:25:19:d1:8f:41:b8:5d:93:b6: 73:1c:7b:a0:ca:83:ae:d8:2b:b4:39:5c:2d:1b:49: 53:5a:ec:60:36:8f:f0:59:b5:f8:dc:a2:e7:41:d2: 97:24:40:94:9b:23:b8:6b:2e:29:39:b6:66:d3:f9: 96:15:b9:ed:e2:5a:ea:4e:3b:65:7c:4a:a0:a0:4c: 0a:c1:26:b5:e4:04:02:27:6d:15:df:3c:0a:4a:57: 05:7d:81:51:cc:72:6b:d2:d5:8a:9f:9c:d7:0d:6e: a3:a5:77:11:7d:6e:c7:19:f0:cc:cf:36:4d:64:85: 2d:cf:58:6e:2f:9c:5a:ed:19:f3:00:cd:54:e5:46: 7a:d7:60:52:6a:d3:38:81:8a:06:99:c4:87:d2:db: 92:a1:61:d8:ae:96:87:35:37:34:56:f2:b9:94:2e: 11:f3:88:27:ec:33:c9:c6:09:90:b7:5c:9f:2d:87: 1a:52:fb:39:0c:36:b6:0c:45:79:2d:ac:fd:8e:05: f3:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:68:D9:FF:BB:BD:F8:05:52:7C:CD:1C:36:07:A2:7D:1D:6E:94:DA X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qGjZ_7u9-AVSfM0cNgeifR1ulNo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.234.40.0/22 Signature Algorithm: sha256WithRSAEncryption c9:00:c6:38:02:a3:ac:05:c4:3f:e9:da:a2:fc:56:75:da:51: 1e:46:c1:da:bd:b6:b5:8e:19:b9:fc:f7:16:df:a4:bc:9d:d2: a2:58:38:c9:8c:12:90:03:d7:0e:fe:fb:b9:f0:5b:4d:42:6d: 74:5b:fa:8c:ca:df:79:18:21:22:0c:02:36:6f:21:c2:05:e4: c8:a4:4d:10:a8:ab:67:e3:96:d5:6f:1c:01:1f:66:25:25:62: 6c:fe:d0:98:89:a1:6e:a4:a8:30:da:46:c0:23:6e:12:e5:d3: 4d:98:3a:d2:9b:1b:f2:a2:8b:85:2e:a4:bb:f8:6f:63:6a:2b: 41:21:8d:fe:33:21:ea:fd:31:6f:e2:31:23:7f:45:c1:85:9a: 92:c1:6b:12:e6:e0:b4:5b:21:80:a8:bb:6f:95:fa:ed:a2:50: b4:e7:4c:59:07:7d:a0:0b:84:d8:c5:5d:19:ba:07:e6:d2:b2: fd:b1:95:70:29:8e:8e:c1:fc:d2:b6:78:02:79:2c:e3:dc:81: d2:2c:9f:f3:ca:99:00:b8:64:37:82:65:37:9d:8b:65:55:ca: d3:cb:e8:e1:f2:dc:8e:4d:ac:ca:a8:61:75:64:14:f6:0e:af: 97:6c:ea:0a:08:8c:ce:30:a3:d6:b0:f1:78:1a:02:7f:e5:cb: c2:c2:84:d9 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGZ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw ODUzMTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEE4NjhEOUZGQkJCREY4 MDU1MjdDQ0QxQzM2MDdBMjdEMUQ2RTk0REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUp9j3dCIphxywp0mAlVBTN4MWK97AIwDzBD5Xy8hispP0Ut5e h+Is1rVsKC0hNHxj41MKVsrlpjRyuaMbEgZ1xSUZ0Y9BuF2TtnMce6DKg67YK7Q5 XC0bSVNa7GA2j/BZtfjcoudB0pckQJSbI7hrLik5tmbT+ZYVue3iWupOO2V8SqCg TArBJrXkBAInbRXfPApKVwV9gVHMcmvS1YqfnNcNbqOldxF9bscZ8MzPNk1khS3P WG4vnFrtGfMAzVTlRnrXYFJq0ziBigaZxIfS25KhYdiuloc1NzRW8rmULhHziCfs M8nGCZC3XJ8thxpS+zkMNrYMRXktrP2OBfOVAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUqGjZ/7u9+AVSfM0cNgeifR1ulNowHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcUdqWl83dTktQVZTZk0wY05nZWlm UjF1bE5vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmfqKDAN BgkqhkiG9w0BAQsFAAOCAQEAyQDGOAKjrAXEP+naovxWddpRHkbB2r22tY4Zufz3 Ft+kvJ3Solg4yYwSkAPXDv77ufBbTUJtdFv6jMrfeRghIgwCNm8hwgXkyKRNEKir Z+OW1W8cAR9mJSVibP7QmImhbqSoMNpGwCNuEuXTTZg60psb8qKLhS6ku/hvY2or QSGN/jMh6v0xb+IxI39FwYWaksFrEubgtFshgKi7b5X67aJQtOdMWQd9oAuE2MVd GboH5tKy/bGVcCmOjsH80rZ4Anks49yB0iyf88qZALhkN4JlN52LZVXK08vo4fLc jk2syqhhdWQU9g6vl2zqCgiMzjCj1rDxeBoCf+XLwsKE2Q== -----END CERTIFICATE-----Generated at Sun Sep 7 23:33:26 2025 by rpki-client