$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/kk2dYYX4FnMvsEWhwFq6PFQ9N3s.roa File: kk2dYYX4FnMvsEWhwFq6PFQ9N3s.roa (raw, json) Hash identifier: kFVum/hvz0ZARTVw1IidqmW1l3nTadKsafL8lKfNrls= Subject key identifier: 92:4D:9D:61:85:F8:16:73:2F:B0:45:A1:C0:5A:BA:3C:54:3D:37:7B Certificate issuer: /CN=3730D9A195AB710286722CE5CCA467CFBA5BD494 Certificate serial: 021A Authority key identifier: 37:30:D9:A1:95:AB:71:02:86:72:2C:E5:CC:A4:67:CF:BA:5B:D4:94 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/kk2dYYX4FnMvsEWhwFq6PFQ9N3s.roa Signing time: Fri 22 Aug 2025 08:52:18 +0000 ROA not before: Fri 22 Aug 2025 08:52:18 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 132369 IP address blocks: 64.78.160.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 18:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 538 (0x21a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3730D9A195AB710286722CE5CCA467CFBA5BD494 Validity Not Before: Aug 22 08:52:18 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=924D9D6185F816732FB045A1C05ABA3C543D377B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:05:7b:9a:11:12:47:3b:dd:dd:18:e8:45:fe: 6c:5c:91:0b:59:fe:67:dc:78:63:f9:b9:63:85:e0: 10:0c:9a:9f:c5:d8:83:b8:fd:0f:61:b8:03:6e:4e: fb:72:b7:a8:43:a5:ed:dc:66:a8:81:1e:42:ca:4f: 4c:73:ea:59:38:c7:9b:66:a4:17:d4:b3:a2:92:b0: d2:9c:03:9f:31:d0:02:26:db:6b:72:e0:a7:b0:7a: 4c:a0:de:97:c4:b7:f1:bd:6d:b0:54:ab:17:55:b1: 0b:48:0a:48:c2:8a:e7:e2:f0:20:db:ab:52:b4:c8: d6:2b:e1:68:da:78:cb:05:70:90:e0:5c:e9:7b:a0: 0e:a2:44:1a:b0:63:65:04:5a:5e:b3:16:d3:83:4e: 13:3a:48:cd:a8:72:59:c9:d3:cd:41:68:5f:77:e5: ee:ad:b4:f3:73:7f:3f:e4:b9:8f:9b:08:14:6d:3c: de:d9:f1:57:96:11:8c:ce:d8:3f:b5:07:c9:c2:70: a6:cb:e3:c7:49:b1:08:60:dd:99:d0:1e:6a:ca:1e: a6:9e:84:43:66:c1:a2:10:c6:6b:36:0e:79:b0:9b: c8:e9:ad:80:f7:1c:2e:8f:d5:36:f7:21:36:17:97: 8c:6e:c6:e4:03:b4:c5:21:2e:ff:f5:f9:37:60:7b: d7:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:4D:9D:61:85:F8:16:73:2F:B0:45:A1:C0:5A:BA:3C:54:3D:37:7B X509v3 Authority Key Identifier: keyid:37:30:D9:A1:95:AB:71:02:86:72:2C:E5:CC:A4:67:CF:BA:5B:D4:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/kk2dYYX4FnMvsEWhwFq6PFQ9N3s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 64.78.160.0/20 Signature Algorithm: sha256WithRSAEncryption 73:67:e4:36:ba:ec:6f:b0:38:6d:af:09:ea:bc:7a:7d:70:80: 2c:e1:ee:86:ce:16:29:12:80:d2:e0:e1:01:db:c7:97:6b:53: ba:85:97:c8:84:1f:9c:fb:58:4f:c4:25:12:9b:51:02:7b:72: dc:54:66:99:8b:b6:d8:e0:ae:9c:17:b8:34:d1:cf:30:06:4e: b8:78:4b:ce:13:f3:96:95:c5:54:b6:50:ed:dd:99:fe:34:6a: ec:f0:82:f6:d0:44:b0:04:e3:97:55:58:61:a7:eb:35:45:78: 85:11:c3:a2:00:a4:65:49:97:3b:12:3e:06:80:2c:f9:c7:83: d0:f4:ad:20:9d:3d:a1:d5:4c:d3:9d:58:34:9d:15:e0:ad:0c: 92:da:21:c2:2b:a3:5c:f7:37:ae:48:d4:9e:4d:2e:50:63:fc: c2:4a:00:12:b2:b5:d7:67:be:a3:7e:15:53:74:b3:f3:27:85: b4:99:32:c0:91:fd:70:03:ac:c3:49:dc:be:7a:50:c5:b7:d2: bc:f4:fe:e8:53:aa:a4:2e:67:07:ce:96:a5:73:0d:56:25:2e: 52:4d:74:e8:64:e8:a4:97:3a:a1:42:00:dd:41:75:fe:b9:98: 7e:a6:bf:92:da:0c:64:01:36:b7:57:95:a7:3a:09:34:bf:98: 35:49:fc:71 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICAhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzcz MEQ5QTE5NUFCNzEwMjg2NzIyQ0U1Q0NBNDY3Q0ZCQTVCRDQ5NDAeFw0yNTA4MjIw ODUyMThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDkyNEQ5RDYxODVGODE2 NzMyRkIwNDVBMUMwNUFCQTNDNTQzRDM3N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcBXuaERJHO93dGOhF/mxckQtZ/mfceGP5uWOF4BAMmp/F2IO4 /Q9huANuTvtyt6hDpe3cZqiBHkLKT0xz6lk4x5tmpBfUs6KSsNKcA58x0AIm22ty 4Kewekyg3pfEt/G9bbBUqxdVsQtICkjCiufi8CDbq1K0yNYr4WjaeMsFcJDgXOl7 oA6iRBqwY2UEWl6zFtODThM6SM2oclnJ081BaF935e6ttPNzfz/kuY+bCBRtPN7Z 8VeWEYzO2D+1B8nCcKbL48dJsQhg3ZnQHmrKHqaehENmwaIQxms2Dnmwm8jprYD3 HC6P1Tb3ITYXl4xuxuQDtMUhLv/1+Tdge9eXAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUkk2dYYX4FnMvsEWhwFq6PFQ9N3swHwYDVR0jBBgwFoAUNzDZoZWrcQKGcizl zKRnz7pb1JQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVT Q09NL056RFpvWldyY1FLR2Npemx6S1JuejdwYjFKUS5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvTnpEWm9aV3JjUUtHY2l6bHpLUm56N3BiMUpRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVTQ09NL2trMmRZWVg0Rm5N dnNFV2h3RnE2UEZROU4zcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBARATqAwDQYJKoZIhvcNAQELBQADggEBAHNn5Da67G+wOG2vCeq8en1wgCzh 7obOFikSgNLg4QHbx5drU7qFl8iEH5z7WE/EJRKbUQJ7ctxUZpmLttjgrpwXuDTR zzAGTrh4S84T85aVxVS2UO3dmf40auzwgvbQRLAE45dVWGGn6zVFeIURw6IApGVJ lzsSPgaALPnHg9D0rSCdPaHVTNOdWDSdFeCtDJLaIcIro1z3N65I1J5NLlBj/MJK ABKytddnvqN+FVN0s/MnhbSZMsCR/XADrMNJ3L56UMW30rz0/uhTqqQuZwfOlqVz DVYlLlJNdOhk6KSXOqFCAN1Bdf65mH6mv5LaDGQBNrdXlac6CTS/mDVJ/HE= -----END CERTIFICATE-----Generated at Tue Sep 9 14:41:47 2025 by rpki-client