$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NORDATW/_IQ76khn0eZnlWoN5Y8WkMsAUOI.roa File: _IQ76khn0eZnlWoN5Y8WkMsAUOI.roa (raw, json) Hash identifier: vOGSGQpmBJoTUnERx4ebB+yM9pGNPNEB1BDRF36w4v8= Subject key identifier: FC:84:3B:EA:48:67:D1:E6:67:95:6A:0D:E5:8F:16:90:CB:00:50:E2 Certificate issuer: /CN=159D5F897276F0DEC857E7E2DEDD649876E8A482 Certificate serial: 0F26 Authority key identifier: 15:9D:5F:89:72:76:F0:DE:C8:57:E7:E2:DE:DD:64:98:76:E8:A4:82 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/_IQ76khn0eZnlWoN5Y8WkMsAUOI.roa Signing time: Fri 22 Aug 2025 08:52:28 +0000 ROA not before: Fri 22 Aug 2025 08:52:28 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 7483 IP address blocks: 103.138.194.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 06:27:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3878 (0xf26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=159D5F897276F0DEC857E7E2DEDD649876E8A482 Validity Not Before: Aug 22 08:52:28 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=FC843BEA4867D1E667956A0DE58F1690CB0050E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ba:3b:47:c4:17:fa:83:4f:44:07:7d:75:b7: 2d:38:9b:2d:6c:15:3e:3b:34:44:9a:ec:eb:51:8c: 29:a9:70:27:0f:16:d3:d6:a6:1a:f9:d4:aa:16:b7: 49:08:62:27:e9:de:ea:70:66:65:a6:21:d4:0e:7c: ad:e5:d8:c6:1c:62:50:c3:50:a0:6b:84:cd:3c:96: 4c:cd:8c:fb:33:20:7b:b4:fd:ab:11:be:85:ae:9c: 26:8b:6b:52:98:86:a4:27:f3:35:9f:77:23:29:90: 53:67:44:af:87:33:0c:78:1e:19:7b:54:48:71:28: 4d:6a:d3:6a:28:52:5c:46:d5:7b:ee:52:13:9f:29: d9:8d:48:31:cb:9f:f5:17:56:fa:da:ec:cc:db:14: ed:54:c5:11:77:63:1c:8a:e5:ee:94:19:f5:50:d2: be:b8:8e:77:f5:82:83:c6:6c:1f:d1:b2:96:f0:33: e6:5d:8f:0c:52:bd:9c:f8:85:8e:5e:46:32:a3:50: fb:ce:27:7a:db:41:69:b5:ba:88:78:f8:e1:5f:0b: fe:85:86:4d:83:a5:ab:fd:dd:74:8d:0d:9f:9f:a7: a6:d3:af:a6:e3:0a:7f:14:1c:75:9b:05:b2:dc:4f: ba:87:99:9d:90:72:f1:93:5f:cd:33:13:e4:81:0f: 1f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:84:3B:EA:48:67:D1:E6:67:95:6A:0D:E5:8F:16:90:CB:00:50:E2 X509v3 Authority Key Identifier: keyid:15:9D:5F:89:72:76:F0:DE:C8:57:E7:E2:DE:DD:64:98:76:E8:A4:82 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/_IQ76khn0eZnlWoN5Y8WkMsAUOI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.138.194.0/23 Signature Algorithm: sha256WithRSAEncryption af:70:79:f7:56:d1:2e:1a:a0:d9:2d:06:2d:b3:e3:94:11:46: 80:9b:ef:3c:35:0c:f2:c9:8b:ae:4f:ba:24:02:ae:48:24:31: b6:15:04:51:60:03:d1:c5:1c:5c:a9:d4:48:22:2c:08:e1:cd: 7c:43:43:80:b4:53:9b:9c:00:96:c5:8c:a4:12:b0:9d:9e:8e: de:b2:5a:77:92:bd:36:11:d4:70:fb:1d:5d:04:5f:dc:b2:a4: df:78:e2:c9:e0:e0:c6:54:81:9f:0d:54:8e:85:37:3d:93:8f: 94:9b:09:34:1d:bf:40:f4:9e:ec:db:1f:6c:13:3d:50:2e:7d: f1:7b:70:0d:80:8a:08:8a:ae:f3:df:d0:6f:97:67:19:88:2e: e9:59:74:b6:f0:8e:e0:47:67:f6:7c:b0:a9:16:6a:4c:25:d2: 51:1d:3a:52:e5:ed:42:20:87:2b:e6:6a:7b:62:2f:0d:0f:38: 59:3c:99:49:70:34:a5:a1:f6:77:3c:7c:9b:24:61:0c:a7:4c: 72:f4:c2:8a:68:34:16:23:26:b3:92:d9:67:fe:ca:fb:cd:c7: 84:f3:f8:55:a3:1b:41:e9:a8:bb:72:2e:91:4d:21:d3:60:d0: df:82:0f:fe:97:78:69:9c:68:95:9a:11:1e:cc:f9:18:85:e6: 95:55:31:48 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTU5 RDVGODk3Mjc2RjBERUM4NTdFN0UyREVERDY0OTg3NkU4QTQ4MjAeFw0yNTA4MjIw ODUyMjhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEZDODQzQkVBNDg2N0Qx RTY2Nzk1NkEwREU1OEYxNjkwQ0IwMDUwRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4ujtHxBf6g09EB311ty04my1sFT47NESa7OtRjCmpcCcPFtPW phr51KoWt0kIYifp3upwZmWmIdQOfK3l2MYcYlDDUKBrhM08lkzNjPszIHu0/asR voWunCaLa1KYhqQn8zWfdyMpkFNnRK+HMwx4Hhl7VEhxKE1q02ooUlxG1XvuUhOf KdmNSDHLn/UXVvra7MzbFO1UxRF3YxyK5e6UGfVQ0r64jnf1goPGbB/RspbwM+Zd jwxSvZz4hY5eRjKjUPvOJ3rbQWm1uoh4+OFfC/6Fhk2Dpav93XSNDZ+fp6bTr6bj Cn8UHHWbBbLcT7qHmZ2QcvGTX80zE+SBDx/1AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU/IQ76khn0eZnlWoN5Y8WkMsAUOIwHwYDVR0jBBgwFoAUFZ1fiXJ28N7IV+fi 3t1kmHbopIIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTk9SREFU Vy9GWjFmaVhKMjhON0lWLWZpM3Qxa21IYm9wSUkuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0ZaMWZpWEoyOE43SVYtZmkzdDFrbUhib3BJSS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05PUkRBVFcvX0lRNzZraG4wZVpubFdv TjVZOFdrTXNBVU9JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AWeKwjANBgkqhkiG9w0BAQsFAAOCAQEAr3B591bRLhqg2S0GLbPjlBFGgJvvPDUM 8smLrk+6JAKuSCQxthUEUWAD0cUcXKnUSCIsCOHNfENDgLRTm5wAlsWMpBKwnZ6O 3rJad5K9NhHUcPsdXQRf3LKk33jiyeDgxlSBnw1UjoU3PZOPlJsJNB2/QPSe7Nsf bBM9UC598XtwDYCKCIqu89/Qb5dnGYgu6Vl0tvCO4Edn9nywqRZqTCXSUR06UuXt QiCHK+Zqe2IvDQ84WTyZSXA0paH2dzx8myRhDKdMcvTCimg0FiMms5LZZ/7K+83H hPP4VaMbQemou3IukU0h02DQ34IP/pd4aZxolZoRHsz5GIXmlVUxSA== -----END CERTIFICATE-----Generated at Mon Oct 27 02:28:45 2025 by rpki-client