$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Iae4dMfDrfixhoVkKyWkgArhfX8.roa File: Iae4dMfDrfixhoVkKyWkgArhfX8.roa (raw, json) Hash identifier: W9NVg3lBCf+opGF14C6jkXmBn/zjvnn8g7JT0A4HQGQ= Subject key identifier: 21:A7:B8:74:C7:C3:AD:F8:B1:86:85:64:2B:25:A4:80:0A:E1:7D:7F Certificate issuer: /CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0 Certificate serial: 0550 Authority key identifier: 42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Iae4dMfDrfixhoVkKyWkgArhfX8.roa Signing time: Fri 22 Aug 2025 08:49:40 +0000 ROA not before: Fri 22 Aug 2025 08:49:40 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17408 IP address blocks: 160.25.221.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 18:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1360 (0x550) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0 Validity Not Before: Aug 22 08:49:40 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=21A7B874C7C3ADF8B18685642B25A4800AE17D7F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:5a:73:cf:b2:76:91:c3:20:b3:27:0d:57:d1: 33:d9:31:71:4a:4a:4c:b1:f5:b1:46:94:b7:ac:48: ee:5c:2a:dd:6b:82:3e:9d:30:da:1f:38:3a:29:3c: 91:6e:18:2d:2f:96:25:73:30:f0:66:1a:cc:39:ae: 8d:f9:3e:52:25:f4:8b:f8:23:22:3d:90:c5:99:d2: 70:c4:56:5e:aa:3d:24:cb:02:7b:c9:71:d9:e6:08: 37:83:95:eb:12:5c:42:75:2c:a5:a5:25:98:97:3e: 3a:17:78:9f:5d:1b:73:66:4e:8c:87:c6:9f:89:be: 9e:ee:4f:ce:2b:b6:36:e8:ae:8d:f2:2b:94:8d:28: 99:3b:5b:d1:bf:ed:46:be:fe:29:1c:88:39:f1:1f: 38:ca:ad:a5:59:ad:c2:8a:bf:3a:bf:dd:b1:f6:44: c7:be:75:2a:f5:19:25:3d:df:af:48:3b:a5:e5:f1: 9b:07:fd:77:51:df:62:f2:86:82:98:ab:d3:ce:27: ee:ac:c0:c2:41:7c:2e:41:2e:20:ad:dc:9c:af:80: dd:31:f0:7d:b4:c6:d2:b5:31:1a:c2:51:87:64:ad: d0:2c:ec:c3:44:b0:8d:16:0a:36:d9:e1:65:1e:2e: 2d:cc:10:81:7c:87:ea:90:0c:7e:4b:68:44:3d:24: 4e:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:A7:B8:74:C7:C3:AD:F8:B1:86:85:64:2B:25:A4:80:0A:E1:7D:7F X509v3 Authority Key Identifier: keyid:42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Iae4dMfDrfixhoVkKyWkgArhfX8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.25.221.0/24 Signature Algorithm: sha256WithRSAEncryption 28:c9:71:65:b8:93:7b:96:bb:de:0b:67:be:af:23:c9:bf:a2: c3:a6:00:f4:72:c5:f4:7d:a9:e5:24:9c:b5:38:02:10:61:db: 70:1a:9c:13:7b:64:41:5b:4d:cd:f1:3b:4c:b2:04:c1:25:60: 8b:f3:1b:39:4d:5e:e3:7a:ba:ec:8d:0e:6a:fa:9c:02:82:a5: 6b:c9:ad:05:b5:5c:06:46:2a:7c:05:4b:58:2c:ba:7d:79:9a: 73:13:cd:ac:74:31:24:5d:0a:63:3e:f1:9b:8f:25:18:f6:78: 17:1c:6d:42:dd:e3:ed:ee:be:ff:8b:06:47:0b:58:40:b1:3e: 32:81:3c:b1:86:55:b3:da:27:b3:d6:7d:35:3d:a8:4b:4b:fd: c9:34:db:3d:cc:ce:0e:a0:c3:c9:15:50:6e:da:c5:6d:01:b4: 73:6a:df:23:1c:f3:14:bd:0c:fe:9b:fd:04:80:49:b4:27:87: a4:00:c1:34:1e:cc:21:ed:f5:4c:76:d9:13:88:91:c9:7a:01: 1f:c7:13:6d:be:53:56:5c:cd:1c:bd:b3:fe:bb:1c:ef:68:81: c2:e1:d9:76:4a:67:e0:2d:35:69:fe:d0:87:b9:89:41:01:93: 65:99:74:c2:cb:07:94:db:63:15:76:0e:86:62:01:f1:bd:a5: 73:5c:eb:e2 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICBVAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDIy RTdDOTVEODdERTlBRUVCMjEyQTBDNENDQjAxNzRFNjVDQTVEMDAeFw0yNTA4MjIw ODQ5NDBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDIxQTdCODc0QzdDM0FE RjhCMTg2ODU2NDJCMjVBNDgwMEFFMTdEN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7WnPPsnaRwyCzJw1X0TPZMXFKSkyx9bFGlLesSO5cKt1rgj6d MNofODopPJFuGC0vliVzMPBmGsw5ro35PlIl9Iv4IyI9kMWZ0nDEVl6qPSTLAnvJ cdnmCDeDlesSXEJ1LKWlJZiXPjoXeJ9dG3NmToyHxp+Jvp7uT84rtjboro3yK5SN KJk7W9G/7Ua+/ikciDnxHzjKraVZrcKKvzq/3bH2RMe+dSr1GSU9369IO6Xl8ZsH /XdR32LyhoKYq9POJ+6swMJBfC5BLiCt3JyvgN0x8H20xtK1MRrCUYdkrdAs7MNE sI0WCjbZ4WUeLi3MEIF8h+qQDH5LaEQ9JE7dAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUIae4dMfDrfixhoVkKyWkgArhfX8wHwYDVR0jBBgwFoAUQi58ldh96a7rISoM TMsBdOZcpdAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0tJUFRF Q0gvUWk1OGxkaDk2YTdySVNvTVRNc0JkT1pjcGRBLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9RaTU4bGRoOTZhN3JJU29NVE1zQmRPWmNwZEEuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TS0lQVEVDSC9JYWU0ZE1mRHJmaXho b1ZrS3lXa2dBcmhmWDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAoBndMA0GCSqGSIb3DQEBCwUAA4IBAQAoyXFluJN7lrveC2e+ryPJv6LDpgD0 csX0fanlJJy1OAIQYdtwGpwTe2RBW03N8TtMsgTBJWCL8xs5TV7jerrsjQ5q+pwC gqVrya0FtVwGRip8BUtYLLp9eZpzE82sdDEkXQpjPvGbjyUY9ngXHG1C3ePt7r7/ iwZHC1hAsT4ygTyxhlWz2iez1n01PahLS/3JNNs9zM4OoMPJFVBu2sVtAbRzat8j HPMUvQz+m/0EgEm0J4ekAME0Hswh7fVMdtkTiJHJegEfxxNtvlNWXM0cvbP+uxzv aIHC4dl2SmfgLTVp/tCHuYlBAZNlmXTCyweU22MVdg6GYgHxvaVzXOvi -----END CERTIFICATE-----Generated at Tue Sep 9 17:42:19 2025 by rpki-client