$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/zQ0rr8tgtODW2163ed1zEuwZd88.roa File: zQ0rr8tgtODW2163ed1zEuwZd88.roa (raw, json) Hash identifier: b1D1k4Y36e9xypzya2dDvoPUavL2UezXMxngXE7dFLo= Subject key identifier: CD:0D:2B:AF:CB:60:B4:E0:D6:DB:5E:B7:79:DD:73:12:EC:19:77:CF Certificate issuer: /CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0 Certificate serial: 054F Authority key identifier: 42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/zQ0rr8tgtODW2163ed1zEuwZd88.roa Signing time: Fri 22 Aug 2025 08:49:39 +0000 ROA not before: Fri 22 Aug 2025 08:49:39 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 14618 IP address blocks: 160.25.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 18:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1359 (0x54f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0 Validity Not Before: Aug 22 08:49:39 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=CD0D2BAFCB60B4E0D6DB5EB779DD7312EC1977CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e4:1d:ce:90:e5:fd:de:f5:ca:88:3e:49:9e: 42:f5:a7:ca:5d:71:c5:66:ba:2e:42:51:18:ec:f9: bb:2d:b0:12:68:4c:9b:97:45:57:02:32:c9:9a:2f: b5:2d:3b:34:ea:7d:b5:ff:2b:d3:fd:98:0f:e2:9d: a1:38:20:c2:6a:b0:99:74:4f:5c:20:fa:d5:7a:05: 7f:c0:26:d3:8b:ad:50:00:27:a4:b3:11:3a:4f:b9: cc:19:c4:ff:ea:6c:db:48:51:27:fa:eb:ee:8e:07: 4d:6e:bf:99:cd:1c:d2:a6:9a:83:3d:51:ec:82:53: 67:a9:88:bd:57:6d:de:9b:be:6a:ff:ca:4c:23:22: 44:5d:d5:ab:b4:1f:f9:e5:e6:70:89:9d:c7:da:2f: c9:28:ae:d8:98:64:4c:35:52:31:f8:21:ed:63:a8: 71:b0:23:9d:f9:af:7c:cc:3a:fb:d9:8c:d9:0a:50: f9:bf:c8:09:88:b3:44:5f:ae:01:12:e5:b5:db:c0: 13:e8:9d:ec:50:7b:34:f4:f5:1e:cf:d7:29:16:e3: 69:51:ca:bf:dd:e1:6b:2c:c2:57:2d:06:76:da:29: e5:c9:4a:9a:d9:b0:44:be:60:64:d9:97:6f:6d:ba: 01:b7:e7:44:fc:46:0c:3e:88:13:6c:02:ab:de:0d: 5f:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:0D:2B:AF:CB:60:B4:E0:D6:DB:5E:B7:79:DD:73:12:EC:19:77:CF X509v3 Authority Key Identifier: keyid:42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/zQ0rr8tgtODW2163ed1zEuwZd88.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.25.220.0/24 Signature Algorithm: sha256WithRSAEncryption af:84:a6:d2:8d:0a:6f:47:35:11:d4:3a:02:bc:68:a9:80:e7: b2:94:e2:a5:52:cb:f9:56:6a:27:bb:42:c3:31:d6:82:6c:5e: 4c:a9:87:63:69:5e:e5:34:79:f1:30:de:6e:3c:c0:68:16:72: b1:bc:8a:21:f3:30:d2:35:91:9e:ed:1a:7b:3f:89:b0:17:14: ed:94:8e:43:11:04:ac:d5:84:0c:13:dd:09:1c:ca:6d:c2:d1: f4:e6:0c:3f:85:ed:bd:fc:59:36:56:a4:85:20:01:e5:f6:96: 7d:4b:33:fe:7a:06:fa:70:74:29:39:a7:19:56:2b:a8:c8:29: ae:2c:cd:53:99:34:13:a6:0d:e4:6c:35:bd:0b:2c:9d:c4:cd: 2c:cd:c5:ff:a0:b1:d0:9b:1c:be:3e:f0:74:c3:15:32:b8:ba: 96:67:a4:ad:d9:3d:91:ec:18:88:58:da:85:c8:85:16:25:11: 95:96:ed:0d:26:28:10:58:28:b1:95:67:44:77:03:ce:9e:65: 23:2a:cf:62:8d:fc:1e:4c:3e:8b:2a:c6:72:31:83:a7:6b:06: b7:a5:3d:c2:c2:3f:76:82:f0:ec:f9:90:1c:1a:6f:7a:91:80: 59:c0:d0:2d:6a:13:67:0f:6e:9e:6c:4f:17:97:10:90:70:1c: 8c:a6:20:ab -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICBU8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDIy RTdDOTVEODdERTlBRUVCMjEyQTBDNENDQjAxNzRFNjVDQTVEMDAeFw0yNTA4MjIw ODQ5MzlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKENEMEQyQkFGQ0I2MEI0 RTBENkRCNUVCNzc5REQ3MzEyRUMxOTc3Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC05B3OkOX93vXKiD5JnkL1p8pdccVmui5CURjs+bstsBJoTJuX RVcCMsmaL7UtOzTqfbX/K9P9mA/inaE4IMJqsJl0T1wg+tV6BX/AJtOLrVAAJ6Sz ETpPucwZxP/qbNtIUSf66+6OB01uv5nNHNKmmoM9UeyCU2epiL1Xbd6bvmr/ykwj IkRd1au0H/nl5nCJncfaL8kortiYZEw1UjH4Ie1jqHGwI535r3zMOvvZjNkKUPm/ yAmIs0RfrgES5bXbwBPonexQezT09R7P1ykW42lRyr/d4WsswlctBnbaKeXJSprZ sES+YGTZl29tugG350T8Rgw+iBNsAqveDV+PAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUzQ0rr8tgtODW2163ed1zEuwZd88wHwYDVR0jBBgwFoAUQi58ldh96a7rISoM TMsBdOZcpdAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0tJUFRF Q0gvUWk1OGxkaDk2YTdySVNvTVRNc0JkT1pjcGRBLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9RaTU4bGRoOTZhN3JJU29NVE1zQmRPWmNwZEEuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TS0lQVEVDSC96UTBycjh0Z3RPRFcy MTYzZWQxekV1d1pkODgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAoBncMA0GCSqGSIb3DQEBCwUAA4IBAQCvhKbSjQpvRzUR1DoCvGipgOeylOKl Usv5Vmonu0LDMdaCbF5MqYdjaV7lNHnxMN5uPMBoFnKxvIoh8zDSNZGe7Rp7P4mw FxTtlI5DEQSs1YQME90JHMptwtH05gw/he29/Fk2VqSFIAHl9pZ9SzP+egb6cHQp OacZViuoyCmuLM1TmTQTpg3kbDW9CyydxM0szcX/oLHQmxy+PvB0wxUyuLqWZ6St 2T2R7BiIWNqFyIUWJRGVlu0NJigQWCixlWdEdwPOnmUjKs9ijfweTD6LKsZyMYOn awa3pT3Cwj92gvDs+ZAcGm96kYBZwNAtahNnD26ebE8XlxCQcByMpiCr -----END CERTIFICATE-----Generated at Tue Sep 9 17:42:18 2025 by rpki-client