$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/4lA6qeEfiAsQPhE5QQ1KGP1XMPM.roa File: 4lA6qeEfiAsQPhE5QQ1KGP1XMPM.roa (raw, json) Hash identifier: kvAEAwn0oPlHsLYESMFvTbF/3KcxnB1eOAuUaz77IvU= Subject key identifier: E2:50:3A:A9:E1:1F:88:0B:10:3E:11:39:41:0D:4A:18:FD:57:30:F3 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 1007 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4lA6qeEfiAsQPhE5QQ1KGP1XMPM.roa Signing time: Fri 22 Aug 2025 08:55:51 +0000 ROA not before: Fri 22 Aug 2025 08:55:51 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9916 IP address blocks: 140.129.52.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 20:57:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4103 (0x1007) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Aug 22 08:55:51 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=E2503AA9E11F880B103E1139410D4A18FD5730F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:c5:a1:99:c6:16:fd:f3:5c:5d:17:b3:79:b2: 49:54:c2:bf:04:20:32:0e:7d:bc:5c:cd:a6:84:fa: 1c:37:31:29:c5:4d:01:e7:58:c5:5c:1c:28:d1:fb: 5a:91:87:34:3e:a5:42:1c:10:b3:6d:b1:5f:c9:83: d4:3e:44:77:72:05:2a:81:b0:be:99:c1:27:1a:17: 5b:a1:29:f7:00:c6:48:09:78:7a:16:58:6b:d9:e2: 6f:fc:30:2a:5b:89:31:2a:c8:e7:a4:92:1e:09:05: ed:e7:cc:c4:6a:20:13:66:b2:50:bd:8d:b7:f7:e6: 03:0b:98:c3:8c:d4:3f:a0:ec:ff:d6:a2:e9:5c:f1: c2:77:c9:f8:d6:7c:d0:e7:27:bb:60:0c:96:18:c3: 51:fd:44:39:ae:5b:c4:30:c5:aa:9d:37:ad:e1:ee: 04:5d:0f:11:2f:76:72:05:ad:f3:ba:9f:60:22:44: f4:48:81:8f:8e:05:08:d8:99:12:27:8f:f7:d9:3d: f3:7b:45:96:02:1c:44:dc:e9:54:1a:b1:6a:7a:6b: 21:50:4c:9e:d4:fc:30:01:90:27:7f:ef:e3:4d:6d: f9:ec:37:fc:52:27:db:37:d2:d3:d9:63:f0:d6:2a: 5c:a4:94:60:76:42:97:7f:b1:bb:17:07:7e:19:8a: 58:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:50:3A:A9:E1:1F:88:0B:10:3E:11:39:41:0D:4A:18:FD:57:30:F3 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4lA6qeEfiAsQPhE5QQ1KGP1XMPM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.129.52.0/22 Signature Algorithm: sha256WithRSAEncryption 1d:80:00:1d:dd:56:48:b3:1c:6b:1d:42:14:7d:b4:9c:9f:3f: 95:c8:1e:af:67:cc:f8:6c:b8:2e:b1:b6:09:e1:c9:8b:9e:d8: ed:be:e9:0c:b3:c3:73:90:41:4b:d3:c7:4f:6e:82:86:47:be: b6:de:89:ba:d0:7e:32:52:42:65:7e:bb:c1:79:69:2e:76:ad: a5:77:d7:e6:d5:1f:7f:f2:62:56:af:43:6f:a6:e3:51:86:8e: 0c:f6:7e:50:4a:1d:45:9f:71:df:93:fc:df:a8:87:69:c9:de: 59:ea:8e:a4:15:a1:a2:01:01:7a:21:4d:97:01:72:ca:d1:6b: 48:30:bd:13:06:ba:57:a3:ec:4b:ca:ff:61:04:88:40:cf:f3: 0c:9c:30:9d:73:8b:da:ec:d3:2b:93:ae:68:61:71:f5:c5:a4: ec:e1:a0:22:7c:c8:9b:c5:f8:5f:68:31:6b:46:89:38:da:e1: 91:b9:d1:2d:9c:e0:0d:ac:3f:f2:c6:e0:d3:7f:7a:27:0d:e0: f0:21:b0:de:37:a4:15:4d:78:39:c0:8f:62:e5:61:4b:9b:26: e7:37:7e:cd:46:8d:ed:e8:36:0b:80:a5:25:ac:c8:11:ca:45: 9b:0c:96:11:1f:35:c1:ac:d7:c6:cc:f4:bc:55:7c:fa:91:b7: 90:51:52:8a -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEAcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTA4MjIw ODU1NTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEUyNTAzQUE5RTExRjg4 MEIxMDNFMTEzOTQxMEQ0QTE4RkQ1NzMwRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCixaGZxhb981xdF7N5sklUwr8EIDIOfbxczaaE+hw3MSnFTQHn WMVcHCjR+1qRhzQ+pUIcELNtsV/Jg9Q+RHdyBSqBsL6ZwScaF1uhKfcAxkgJeHoW WGvZ4m/8MCpbiTEqyOekkh4JBe3nzMRqIBNmslC9jbf35gMLmMOM1D+g7P/Woulc 8cJ3yfjWfNDnJ7tgDJYYw1H9RDmuW8QwxaqdN63h7gRdDxEvdnIFrfO6n2AiRPRI gY+OBQjYmRInj/fZPfN7RZYCHETc6VQasWp6ayFQTJ7U/DABkCd/7+NNbfnsN/xS J9s30tPZY/DWKlyklGB2Qpd/sbsXB34ZilhFAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU4lA6qeEfiAsQPhE5QQ1KGP1XMPMwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC80bEE2cWVFZmlBc1FQaEU1UVEx S0dQMVhNUE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjIE0 MA0GCSqGSIb3DQEBCwUAA4IBAQAdgAAd3VZIsxxrHUIUfbScnz+VyB6vZ8z4bLgu sbYJ4cmLntjtvukMs8NzkEFL08dPboKGR7623om60H4yUkJlfrvBeWkudq2ld9fm 1R9/8mJWr0NvpuNRho4M9n5QSh1Fn3Hfk/zfqIdpyd5Z6o6kFaGiAQF6IU2XAXLK 0WtIML0TBrpXo+xLyv9hBIhAz/MMnDCdc4va7NMrk65oYXH1xaTs4aAifMibxfhf aDFrRok42uGRudEtnOANrD/yxuDTf3onDeDwIbDeN6QVTXg5wI9i5WFLmybnN37N Ro3t6DYLgKUlrMgRykWbDJYRHzXBrNfGzPS8VXz6kbeQUVKK -----END CERTIFICATE-----Generated at Tue Oct 28 16:05:44 2025 by rpki-client