$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/M9zQyZuCA4Kb5sgFW282VKbEnO4.roa File: M9zQyZuCA4Kb5sgFW282VKbEnO4.roa (raw, json) Hash identifier: qZJ7HBPPcRlnosch01wWCGxhkFwgL+NKT2B5d7WrM7A= Subject key identifier: 33:DC:D0:C9:9B:82:03:82:9B:E6:C8:05:5B:6F:36:54:A6:C4:9C:EE Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0FEC Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/M9zQyZuCA4Kb5sgFW282VKbEnO4.roa Signing time: Fri 22 Aug 2025 08:55:45 +0000 ROA not before: Fri 22 Aug 2025 08:55:45 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17716 IP address blocks: 140.122.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 20:57:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4076 (0xfec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Aug 22 08:55:45 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=33DCD0C99B8203829BE6C8055B6F3654A6C49CEE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:60:5e:f7:d8:93:f9:fc:31:b0:1d:16:bd:73: 18:04:82:c1:b8:93:d3:50:2a:9c:ff:22:91:39:02: fd:e5:1d:22:95:60:95:4c:36:0e:4f:83:c3:c1:29: dd:0e:49:e7:e5:72:d1:86:76:fd:02:2a:e4:b3:30: 4c:83:18:18:e0:b8:1e:15:1b:bd:05:4b:00:db:f1: 5e:c8:3d:92:bb:9a:05:15:18:c8:ba:20:1d:9f:67: 73:86:b4:c2:ae:fa:94:52:d8:1c:27:dd:48:1b:64: 72:71:24:de:a4:03:dd:c3:6c:f5:a6:bb:96:4d:1b: 18:27:5a:32:a5:cd:64:f3:aa:23:39:c0:a5:b1:eb: b0:4d:8a:b0:0b:cd:4a:18:7e:87:a0:41:7f:d9:bd: 89:6e:46:8c:9e:65:12:bf:10:4a:f7:ad:48:63:00: bf:8e:f2:38:40:23:95:7d:3a:df:c4:6e:99:43:9d: 14:20:33:c8:f3:0a:e4:8c:86:a7:01:81:13:7d:8e: 3b:89:53:7a:7f:49:37:cf:9f:88:29:7b:bc:ed:e6: 20:85:56:d2:7e:6b:4c:08:2e:7a:ca:b2:ec:18:f3: 8a:79:8e:b5:70:95:6e:67:9f:fe:c1:cd:27:be:c5: ed:75:2f:de:30:cc:be:ff:d3:25:97:1c:b5:f1:20: 6b:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:DC:D0:C9:9B:82:03:82:9B:E6:C8:05:5B:6F:36:54:A6:C4:9C:EE X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/M9zQyZuCA4Kb5sgFW282VKbEnO4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.122.0.0/16 Signature Algorithm: sha256WithRSAEncryption 24:20:8d:db:ea:ce:5b:15:91:db:82:bd:71:d1:01:c4:e4:de: f7:4b:6a:a7:7c:d3:20:fd:5f:8c:92:7e:5a:09:5f:8b:02:7f: 54:0c:2d:85:4f:b6:96:b9:87:63:20:47:95:6c:81:92:c2:f1: be:a4:d6:70:04:ec:fc:98:24:92:07:50:6a:c7:8e:f0:2c:f7: d4:06:37:b0:4b:96:e8:6a:24:19:f6:27:f3:bb:a1:0c:9e:38: 60:15:83:a4:8c:08:b3:e4:bc:45:f3:43:e8:15:4f:6c:65:dc: d4:4b:ff:59:3f:a1:b2:97:b1:cf:ff:5e:1b:d5:b1:4e:7e:18: 89:8f:93:d0:63:db:67:fb:0e:94:bd:d6:90:12:24:7b:78:3e: ee:77:ea:5b:2b:d7:62:f6:7c:9c:05:cd:b8:f6:75:49:98:67: ed:a4:a8:01:6a:7b:aa:66:df:26:e8:35:7d:75:61:c2:5e:70: 71:5d:05:1e:aa:23:1b:7d:33:6a:a9:b7:e7:ab:96:6f:af:da: b7:24:da:a4:1d:44:67:96:39:84:76:39:e2:d2:02:15:aa:93: 92:50:67:63:e6:86:fe:c8:b4:1e:ac:c8:84:c9:b0:f8:58:0b: 33:f2:c4:d9:32:08:a8:f6:6c:97:5d:b2:06:67:b3:df:1f:f6: aa:9e:64:c8 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICD+wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTA4MjIw ODU1NDVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDMzRENEMEM5OUI4MjAz ODI5QkU2QzgwNTVCNkYzNjU0QTZDNDlDRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4YF732JP5/DGwHRa9cxgEgsG4k9NQKpz/IpE5Av3lHSKVYJVM Ng5Pg8PBKd0OSeflctGGdv0CKuSzMEyDGBjguB4VG70FSwDb8V7IPZK7mgUVGMi6 IB2fZ3OGtMKu+pRS2Bwn3UgbZHJxJN6kA93DbPWmu5ZNGxgnWjKlzWTzqiM5wKWx 67BNirALzUoYfoegQX/ZvYluRoyeZRK/EEr3rUhjAL+O8jhAI5V9Ot/EbplDnRQg M8jzCuSMhqcBgRN9jjuJU3p/STfPn4gpe7zt5iCFVtJ+a0wILnrKsuwY84p5jrVw lW5nn/7BzSe+xe11L94wzL7/0yWXHLXxIGthAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUM9zQyZuCA4Kb5sgFW282VKbEnO4wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9NOXpReVp1Q0E0S2I1c2dGVzI4 MlZLYkVuTzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHow DQYJKoZIhvcNAQELBQADggEBACQgjdvqzlsVkduCvXHRAcTk3vdLaqd80yD9X4yS floJX4sCf1QMLYVPtpa5h2MgR5VsgZLC8b6k1nAE7PyYJJIHUGrHjvAs99QGN7BL luhqJBn2J/O7oQyeOGAVg6SMCLPkvEXzQ+gVT2xl3NRL/1k/obKXsc//XhvVsU5+ GImPk9Bj22f7DpS91pASJHt4Pu536lsr12L2fJwFzbj2dUmYZ+2kqAFqe6pm3ybo NX11YcJecHFdBR6qIxt9M2qpt+erlm+v2rck2qQdRGeWOYR2OeLSAhWqk5JQZ2Pm hv7ItB6syITJsPhYCzPyxNkyCKj2bJddsgZns98f9qqeZMg= -----END CERTIFICATE-----Generated at Tue Oct 28 16:05:42 2025 by rpki-client