$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/OjxtEIEIInSGbvH00RI4o3Q2bZw.roa File: OjxtEIEIInSGbvH00RI4o3Q2bZw.roa (raw, json) Hash identifier: ilwXlDOKtjozL+B36dThkuEZ7bnMPaNNp/7IrmLeeKs= Subject key identifier: 3A:3C:6D:10:81:08:22:74:86:6E:F1:F4:D1:12:38:A3:74:36:6D:9C Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 1090 Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/OjxtEIEIInSGbvH00RI4o3Q2bZw.roa Signing time: Fri 22 Aug 2025 08:55:37 +0000 ROA not before: Fri 22 Aug 2025 08:55:37 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 1659 IP address blocks: 210.59.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 07:27:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4240 (0x1090) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 22 08:55:37 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3A3C6D1081082274866EF1F4D11238A374366D9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:0f:a5:fc:b5:b6:b9:19:10:f7:00:b0:80:d2: 8b:55:d8:c2:1e:5e:43:0b:c8:de:7f:44:62:9c:36: fa:63:d9:82:3b:d5:82:8d:6f:6b:03:9d:50:e6:2a: 05:a7:f0:24:fe:e4:29:aa:16:b4:59:d7:2f:e9:c4: a0:10:34:2f:cc:7f:6f:2c:bd:a8:33:9f:ee:3b:24: b7:2d:e6:b5:a3:05:8e:f9:92:67:70:2b:1e:0b:db: 4c:fb:ee:e4:21:64:c7:66:d6:8f:44:49:d2:d9:32: c0:00:01:38:61:31:34:1e:2f:73:30:9c:e2:50:09: f2:72:3c:c1:15:f3:b3:37:f6:cd:7d:21:9c:0f:39: e0:3c:73:aa:1a:b8:1d:df:d1:70:3c:37:dd:51:a7: 13:64:cf:0e:75:e1:b4:10:52:e2:94:f9:80:20:b8: 04:1a:c4:c3:0f:ef:23:f8:3a:40:1e:75:ac:ab:b0: 14:07:0e:cf:5c:49:df:ef:b2:9f:d5:48:32:5c:a7: 02:3a:7e:9d:eb:76:97:84:a4:bd:64:76:0a:6e:9b: 20:e9:d9:f4:28:0d:38:89:1a:82:6e:ae:ea:26:e1: a4:2d:16:0a:d4:6a:e2:c9:03:d9:6b:7b:e7:e5:1c: 74:38:18:96:83:7c:ae:7c:39:65:52:1b:df:68:58: b7:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:3C:6D:10:81:08:22:74:86:6E:F1:F4:D1:12:38:A3:74:36:6D:9C X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/OjxtEIEIInSGbvH00RI4o3Q2bZw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.59.0.0/17 Signature Algorithm: sha256WithRSAEncryption 5b:fc:4f:3f:88:51:0c:0e:4c:8f:9a:8e:9d:7c:ea:7a:3d:35: f6:17:28:76:ee:b6:66:75:03:35:4d:b2:32:e5:9c:2b:0b:45: 53:89:ef:70:43:ce:17:d1:dd:a9:f2:12:13:0f:bb:40:0f:83: 39:da:0a:a3:77:35:48:37:08:05:02:85:fd:b7:07:2a:4b:f6: 0b:b8:3d:b5:e3:c9:fd:fe:9a:cc:39:57:ba:7e:66:c7:c3:16: 44:6b:f3:98:6d:0e:f5:dc:cf:4e:05:d8:3a:52:0f:4d:5d:15: dd:ac:5f:01:39:6e:07:7f:08:6e:08:10:aa:40:c7:54:8a:c4: 1e:24:5d:11:32:c1:0e:aa:37:cc:55:f4:8e:32:10:9f:e8:e2: d8:da:46:e5:a7:82:6e:d2:45:da:fd:83:1d:dd:60:ff:8d:26: 2d:e8:37:51:87:f7:4f:2c:c5:5f:29:4d:19:43:14:4c:16:c3: 51:c8:b3:ef:0c:b1:21:c3:2a:ab:ee:b7:95:78:17:23:68:04: 85:93:b8:78:63:6c:4f:f9:cd:a0:59:af:68:1c:e9:34:89:05: 33:94:70:84:07:e1:b9:1e:b9:a9:6d:de:a3:55:e0:b5:30:19: a7:ba:22:a6:ff:49:40:74:ca:d0:eb:bb:0c:89:07:5e:50:13: 29:29:ac:6b -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNTA4MjIw ODU1MzdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNBM0M2RDEwODEwODIy NzQ4NjZFRjFGNEQxMTIzOEEzNzQzNjZEOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpD6X8tba5GRD3ALCA0otV2MIeXkMLyN5/RGKcNvpj2YI71YKN b2sDnVDmKgWn8CT+5CmqFrRZ1y/pxKAQNC/Mf28svagzn+47JLct5rWjBY75kmdw Kx4L20z77uQhZMdm1o9ESdLZMsAAAThhMTQeL3MwnOJQCfJyPMEV87M39s19IZwP OeA8c6oauB3f0XA8N91RpxNkzw514bQQUuKU+YAguAQaxMMP7yP4OkAedayrsBQH Ds9cSd/vsp/VSDJcpwI6fp3rdpeEpL1kdgpumyDp2fQoDTiJGoJuruom4aQtFgrU auLJA9lre+flHHQ4GJaDfK58OWVSG99oWLefAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUOjxtEIEIInSGbvH00RI4o3Q2bZwwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9Panh0RUlFSUluU0didkgwMFJJ NG8zUTJiWncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH0jsA MA0GCSqGSIb3DQEBCwUAA4IBAQBb/E8/iFEMDkyPmo6dfOp6PTX2Fyh27rZmdQM1 TbIy5ZwrC0VTie9wQ84X0d2p8hITD7tAD4M52gqjdzVINwgFAoX9twcqS/YLuD21 48n9/prMOVe6fmbHwxZEa/OYbQ713M9OBdg6Ug9NXRXdrF8BOW4HfwhuCBCqQMdU isQeJF0RMsEOqjfMVfSOMhCf6OLY2kblp4Ju0kXa/YMd3WD/jSYt6DdRh/dPLMVf KU0ZQxRMFsNRyLPvDLEhwyqr7reVeBcjaASFk7h4Y2xP+c2gWa9oHOk0iQUzlHCE B+G5Hrmpbd6jVeC1MBmnuiKm/0lAdMrQ67sMiQdeUBMpKaxr -----END CERTIFICATE-----Generated at Sat Oct 25 06:48:32 2025 by rpki-client