$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/0rtrKc7d2DygJQGg2P035nk87YA.roa File: 0rtrKc7d2DygJQGg2P035nk87YA.roa (raw, json) Hash identifier: sS4dBmOMhTiLWLhPPAF0E3KJkpjq+UG2+r1wPdJiXHA= Subject key identifier: D2:BB:6B:29:CE:DD:D8:3C:A0:25:01:A0:D8:FD:37:E6:79:3C:ED:80 Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0DC7 Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0rtrKc7d2DygJQGg2P035nk87YA.roa Signing time: Fri 22 Aug 2025 08:44:20 +0000 ROA not before: Fri 22 Aug 2025 08:44:20 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 20473 IP address blocks: 103.129.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 10:48:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3527 (0xdc7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Aug 22 08:44:20 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D2BB6B29CEDDD83CA02501A0D8FD37E6793CED80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:17:b2:7d:fe:8d:68:09:55:fc:9b:45:35:ce: 57:5e:cf:27:d9:54:40:a1:ae:5d:8b:c1:95:b1:1c: 50:2a:e8:28:83:79:50:ac:84:d0:3c:18:55:f9:99: 94:e6:e2:1a:8a:cb:2e:ac:6b:d0:07:e0:f2:5c:92: a8:ac:c8:41:cc:89:d2:bd:1c:60:6a:75:1d:f0:c3: 98:16:dd:8e:b8:93:dd:cb:62:d2:b1:51:9c:44:d6: 70:19:01:36:cc:1e:8e:c9:eb:6a:0a:00:68:35:a4: ad:6c:05:a5:37:d8:ac:37:5e:b2:94:cd:65:d2:ba: c9:1f:de:be:ba:23:97:19:cf:5a:5d:0d:9b:a3:eb: 0a:2e:38:13:8c:60:b9:32:34:ff:53:e4:4c:25:6d: 85:43:d7:33:f2:69:70:71:09:c3:df:13:2f:3c:30: 9b:6d:b1:f5:42:ac:1f:f4:71:f9:f9:0e:e3:fc:f8: 47:a0:83:6e:12:b8:02:51:0a:2c:51:cb:44:83:b3: a5:ee:61:94:21:6a:ca:ab:c6:d9:83:7e:d7:3e:4e: 0a:68:d5:49:1a:ee:c4:ce:48:f3:17:00:e2:38:77: be:c1:1b:d7:ef:81:ac:2d:19:8c:29:d5:cf:6e:55: 48:ab:09:b5:64:be:5f:9b:89:f7:09:df:87:71:d7: a8:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:BB:6B:29:CE:DD:D8:3C:A0:25:01:A0:D8:FD:37:E6:79:3C:ED:80 X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0rtrKc7d2DygJQGg2P035nk87YA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.129.147.0/24 Signature Algorithm: sha256WithRSAEncryption 31:39:73:e9:eb:e4:43:bb:f3:c3:9c:9a:18:51:a7:d4:eb:f8: 79:2e:af:65:c9:6d:5b:aa:8c:de:74:7c:a1:ab:ef:4c:94:c2: 85:6f:b0:e8:07:c6:1a:e7:d4:af:e7:60:c5:61:f9:ce:d0:12: 35:16:c3:89:5c:7e:9d:82:9a:8d:cb:b1:27:37:77:9b:c7:b6: 0e:d9:e6:63:9b:68:c6:d7:4b:33:82:a5:93:f2:3c:bf:8d:78: 33:cd:fa:26:96:62:6a:97:7b:14:4d:24:b6:1d:ae:d8:78:f3: 59:2c:be:fd:a5:92:b0:a8:ac:a1:2d:1a:0c:60:be:7d:0c:13: 6e:a7:43:e6:49:98:9b:f1:f4:b2:89:2c:35:9d:77:f0:df:51: 43:d0:ec:8a:a4:e3:14:cd:5a:2a:15:f2:d5:0c:99:0a:bd:57: 54:22:2a:aa:07:d7:79:93:17:e7:f0:00:02:d9:fa:59:87:a4: a6:04:da:24:d6:84:79:4a:b8:d9:0e:1d:6a:ec:eb:26:df:0a: ae:6b:4e:b9:b0:e4:5c:f0:2c:c4:5a:0b:4c:52:29:4f:dd:23: f0:37:f5:ab:b2:45:1e:17:ea:ab:fb:c1:56:8e:35:58:8d:e3: b1:8a:bd:f7:40:89:a9:77:aa:ac:8b:39:5c:d4:99:12:f0:08: 93:6b:9f:fb -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDccwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA4MjIw ODQ0MjBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQyQkI2QjI5Q0VEREQ4 M0NBMDI1MDFBMEQ4RkQzN0U2NzkzQ0VEODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9F7J9/o1oCVX8m0U1zldezyfZVEChrl2LwZWxHFAq6CiDeVCs hNA8GFX5mZTm4hqKyy6sa9AH4PJckqisyEHMidK9HGBqdR3ww5gW3Y64k93LYtKx UZxE1nAZATbMHo7J62oKAGg1pK1sBaU32Kw3XrKUzWXSuskf3r66I5cZz1pdDZuj 6wouOBOMYLkyNP9T5EwlbYVD1zPyaXBxCcPfEy88MJttsfVCrB/0cfn5DuP8+Eeg g24SuAJRCixRy0SDs6XuYZQhasqrxtmDftc+Tgpo1Uka7sTOSPMXAOI4d77BG9fv gawtGYwp1c9uVUirCbVkvl+bifcJ34dx16ilAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU0rtrKc7d2DygJQGg2P035nk87YAwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzBydHJLYzdkMkR5Z0pRR2cyUDAzNW5r ODdZQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZMwDQYJ KoZIhvcNAQELBQADggEBADE5c+nr5EO788OcmhhRp9Tr+Hkur2XJbVuqjN50fKGr 70yUwoVvsOgHxhrn1K/nYMVh+c7QEjUWw4lcfp2Cmo3LsSc3d5vHtg7Z5mObaMbX SzOCpZPyPL+NeDPN+iaWYmqXexRNJLYdrth481ksvv2lkrCorKEtGgxgvn0ME26n Q+ZJmJvx9LKJLDWdd/DfUUPQ7Iqk4xTNWioV8tUMmQq9V1QiKqoH13mTF+fwAALZ +lmHpKYE2iTWhHlKuNkOHWrs6ybfCq5rTrmw5FzwLMRaC0xSKU/dI/A39auyRR4X 6qv7wVaONViN47GKvfdAial3qqyLOVzUmRLwCJNrn/s= -----END CERTIFICATE-----Generated at Tue Sep 9 06:20:26 2025 by rpki-client