$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa File: DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa (raw, json) Hash identifier: M7DNC5f/ZNgNXYOcgP3RHvZDM8IuBzJhvvvGLFmDf0M= Subject key identifier: 0E:89:AE:2F:95:42:47:50:91:0F:C9:1F:E0:A0:FE:66:F4:25:D4:79 Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0DCB Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa Signing time: Fri 22 Aug 2025 08:44:21 +0000 ROA not before: Fri 22 Aug 2025 08:44:21 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38254 IP address blocks: 103.129.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 10:48:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3531 (0xdcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Aug 22 08:44:21 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0E89AE2F95424750910FC91FE0A0FE66F425D479 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:d7:32:68:6b:ec:1e:18:e9:de:e4:a8:a3:50: 5b:e6:ba:6f:df:32:c2:b6:b2:82:fd:68:d8:65:c3: be:6e:36:11:04:bb:c0:4e:48:35:39:ef:37:69:94: a9:d9:8b:fd:d2:bc:0f:9d:b4:24:69:aa:8b:69:b3: 08:bd:63:5d:59:1b:fc:98:fd:3a:15:02:9d:18:39: 60:87:3c:1d:71:12:3a:fa:ca:30:24:f5:7f:36:8c: 4c:72:64:de:98:02:a1:dc:19:a9:1b:2c:00:5c:ec: 70:53:bc:6a:64:d9:cc:ab:b7:12:f3:35:ef:63:53: ed:29:35:56:b7:09:a8:5a:f9:fa:7a:db:dc:28:4a: 81:b0:bb:a1:40:e5:3b:8b:25:b8:6b:79:21:0f:13: 6c:3e:3d:b2:49:21:f9:69:f1:18:16:45:0f:ec:c5: fa:1b:09:ae:4c:14:2f:1a:88:ae:47:58:65:1c:65: 9b:d7:4d:6c:d7:c2:47:75:7c:21:61:8a:54:cb:4c: 4d:d9:3a:32:12:a4:f2:1b:09:a3:b2:36:de:dc:fa: 40:5a:ee:2d:61:1a:60:96:73:bc:3c:65:4f:8b:14: a7:6d:bb:4b:c5:ac:9f:46:43:8e:17:32:01:03:02: 1f:77:3d:66:58:37:d7:a6:6b:85:81:41:ad:f1:77: 99:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:89:AE:2F:95:42:47:50:91:0F:C9:1F:E0:A0:FE:66:F4:25:D4:79 X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.129.145.0/24 Signature Algorithm: sha256WithRSAEncryption 14:fa:60:48:0b:ac:99:08:6b:5e:be:f7:14:b0:d3:a8:b9:93: 94:02:94:b2:0c:ad:29:ec:43:59:ed:1f:3c:ab:58:40:3a:7b: ca:34:9f:c0:64:3c:48:89:d2:e7:e5:b4:19:61:d9:b8:3f:25: 26:78:ee:85:04:5a:3e:29:be:5d:e5:98:0a:6b:c8:cd:e6:7f: 16:5b:0b:6d:c2:f9:95:06:83:62:4d:51:cb:9b:0b:39:0f:01: 57:bc:89:b5:30:8b:15:09:f2:9b:18:fd:e7:5d:01:22:b5:16: 40:24:e0:65:0d:3e:00:29:34:d4:1b:70:52:7e:ed:50:5e:ba: 37:bb:de:9b:68:cf:a2:f5:e1:28:8b:8f:a3:fe:44:08:ab:24: 5a:d7:8e:55:3f:26:62:f6:4f:b7:09:04:e0:13:d6:95:07:b5: d3:0f:f3:23:12:41:a4:d6:6d:7d:5a:0e:31:87:4b:c2:f7:dd: 28:b5:3b:a4:d2:b8:fd:71:4f:3f:09:e4:48:4b:ad:8a:bd:42: ad:3b:6f:0f:8c:f2:a8:97:b1:bb:16:06:d3:31:1a:e4:69:2a: c9:2e:4c:a9:88:54:02:cd:43:ef:cb:3a:06:51:ba:9b:2c:8a: 55:ae:76:89:41:c2:a1:95:94:32:9f:9d:bd:43:c9:e5:5e:cd: 67:8a:36:4e -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA4MjIw ODQ0MjFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBFODlBRTJGOTU0MjQ3 NTA5MTBGQzkxRkUwQTBGRTY2RjQyNUQ0NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDg1zJoa+weGOne5KijUFvmum/fMsK2soL9aNhlw75uNhEEu8BO SDU57zdplKnZi/3SvA+dtCRpqotpswi9Y11ZG/yY/ToVAp0YOWCHPB1xEjr6yjAk 9X82jExyZN6YAqHcGakbLABc7HBTvGpk2cyrtxLzNe9jU+0pNVa3Caha+fp629wo SoGwu6FA5TuLJbhreSEPE2w+PbJJIflp8RgWRQ/sxfobCa5MFC8aiK5HWGUcZZvX TWzXwkd1fCFhilTLTE3ZOjISpPIbCaOyNt7c+kBa7i1hGmCWc7w8ZU+LFKdtu0vF rJ9GQ44XMgEDAh93PWZYN9ema4WBQa3xd5lNAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUDomuL5VCR1CRD8kf4KD+ZvQl1HkwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0RvbXVMNVZDUjFDUkQ4a2Y0S0QtWnZR bDFIay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZEwDQYJ KoZIhvcNAQELBQADggEBABT6YEgLrJkIa16+9xSw06i5k5QClLIMrSnsQ1ntHzyr WEA6e8o0n8BkPEiJ0ufltBlh2bg/JSZ47oUEWj4pvl3lmApryM3mfxZbC23C+ZUG g2JNUcubCzkPAVe8ibUwixUJ8psY/eddASK1FkAk4GUNPgApNNQbcFJ+7VBeuje7 3ptoz6L14SiLj6P+RAirJFrXjlU/JmL2T7cJBOAT1pUHtdMP8yMSQaTWbX1aDjGH S8L33Si1O6TSuP1xTz8J5EhLrYq9Qq07bw+M8qiXsbsWBtMxGuRpKskuTKmIVALN Q+/LOgZRupssilWudolBwqGVlDKfnb1DyeVezWeKNk4= -----END CERTIFICATE-----Generated at Tue Sep 9 06:20:20 2025 by rpki-client