$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/r2choGTJGYsSXHS-Xn5Qj76Y4IE.roa File: r2choGTJGYsSXHS-Xn5Qj76Y4IE.roa (raw, json) Hash identifier: kP87ivg8MG8uJed5an9d3lP+8UPSLgD4yKsotvXusBc= Subject key identifier: AF:67:21:A0:64:C9:19:8B:12:5C:74:BE:5E:7E:50:8F:BE:98:E0:81 Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0DC8 Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/r2choGTJGYsSXHS-Xn5Qj76Y4IE.roa Signing time: Fri 22 Aug 2025 08:44:21 +0000 ROA not before: Fri 22 Aug 2025 08:44:21 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 20473 IP address blocks: 2403:7f40:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 10:48:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3528 (0xdc8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Aug 22 08:44:21 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=AF6721A064C9198B125C74BE5E7E508FBE98E081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:13:16:be:0b:dd:1b:2d:8b:41:7c:a6:90:66: 6e:bc:f7:4e:ec:f8:72:a6:0e:d0:d5:24:6b:5a:69: f8:28:42:32:5d:8e:7d:d1:57:e8:e1:5f:16:77:c2: f8:22:e9:65:54:8a:5b:68:84:c5:a7:58:b1:fe:0a: 9a:9c:b6:4f:55:a9:41:65:0f:97:9f:7f:1b:58:8e: cc:48:bd:3d:90:f8:7c:78:27:8a:2c:8c:c6:1a:f3: 33:07:f4:20:19:af:4c:e9:fb:e1:d4:7e:9c:84:ea: 59:dc:b8:bd:b3:f1:7a:7a:ab:e3:f2:d7:55:65:ee: f3:39:c5:f0:c3:1a:c4:c5:20:1d:78:82:07:61:d2: c0:80:d2:ca:0c:55:28:26:ef:cb:2a:ab:ea:be:1d: 8b:24:56:52:0d:47:b9:54:c9:c9:fb:fd:c3:19:5d: b5:2b:99:3a:80:2c:c1:4c:27:2d:ef:67:cd:94:06: a2:47:48:ba:7a:e2:40:a9:be:eb:90:61:7d:a1:92: 3d:b9:42:e0:9e:9f:16:c5:d0:fd:d9:2b:09:4e:c0: f6:1a:40:6b:c6:4a:12:be:2a:cd:81:fc:8e:34:06: 00:77:01:60:8a:ba:07:7a:8f:91:8b:a7:41:98:d8: 58:fc:14:55:5d:45:d6:3c:2c:86:a4:74:f5:53:20: 3c:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:67:21:A0:64:C9:19:8B:12:5C:74:BE:5E:7E:50:8F:BE:98:E0:81 X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/r2choGTJGYsSXHS-Xn5Qj76Y4IE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:7f40:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 8e:18:8e:a5:55:27:a4:2d:8a:2b:44:5e:7d:fe:2d:91:c9:75: 00:5c:ae:7a:66:f1:c7:9b:56:37:6b:7a:06:a1:d9:84:91:f5: 35:1a:64:d6:5a:fa:05:6a:0e:bc:15:76:2b:a9:c0:93:d2:6e: 1f:c1:e6:5c:3d:93:72:7e:35:ea:4c:41:c0:9e:2f:59:f8:35: 5e:8b:11:7f:bf:28:52:a8:e3:85:11:21:53:74:78:26:1d:57: 8c:a2:5a:79:5f:87:82:4d:f5:56:f1:0d:5a:d7:22:c6:5e:8c: 71:85:2f:7e:b0:40:2f:24:5e:2a:af:cb:52:32:f1:2c:02:04: a8:95:d3:9e:04:d7:eb:3f:78:43:9d:19:44:ed:64:b2:7a:a5: c6:87:48:9d:27:74:e8:45:e3:14:93:7c:55:34:4c:73:3d:98: 3d:af:93:5d:5a:85:84:78:ea:ef:82:ac:09:7a:2c:a2:4f:a2: 28:9e:a7:ef:a3:4e:bc:68:e6:1c:41:8c:bd:11:1e:3d:72:36: 69:b4:f6:3e:e6:75:b2:7a:cc:c0:80:7f:0c:a3:4b:72:ad:dd: b7:06:e9:c2:f9:d6:c0:15:9e:7b:b2:ed:db:07:5a:b8:23:2f: 41:17:fe:8a:87:09:85:0d:57:b6:0b:b8:44:45:5d:a0:c9:af: ed:5a:b2:fe -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA4MjIw ODQ0MjFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEFGNjcyMUEwNjRDOTE5 OEIxMjVDNzRCRTVFN0U1MDhGQkU5OEUwODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPExa+C90bLYtBfKaQZm68907s+HKmDtDVJGtaafgoQjJdjn3R V+jhXxZ3wvgi6WVUiltohMWnWLH+Cpqctk9VqUFlD5effxtYjsxIvT2Q+Hx4J4os jMYa8zMH9CAZr0zp++HUfpyE6lncuL2z8Xp6q+Py11Vl7vM5xfDDGsTFIB14ggdh 0sCA0soMVSgm78sqq+q+HYskVlINR7lUycn7/cMZXbUrmTqALMFMJy3vZ82UBqJH SLp64kCpvuuQYX2hkj25QuCenxbF0P3ZKwlOwPYaQGvGShK+Ks2B/I40BgB3AWCK ugd6j5GLp0GY2Fj8FFVdRdY8LIakdPVTIDydAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUr2choGTJGYsSXHS+Xn5Qj76Y4IEwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL3IyY2hvR1RKR1lzU1hIUy1YbjVRajc2 WTRJRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A/wAw DQYJKoZIhvcNAQELBQADggEBAI4YjqVVJ6QtiitEXn3+LZHJdQBcrnpm8cebVjdr egah2YSR9TUaZNZa+gVqDrwVdiupwJPSbh/B5lw9k3J+NepMQcCeL1n4NV6LEX+/ KFKo44URIVN0eCYdV4yiWnlfh4JN9VbxDVrXIsZejHGFL36wQC8kXiqvy1Iy8SwC BKiV054E1+s/eEOdGUTtZLJ6pcaHSJ0ndOhF4xSTfFU0THM9mD2vk11ahYR46u+C rAl6LKJPoiiep++jTrxo5hxBjL0RHj1yNmm09j7mdbJ6zMCAfwyjS3Kt3bcG6cL5 1sAVnnuy7dsHWrgjL0EX/oqHCYUNV7YLuERFXaDJr+1asv4= -----END CERTIFICATE-----Generated at Tue Sep 9 06:20:19 2025 by rpki-client