$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/3hmGqCK4MfQ8p--8Knz4PLEsf4I.roa File: 3hmGqCK4MfQ8p--8Knz4PLEsf4I.roa (raw, json) Hash identifier: Nr/0iXAvSXdC3uAy1eKOiiSrzdWZjWoevPteFP22oDA= Subject key identifier: DE:19:86:A8:22:B8:31:F4:3C:A7:EF:BC:2A:7C:F8:3C:B1:2C:7F:82 Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 1473 Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/3hmGqCK4MfQ8p--8Knz4PLEsf4I.roa Signing time: Fri 22 Aug 2025 08:51:31 +0000 ROA not before: Fri 22 Aug 2025 08:51:31 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17408 IP address blocks: 203.119.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 10:16:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5235 (0x1473) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Aug 22 08:51:31 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=DE1986A822B831F43CA7EFBC2A7CF83CB12C7F82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0f:f8:b3:8e:68:29:dc:f6:5a:e0:eb:f9:08: 1b:00:94:79:81:57:57:82:6c:ae:d5:41:89:e5:66: 95:cd:d0:9f:88:14:72:09:ff:1e:d3:a3:ff:41:3b: 3b:2d:36:a0:0d:fc:14:03:35:bd:e2:48:5a:c7:88: 47:e6:20:85:42:96:bb:ee:da:1b:50:1c:29:e8:5b: 3a:42:21:58:0a:4b:84:4e:f1:80:75:bb:e3:7c:4b: db:de:fe:80:58:dc:a2:09:7a:be:86:f6:0a:20:4e: 44:cd:bc:e9:9d:20:c8:64:e5:f0:e3:9d:28:d6:ce: ec:45:f1:5a:e0:bc:d0:01:a2:62:47:ef:12:b3:9c: cc:c9:01:0c:f6:97:5d:5e:42:26:4e:a7:77:e6:a0: d6:74:b7:d8:dc:53:af:67:75:55:3e:e9:90:c2:89: 89:08:32:b5:8b:90:25:8b:12:e6:f8:95:8f:d9:ef: fc:d7:f1:25:83:d6:c5:56:b8:0a:2b:3d:fc:01:30: 4f:18:aa:5d:4c:60:3a:39:e3:45:12:e5:ca:96:3c: 29:49:b2:d7:8e:24:41:52:4f:ac:23:7e:dd:ec:24: 97:bf:ac:48:0c:f1:6e:b7:fb:32:1b:2a:81:8f:fb: 1a:f9:cb:e7:bc:58:15:7f:85:c3:46:a4:a0:15:7e: 65:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:19:86:A8:22:B8:31:F4:3C:A7:EF:BC:2A:7C:F8:3C:B1:2C:7F:82 X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/3hmGqCK4MfQ8p--8Knz4PLEsf4I.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.119.3.0/24 Signature Algorithm: sha256WithRSAEncryption 33:d0:4e:f0:5b:d5:9f:c3:28:bd:d6:79:57:c6:2a:28:ec:ac: 79:d0:0c:d8:f1:35:32:94:4e:eb:97:e2:e5:62:23:da:e7:12: cd:58:e5:88:45:85:d1:3f:1e:91:32:2f:5a:3c:cb:4d:69:ab: 4f:60:23:8b:96:8c:f4:1d:1a:56:e0:a6:0b:e2:f0:2f:36:0f: c2:80:31:a7:9b:98:3e:05:6a:0b:bf:f9:91:ab:5c:12:41:7f: ab:c0:8e:32:3a:c9:04:de:00:ee:6c:49:fd:92:3b:57:48:bf: 82:2f:c7:c3:31:55:53:4a:8a:76:47:69:a8:6b:96:fa:fa:71: ea:dd:cb:df:55:6a:46:8c:42:58:d2:15:e3:e0:0a:67:c1:b7: 6b:e8:12:90:a8:a0:fc:00:e1:b1:d0:41:38:e8:9d:df:cb:10: aa:0e:64:db:66:4c:65:a9:9a:17:c8:14:4c:b7:1b:db:5a:26: a8:83:43:0c:d4:7c:d2:3a:71:0d:6b:b2:a2:67:ad:ce:89:33: aa:d6:89:96:a3:e2:96:ff:70:72:49:d9:64:df:01:26:94:ef: 5d:f3:06:b2:49:7f:49:29:e4:f6:d5:a7:28:20:13:c0:ad:8d: c0:07:9d:fd:b6:85:c2:83:e4:ef:ff:83:8a:28:39:cb:67:6d: 4e:f9:4c:36 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICFHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTA4MjIw ODUxMzFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKERFMTk4NkE4MjJCODMx RjQzQ0E3RUZCQzJBN0NGODNDQjEyQzdGODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBD/izjmgp3PZa4Ov5CBsAlHmBV1eCbK7VQYnlZpXN0J+IFHIJ /x7To/9BOzstNqAN/BQDNb3iSFrHiEfmIIVClrvu2htQHCnoWzpCIVgKS4RO8YB1 u+N8S9ve/oBY3KIJer6G9gogTkTNvOmdIMhk5fDjnSjWzuxF8VrgvNABomJH7xKz nMzJAQz2l11eQiZOp3fmoNZ0t9jcU69ndVU+6ZDCiYkIMrWLkCWLEub4lY/Z7/zX 8SWD1sVWuAorPfwBME8Yql1MYDo540US5cqWPClJsteOJEFST6wjft3sJJe/rEgM 8W63+zIbKoGP+xr5y+e8WBV/hcNGpKAVfmURAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU3hmGqCK4MfQ8p++8Knz4PLEsf4IwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy8zaG1HcUNLNE1mUThwLS04S256 NFBMRXNmNEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy3cD MA0GCSqGSIb3DQEBCwUAA4IBAQAz0E7wW9Wfwyi91nlXxioo7Kx50AzY8TUylE7r l+LlYiPa5xLNWOWIRYXRPx6RMi9aPMtNaatPYCOLloz0HRpW4KYL4vAvNg/CgDGn m5g+BWoLv/mRq1wSQX+rwI4yOskE3gDubEn9kjtXSL+CL8fDMVVTSop2R2moa5b6 +nHq3cvfVWpGjEJY0hXj4Apnwbdr6BKQqKD8AOGx0EE46J3fyxCqDmTbZkxlqZoX yBRMtxvbWiaog0MM1HzSOnENa7KiZ63OiTOq1omWo+KW/3BySdlk3wEmlO9d8way SX9JKeT21acoIBPArY3AB539toXCg+Tv/4OKKDnLZ21O+Uw2 -----END CERTIFICATE-----Generated at Sat Sep 6 07:07:21 2025 by rpki-client