$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Dx2ApvEhn7PxJ8IY8VenEsVr7YI.roa File: Dx2ApvEhn7PxJ8IY8VenEsVr7YI.roa (raw, json) Hash identifier: 3g2bJet15OC8Qg5HZXjqPHP6jDy1Kz4czkgcw+OAwUE= Subject key identifier: 0F:1D:80:A6:F1:21:9F:B3:F1:27:C2:18:F1:57:A7:12:C5:6B:ED:82 Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 1481 Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Dx2ApvEhn7PxJ8IY8VenEsVr7YI.roa Signing time: Thu 28 Aug 2025 08:18:12 +0000 ROA not before: Thu 28 Aug 2025 08:18:12 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131644 IP address blocks: 203.55.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 10:16:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5249 (0x1481) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Aug 28 08:18:12 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0F1D80A6F1219FB3F127C218F157A712C56BED82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:99:92:30:17:32:53:8b:99:89:50:5e:40:59: b5:10:d8:91:ec:d5:a9:62:d3:5c:d6:96:3f:89:3f: 6c:c0:0a:30:26:85:8f:07:3a:1e:9d:a7:94:8f:c7: 0a:57:50:ba:61:39:89:31:84:cd:3d:ef:73:88:c4: a1:d2:7b:8b:ce:5c:6d:bf:48:17:99:ee:f4:10:29: ea:ab:98:c6:89:fd:51:0b:27:cd:cc:51:27:f7:c4: 41:21:50:56:ca:69:58:65:88:51:27:eb:27:5c:a3: be:a4:43:0d:1b:da:fd:0a:e1:29:31:ab:d2:9d:2e: fb:89:54:b7:fe:82:2d:75:cd:60:7e:fb:da:5e:0c: ef:1c:56:1a:f5:3a:63:60:14:e0:bd:8f:50:6e:1c: 1c:56:9f:14:a8:8a:06:79:16:94:2e:36:43:b8:82: 5d:1b:38:da:3e:a1:f4:1d:26:c1:47:cc:31:d7:6b: 33:81:7c:37:b4:ee:a9:e3:43:b3:ff:9c:91:e0:16: ef:46:7a:3c:fa:92:f4:f5:d1:bb:db:a0:0a:57:44: d7:9d:a4:41:3c:7c:c0:1c:af:b3:98:f1:35:43:22: fb:65:87:c1:df:ce:50:05:7e:37:76:8d:dd:ad:0c: 08:8b:47:8e:71:61:47:94:df:65:cc:c4:d6:b7:e5: ec:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:1D:80:A6:F1:21:9F:B3:F1:27:C2:18:F1:57:A7:12:C5:6B:ED:82 X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Dx2ApvEhn7PxJ8IY8VenEsVr7YI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.55.118.0/24 Signature Algorithm: sha256WithRSAEncryption 98:16:94:07:08:b1:5f:97:97:da:5c:99:a0:e4:a8:40:d1:f3: 28:7f:74:df:ac:08:fb:f7:dd:92:87:29:51:28:7e:6a:5e:bc: ac:bf:b3:10:0f:ca:55:d7:b3:ea:cc:55:db:3b:c4:a8:87:70: 5b:a7:6c:ae:14:5e:eb:e6:9c:bb:4a:48:d4:16:a3:8e:81:5b: a4:5f:53:03:be:e2:92:fc:88:52:6f:c7:e3:86:e2:52:49:33: 8b:f2:10:b8:35:b4:95:5d:36:ea:3e:3c:d0:90:86:05:c7:0e: 4e:20:3d:2a:45:33:31:07:3d:e1:80:b7:5b:32:b8:3a:c1:16: c6:3a:5f:e6:11:d9:b4:40:d7:94:01:df:38:9b:92:8b:eb:df: 64:ac:e5:ed:f4:2b:c3:d9:f3:85:74:a3:9f:0b:7a:42:b9:17: fb:68:70:ec:92:7f:0f:cc:77:96:59:10:7d:9b:89:ea:16:bf: 33:74:a3:f0:f3:a2:52:f3:43:60:47:c4:31:27:39:67:3c:92: 4e:fe:70:83:a8:b5:20:1f:8a:85:83:59:4e:45:dd:93:6f:e7: 75:62:7b:85:7e:88:3e:ad:b2:be:5e:0a:4a:77:1b:8b:18:92: 80:0a:1c:6f:ec:3f:e3:95:fc:41:fd:29:ae:f8:ee:49:ca:6e: fa:58:22:35 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICFIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTA4Mjgw ODE4MTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBGMUQ4MEE2RjEyMTlG QjNGMTI3QzIxOEYxNTdBNzEyQzU2QkVEODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVmZIwFzJTi5mJUF5AWbUQ2JHs1ali01zWlj+JP2zACjAmhY8H Oh6dp5SPxwpXULphOYkxhM0973OIxKHSe4vOXG2/SBeZ7vQQKeqrmMaJ/VELJ83M USf3xEEhUFbKaVhliFEn6ydco76kQw0b2v0K4Skxq9KdLvuJVLf+gi11zWB++9pe DO8cVhr1OmNgFOC9j1BuHBxWnxSoigZ5FpQuNkO4gl0bONo+ofQdJsFHzDHXazOB fDe07qnjQ7P/nJHgFu9Gejz6kvT10bvboApXRNedpEE8fMAcr7OY8TVDIvtlh8Hf zlAFfjd2jd2tDAiLR45xYUeU32XMxNa35ezPAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUDx2ApvEhn7PxJ8IY8VenEsVr7YIwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9EeDJBcHZFaG43UHhKOElZOFZl bkVzVnI3WUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyzd2 MA0GCSqGSIb3DQEBCwUAA4IBAQCYFpQHCLFfl5faXJmg5KhA0fMof3TfrAj7992S hylRKH5qXrysv7MQD8pV17PqzFXbO8Soh3Bbp2yuFF7r5py7SkjUFqOOgVukX1MD vuKS/IhSb8fjhuJSSTOL8hC4NbSVXTbqPjzQkIYFxw5OID0qRTMxBz3hgLdbMrg6 wRbGOl/mEdm0QNeUAd84m5KL699krOXt9CvD2fOFdKOfC3pCuRf7aHDskn8PzHeW WRB9m4nqFr8zdKPw86JS80NgR8QxJzlnPJJO/nCDqLUgH4qFg1lORd2Tb+d1YnuF fog+rbK+XgpKdxuLGJKAChxv7D/jlfxB/Smu+O5Jym76WCI1 -----END CERTIFICATE-----Generated at Sat Sep 6 07:07:27 2025 by rpki-client