$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/SbMnpJykKnyhfqRzZl_0BM-hFZs.roa File: SbMnpJykKnyhfqRzZl_0BM-hFZs.roa (raw, json) Hash identifier: 7rwtW35hihjLl/meUt1h7x94RGg2ejnRblaYIEqj3Ws= Subject key identifier: 49:B3:27:A4:9C:A4:2A:7C:A1:7E:A4:73:66:5F:F4:04:CF:A1:15:9B Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 1470 Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/SbMnpJykKnyhfqRzZl_0BM-hFZs.roa Signing time: Fri 22 Aug 2025 08:51:31 +0000 ROA not before: Fri 22 Aug 2025 08:51:31 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131621 IP address blocks: 2001:de4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 05:46:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5232 (0x1470) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Aug 22 08:51:31 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=49B327A49CA42A7CA17EA473665FF404CFA1159B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ff:c9:d7:17:b5:40:d8:99:03:12:e7:5d:90: 7c:87:87:0b:17:e5:69:c9:39:7c:89:cf:dc:cf:1a: 99:42:25:d1:ed:2c:f6:c0:d8:6a:95:b1:b0:9f:1f: a8:46:ca:97:74:73:81:61:58:27:9f:ac:e6:a6:bb: e7:f6:71:ab:9c:99:bc:72:cb:69:60:b8:a1:ee:d1: 65:39:0a:8a:bd:2f:c0:fb:57:87:8c:0b:f5:8c:54: d4:64:b0:9b:56:3f:a0:29:5e:ef:07:76:86:d9:66: 45:fc:ad:a5:07:d4:4d:97:86:e9:df:74:f5:30:60: 18:2f:a9:2c:3c:a9:4b:c6:89:7c:1a:4d:f7:59:02: ff:0d:16:9f:28:e2:c7:22:17:4b:49:f2:bf:6f:56: 5d:53:6a:4b:56:ea:9d:5b:2e:59:1c:88:dc:69:c3: 04:28:c3:67:4e:70:e7:49:38:c3:d8:35:08:37:a3: ed:95:35:ec:04:f5:95:d4:c8:84:1c:69:2c:b0:06: cb:54:ae:7c:1c:64:cf:0f:69:21:11:7c:5d:24:a8: d1:f9:99:c8:8b:0a:72:be:ad:a1:0d:4e:4f:d2:ec: e6:fc:84:86:d1:80:56:f2:0f:8a:fd:60:eb:20:93: 1b:e3:ab:58:97:79:d7:44:23:d7:cd:29:3d:1e:c1: 12:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:B3:27:A4:9C:A4:2A:7C:A1:7E:A4:73:66:5F:F4:04:CF:A1:15:9B X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/SbMnpJykKnyhfqRzZl_0BM-hFZs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:de4::/48 Signature Algorithm: sha256WithRSAEncryption 1c:01:e4:35:08:57:6f:e5:b1:da:0a:42:17:33:c3:5f:2e:e4: 97:fa:d3:fc:a0:bb:0d:37:69:ac:f7:2f:f2:30:02:bd:2d:cc: 0a:5f:33:30:d4:49:97:9e:f7:d3:33:aa:ea:ab:8e:ed:fd:f7: 29:0a:f5:61:67:81:49:79:92:25:13:99:4e:57:2b:fc:1a:0d: d6:72:28:34:07:72:f6:51:64:6e:00:79:1e:f6:a9:56:ce:78: 37:0f:72:f4:d5:ec:53:16:b7:95:0b:78:b4:81:7a:04:43:2d: bb:6e:99:06:db:3b:fe:01:ac:cf:ea:bb:93:ef:27:25:3c:b8: 3a:bf:d6:7f:58:c5:ae:e0:3e:51:4f:ae:49:23:33:db:7e:c7: 47:b2:e0:04:3d:a0:c6:18:be:0b:34:0e:00:04:db:8f:c4:af: 0f:c9:9b:e9:97:9e:a4:a7:50:fb:c3:aa:f7:23:f0:6e:f4:49: 98:eb:ba:90:95:0c:a6:ea:a9:39:3d:1a:8a:8b:95:78:2c:10: b2:6d:48:66:77:48:d3:57:79:10:04:b0:f1:9a:da:bc:7d:b1: 3c:ec:83:08:d0:84:6d:1b:2e:0f:87:60:97:87:7b:67:33:18: 7d:cc:ce:a4:4e:0b:94:1d:df:97:d2:c1:26:ff:96:ed:85:35: 4f:0f:1e:3b -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICFHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTA4MjIw ODUxMzFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQ5QjMyN0E0OUNBNDJB N0NBMTdFQTQ3MzY2NUZGNDA0Q0ZBMTE1OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCy/8nXF7VA2JkDEuddkHyHhwsX5WnJOXyJz9zPGplCJdHtLPbA 2GqVsbCfH6hGypd0c4FhWCefrOamu+f2caucmbxyy2lguKHu0WU5Coq9L8D7V4eM C/WMVNRksJtWP6ApXu8HdobZZkX8raUH1E2XhunfdPUwYBgvqSw8qUvGiXwaTfdZ Av8NFp8o4sciF0tJ8r9vVl1TaktW6p1bLlkciNxpwwQow2dOcOdJOMPYNQg3o+2V NewE9ZXUyIQcaSywBstUrnwcZM8PaSERfF0kqNH5mciLCnK+raENTk/S7Ob8hIbR gFbyD4r9YOsgkxvjq1iXeddEI9fNKT0ewRLlAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUSbMnpJykKnyhfqRzZl/0BM+hFZswHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9TYk1ucEp5a0tueWhmcVJ6Wmxf MEJNLWhGWnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 5AAAMA0GCSqGSIb3DQEBCwUAA4IBAQAcAeQ1CFdv5bHaCkIXM8NfLuSX+tP8oLsN N2ms9y/yMAK9LcwKXzMw1EmXnvfTM6rqq47t/fcpCvVhZ4FJeZIlE5lOVyv8Gg3W cig0B3L2UWRuAHke9qlWzng3D3L01exTFreVC3i0gXoEQy27bpkG2zv+AazP6ruT 7yclPLg6v9Z/WMWu4D5RT65JIzPbfsdHsuAEPaDGGL4LNA4ABNuPxK8PyZvpl56k p1D7w6r3I/Bu9EmY67qQlQym6qk5PRqKi5V4LBCybUhmd0jTV3kQBLDxmtq8fbE8 7IMI0IRtGy4Ph2CXh3tnMxh9zM6kTguUHd+X0sEm/5bthTVPDx47 -----END CERTIFICATE-----Generated at Sat Sep 6 01:19:42 2025 by rpki-client