$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/0zogZRQP8U2atg1foUS50xWPBLg.roa File: 0zogZRQP8U2atg1foUS50xWPBLg.roa (raw, json) Hash identifier: m2OZKKqpq1PVYDCUURh47o2rodeyDsbMetUb6ak2+Is= Subject key identifier: D3:3A:20:65:14:0F:F1:4D:9A:B6:0D:5F:A1:44:B9:D3:15:8F:04:B8 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 13EF Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/0zogZRQP8U2atg1foUS50xWPBLg.roa Signing time: Fri 22 Aug 2025 08:57:24 +0000 ROA not before: Fri 22 Aug 2025 08:57:24 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131627 IP address blocks: 150.117.160.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 20:59:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5103 (0x13ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:24 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D33A2065140FF14D9AB60D5FA144B9D3158F04B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:7b:c5:7b:99:6d:0d:be:14:08:45:2d:2d:ba: ee:df:3d:8a:c9:d2:23:7c:ad:f3:a3:6f:da:8e:2a: 4c:d6:f3:ed:18:ed:84:fe:44:68:f3:f0:18:4f:07: ed:5d:3a:5a:d8:65:67:12:2b:16:43:c8:cf:cb:b8: a1:f4:4e:7f:a4:d4:0d:95:d9:26:b3:48:08:65:b5: b7:15:de:1e:b5:21:f0:61:9d:24:f7:99:d9:64:a5: 63:e2:51:09:05:a1:71:1b:d6:68:43:c4:1d:fc:91: c2:53:c4:00:ef:3c:9a:9c:d2:f7:90:b7:c1:3c:01: 02:08:73:5d:6d:54:e7:9d:f0:f4:17:db:1e:96:bb: f9:1c:5d:15:cc:3b:7c:30:4e:3d:54:fa:c9:44:53: fb:05:7b:66:dd:e1:c9:6e:b6:fe:45:3f:48:2d:be: c0:8c:6b:8d:02:f1:dc:14:dd:5c:79:41:14:2e:5b: d0:0d:9d:bb:80:ad:13:51:2c:dc:74:ae:7f:97:fc: bb:73:7a:50:09:cd:84:b7:4e:e1:cb:7a:72:2c:f8: 8a:1a:7c:38:6d:5b:51:5d:dc:de:4e:86:e3:dd:fc: 6d:25:d8:aa:df:4f:88:1a:ca:5b:a1:07:e5:55:71: 24:ed:b3:32:d3:1b:22:3d:e0:0c:23:b5:ed:07:e6: a1:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:3A:20:65:14:0F:F1:4D:9A:B6:0D:5F:A1:44:B9:D3:15:8F:04:B8 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/0zogZRQP8U2atg1foUS50xWPBLg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.160.0/21 Signature Algorithm: sha256WithRSAEncryption 09:bf:41:92:01:77:7c:b4:7c:6a:6d:3f:50:b8:dc:51:65:c4: 44:88:35:db:5d:08:0a:9d:a1:6a:e3:85:14:ef:38:6f:55:94: 00:2e:a1:b1:c5:a3:a7:dc:9d:35:20:7d:8f:8a:04:88:16:b1: ae:24:e4:2d:bd:94:a6:bc:8a:71:3e:a4:da:17:14:5a:fa:76: 4d:43:95:c3:08:54:cd:b5:5e:a9:e3:ff:a4:bd:ca:ab:d9:ab: 69:b6:80:33:97:81:cc:0f:00:19:3f:0b:ee:6c:03:99:ec:31: 40:48:e3:fa:19:d0:d2:db:fe:ab:88:c0:77:f0:b0:c3:dd:7b: 7b:ff:0c:ae:95:83:f4:f3:11:ab:27:b4:a7:12:05:9f:e4:99: a6:de:d6:b2:be:34:78:bd:96:87:f1:c4:87:16:d3:d2:88:32: ba:84:b4:4e:24:64:21:57:7d:f6:78:b7:20:96:d8:51:e7:2e: d0:0e:8c:a7:62:6a:3b:84:7c:9e:42:ff:c3:75:a2:ab:1e:d7: 01:66:61:96:3c:08:40:b6:a8:1f:a4:e3:54:d1:62:13:b0:2b: a4:10:2d:a8:17:bc:52:99:2f:a2:ab:db:13:bf:79:6f:c3:f8: 34:bf:58:0a:56:cb:74:3b:8e:4f:88:ef:24:80:a4:90:70:cb: 82:c1:db:a4 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICE+8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MjRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQzM0EyMDY1MTQwRkYx NEQ5QUI2MEQ1RkExNDRCOUQzMTU4RjA0QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCue8V7mW0NvhQIRS0tuu7fPYrJ0iN8rfOjb9qOKkzW8+0Y7YT+ RGjz8BhPB+1dOlrYZWcSKxZDyM/LuKH0Tn+k1A2V2SazSAhltbcV3h61IfBhnST3 mdlkpWPiUQkFoXEb1mhDxB38kcJTxADvPJqc0veQt8E8AQIIc11tVOed8PQX2x6W u/kcXRXMO3wwTj1U+slEU/sFe2bd4clutv5FP0gtvsCMa40C8dwU3Vx5QRQuW9AN nbuArRNRLNx0rn+X/LtzelAJzYS3TuHLenIs+IoafDhtW1Fd3N5OhuPd/G0l2Krf T4gayluhB+VVcSTtszLTGyI94Awjte0H5qGFAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU0zogZRQP8U2atg1foUS50xWPBLgwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8wem9nWlJRUDhVMmF0 ZzFmb1VTNTB4V1BCTGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnWgMA0GCSqGSIb3DQEBCwUAA4IBAQAJv0GSAXd8tHxqbT9QuNxRZcREiDXb XQgKnaFq44UU7zhvVZQALqGxxaOn3J01IH2PigSIFrGuJOQtvZSmvIpxPqTaFxRa +nZNQ5XDCFTNtV6p4/+kvcqr2atptoAzl4HMDwAZPwvubAOZ7DFASOP6GdDS2/6r iMB38LDD3Xt7/wyulYP08xGrJ7SnEgWf5Jmm3tayvjR4vZaH8cSHFtPSiDK6hLRO JGQhV332eLcglthR5y7QDoynYmo7hHyeQv/DdaKrHtcBZmGWPAhAtqgfpONU0WIT sCukEC2oF7xSmS+iq9sTv3lvw/g0v1gKVst0O45PiO8kgKSQcMuCwduk -----END CERTIFICATE-----Generated at Wed Nov 5 18:47:10 2025 by rpki-client