$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/u4dKuQuOuXCJ1JiZDyraNnIdwzk.roa File: u4dKuQuOuXCJ1JiZDyraNnIdwzk.roa (raw, json) Hash identifier: bMVPI+hAsVVDL1nnMmFvub+MJ167V1XqFgAqTfgr6x4= Subject key identifier: BB:87:4A:B9:0B:8E:B9:70:89:D4:98:99:0F:2A:DA:36:72:1D:C3:39 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 141C Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/u4dKuQuOuXCJ1JiZDyraNnIdwzk.roa Signing time: Fri 22 Aug 2025 08:57:34 +0000 ROA not before: Fri 22 Aug 2025 08:57:34 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131600 IP address blocks: 223.26.68.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5148 (0x141c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:34 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=BB874AB90B8EB97089D498990F2ADA36721DC339 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a8:0c:dc:2c:6b:77:a5:15:37:2e:63:fa:04: 89:d0:e6:c3:3c:0e:02:8e:c6:8f:47:3b:59:d1:bb: 08:0f:ca:33:d3:99:07:74:6b:27:80:98:bd:b0:a0: e9:34:7d:1d:63:02:71:18:e0:e1:46:84:3c:dd:e5: da:49:0b:66:fe:9a:ee:92:00:b7:eb:01:1d:4a:ba: 56:7a:c9:89:3f:13:2e:29:2d:ba:8f:a7:5b:86:ec: a4:60:27:88:94:03:f1:4d:61:6f:b2:d5:ae:74:6f: 89:a2:b2:e0:3c:e7:1d:63:d8:55:bd:6b:44:5a:b7: e1:2e:15:cd:0d:ba:38:ff:5b:08:af:e6:6e:8a:b7: d0:b0:68:30:17:a0:b2:22:3c:a9:01:a4:ac:1d:73: 7b:cf:a7:8f:a0:5a:89:73:3b:00:92:37:81:7f:73: e9:36:07:94:15:20:84:a5:64:0f:3b:42:0b:68:bb: b8:16:35:61:71:77:61:56:76:f1:ec:56:08:74:b9: 70:a3:61:d5:4a:a0:0b:23:9c:66:a6:9a:fa:21:ba: d4:ae:a6:92:1a:1d:ea:31:95:50:ee:d1:5b:ea:30: 26:ed:7d:5c:84:cf:8a:28:a2:65:1a:7e:cb:e9:84: 85:68:30:99:7a:32:d2:12:54:b1:9f:6b:f9:6a:35: 3d:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:87:4A:B9:0B:8E:B9:70:89:D4:98:99:0F:2A:DA:36:72:1D:C3:39 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/u4dKuQuOuXCJ1JiZDyraNnIdwzk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.26.68.0/24 Signature Algorithm: sha256WithRSAEncryption 68:9f:d1:40:3a:45:53:ef:5d:27:79:bf:25:36:eb:68:ac:65: 93:25:76:a3:3f:ff:af:43:9c:18:5e:e1:7e:5b:fd:ab:dc:9b: 8c:8e:db:50:d0:55:2e:aa:00:b3:d7:fa:79:32:88:b8:50:9b: 8e:cf:59:4c:2b:8f:2e:03:df:1d:df:55:e0:70:49:cb:c9:a1: 52:a5:c5:33:5f:c1:cf:e5:03:d5:60:21:cc:0b:51:29:ff:c5: 1c:eb:f9:47:00:75:55:a2:c8:fa:6e:00:4e:88:df:e2:0b:7e: b9:f2:9c:6b:62:5a:fc:ff:08:b2:db:23:d9:ce:76:76:af:ce: 2a:8e:15:c2:f5:e4:5b:d4:d2:6b:ea:c5:17:22:b4:07:b8:d1: e0:5e:e3:0e:9e:07:c9:47:aa:78:f3:20:40:81:69:0b:4b:a4: a7:bd:20:71:0a:98:f6:f3:f9:ea:c0:3e:62:ac:fa:da:73:93: 63:05:04:a4:a0:c6:76:66:31:49:10:38:e6:23:be:ef:8a:ee: 3a:73:c4:90:bc:7f:42:f7:e5:b9:c8:9b:93:19:03:a2:28:f5: dc:62:11:18:19:90:13:75:5d:3a:e0:dd:e9:ca:1e:b1:d1:1e: c5:a1:05:00:c9:96:f7:04:04:01:5c:6a:eb:79:f5:b7:88:1b: 85:4f:4d:39 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MzRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEJCODc0QUI5MEI4RUI5 NzA4OUQ0OTg5OTBGMkFEQTM2NzIxREMzMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyqAzcLGt3pRU3LmP6BInQ5sM8DgKOxo9HO1nRuwgPyjPTmQd0 ayeAmL2woOk0fR1jAnEY4OFGhDzd5dpJC2b+mu6SALfrAR1KulZ6yYk/Ey4pLbqP p1uG7KRgJ4iUA/FNYW+y1a50b4misuA85x1j2FW9a0Rat+EuFc0Nujj/Wwiv5m6K t9CwaDAXoLIiPKkBpKwdc3vPp4+gWolzOwCSN4F/c+k2B5QVIISlZA87Qgtou7gW NWFxd2FWdvHsVgh0uXCjYdVKoAsjnGammvohutSuppIaHeoxlVDu0VvqMCbtfVyE z4ooomUafsvphIVoMJl6MtISVLGfa/lqNT0bAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUu4dKuQuOuXCJ1JiZDyraNnIdwzkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy91NGRLdVF1T3VYQ0ox SmlaRHlyYU5uSWR3emsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQA3xpEMA0GCSqGSIb3DQEBCwUAA4IBAQBon9FAOkVT710neb8lNutorGWTJXaj P/+vQ5wYXuF+W/2r3JuMjttQ0FUuqgCz1/p5Moi4UJuOz1lMK48uA98d31XgcEnL yaFSpcUzX8HP5QPVYCHMC1Ep/8Uc6/lHAHVVosj6bgBOiN/iC3658pxrYlr8/wiy 2yPZznZ2r84qjhXC9eRb1NJr6sUXIrQHuNHgXuMOngfJR6p48yBAgWkLS6SnvSBx Cpj28/nqwD5irPrac5NjBQSkoMZ2ZjFJEDjmI77viu46c8SQvH9C9+W5yJuTGQOi KPXcYhEYGZATdV064N3pyh6x0R7FoQUAyZb3BAQBXGrrefW3iBuFT005 -----END CERTIFICATE-----Generated at Wed Nov 5 20:45:06 2025 by rpki-client