$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/lZtoJLL7il8b3uLtneB-F2iOFQM.roa File: lZtoJLL7il8b3uLtneB-F2iOFQM.roa (raw, json) Hash identifier: ZA96A22u+GYSjmNzBTjyWXyzh49kgMDUm/NSa1K1ETA= Subject key identifier: 95:9B:68:24:B2:FB:8A:5F:1B:DE:E2:ED:9D:E0:7E:17:68:8E:15:03 Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB Certificate serial: 0E21 Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/lZtoJLL7il8b3uLtneB-F2iOFQM.roa Signing time: Fri 22 Aug 2025 08:51:57 +0000 ROA not before: Fri 22 Aug 2025 08:51:57 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18046 IP address blocks: 61.65.224.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 06:29:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3617 (0xe21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB Validity Not Before: Aug 22 08:51:57 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=959B6824B2FB8A5F1BDEE2ED9DE07E17688E1503 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:fa:a2:e7:86:5b:54:97:8a:51:7e:a8:0b:40: 04:e2:68:72:43:5a:f7:ba:8b:14:46:a1:07:db:83: 85:fc:23:97:21:15:18:e1:b0:df:c3:65:79:4b:eb: 2e:4f:91:25:75:60:da:97:03:0a:ad:0f:91:62:15: 5b:f7:c4:3a:1b:7f:09:b0:c3:0a:97:38:d8:6d:db: b4:03:42:94:0d:26:b0:a4:e0:13:d3:dd:63:e7:d8: ff:e0:8e:16:e1:96:2d:aa:a0:8a:28:82:d2:f9:f2: 63:c6:14:f6:d0:68:c8:91:3f:1a:6a:56:6f:ba:7b: e0:77:41:b6:02:31:86:a3:b4:25:b7:ae:7a:c9:45: b0:e3:1e:46:44:e7:02:85:92:fa:98:c8:07:a5:54: 61:e4:e8:b6:ef:50:aa:6e:a6:b3:d0:ba:e9:f2:f5: 69:20:5d:ec:23:a1:01:35:e9:6b:e2:aa:6b:a7:f6: d9:48:2c:fc:94:5d:15:2b:2d:65:38:19:00:15:85: ce:f3:46:ab:15:e3:0e:c5:70:5b:98:f1:0e:3d:56: a8:40:58:4b:93:2a:a3:7f:12:c4:13:1f:81:e6:e4: d1:10:a2:ea:01:ee:9e:ac:38:99:87:24:84:33:5a: 16:cc:40:63:f2:78:80:17:a1:26:f8:44:3b:a7:92: 62:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:9B:68:24:B2:FB:8A:5F:1B:DE:E2:ED:9D:E0:7E:17:68:8E:15:03 X509v3 Authority Key Identifier: keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/lZtoJLL7il8b3uLtneB-F2iOFQM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.65.224.0/21 Signature Algorithm: sha256WithRSAEncryption b6:0d:76:a5:4c:28:2a:44:64:8c:27:79:65:a5:9e:cb:ee:7c: ea:64:89:c4:96:84:ad:2e:2c:ac:07:c2:72:27:3d:9a:db:fb: f2:e2:31:b7:7e:8f:3f:6d:b7:a7:3d:a8:a0:93:63:99:77:85: 5b:fe:90:5c:d8:f8:89:4e:02:3c:44:c9:01:1e:2d:ac:c9:13: 1d:0d:4f:42:4d:c8:40:1b:89:6a:f2:ec:0d:d5:a7:72:5b:48: 2d:6c:15:c5:b1:67:57:6a:f2:9f:0f:45:e4:1a:67:61:5e:18: 6b:ce:50:7e:ff:9b:76:fb:01:8f:b3:ea:df:4f:a8:ee:4b:92: be:a6:c4:67:31:08:ed:8c:f4:22:5f:61:c8:81:5d:83:86:ce: 41:60:a2:4b:2a:4f:51:6e:5f:f5:23:11:3f:1d:f1:46:6c:3b: 60:53:97:ad:25:15:1d:8d:d4:11:83:b1:8a:37:53:b8:1b:58: d4:60:a8:b7:b4:9e:58:63:5d:cb:ec:34:02:00:a9:43:af:d7: 36:0d:eb:bd:45:ec:c7:4c:5d:12:fc:85:f5:45:23:ed:de:70: 99:53:5b:f7:b8:2e:9c:82:ff:82:5a:73:bc:c2:c8:61:a6:d2: 25:47:69:a3:ab:a6:fc:92:91:b6:f0:3b:4e:40:b0:6e:4a:3c: 67:a7:75:30 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3 ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNTA4MjIw ODUxNTdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDk1OUI2ODI0QjJGQjhB NUYxQkRFRTJFRDlERTA3RTE3Njg4RTE1MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/+qLnhltUl4pRfqgLQATiaHJDWve6ixRGoQfbg4X8I5chFRjh sN/DZXlL6y5PkSV1YNqXAwqtD5FiFVv3xDobfwmwwwqXONht27QDQpQNJrCk4BPT 3WPn2P/gjhbhli2qoIoogtL58mPGFPbQaMiRPxpqVm+6e+B3QbYCMYajtCW3rnrJ RbDjHkZE5wKFkvqYyAelVGHk6LbvUKpuprPQuuny9WkgXewjoQE16Wviqmun9tlI LPyUXRUrLWU4GQAVhc7zRqsV4w7FcFuY8Q49VqhAWEuTKqN/EsQTH4Hm5NEQouoB 7p6sOJmHJIQzWhbMQGPyeIAXoSb4RDunkmJBAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUlZtoJLL7il8b3uLtneB+F2iOFQMwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9sWnRvSkxMN2lsOGIz dUx0bmVCLUYyaU9GUU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDPUHgMA0GCSqGSIb3DQEBCwUAA4IBAQC2DXalTCgqRGSMJ3llpZ7L7nzqZInE loStLiysB8JyJz2a2/vy4jG3fo8/bbenPaigk2OZd4Vb/pBc2PiJTgI8RMkBHi2s yRMdDU9CTchAG4lq8uwN1adyW0gtbBXFsWdXavKfD0XkGmdhXhhrzlB+/5t2+wGP s+rfT6juS5K+psRnMQjtjPQiX2HIgV2Dhs5BYKJLKk9Rbl/1IxE/HfFGbDtgU5et JRUdjdQRg7GKN1O4G1jUYKi3tJ5YY13L7DQCAKlDr9c2Deu9RezHTF0S/IX1RSPt 3nCZU1v3uC6cgv+CWnO8wshhptIlR2mjq6b8kpG28DtOQLBuSjxnp3Uw -----END CERTIFICATE-----Generated at Wed Nov 5 04:21:57 2025 by rpki-client