$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/0404AOLTLcbG44N-0gcyjL6IIEA.roa File: 0404AOLTLcbG44N-0gcyjL6IIEA.roa (raw, json) Hash identifier: XieoL/4ZxB8ioZnY3w4qqe9kfwmXU3RasohBJcbGNI4= Subject key identifier: D3:8D:38:00:E2:D3:2D:C6:C6:E3:83:7E:D2:07:32:8C:BE:88:20:40 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 13B2 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/0404AOLTLcbG44N-0gcyjL6IIEA.roa Signing time: Fri 22 Aug 2025 08:59:37 +0000 ROA not before: Fri 22 Aug 2025 08:59:37 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9922 IP address blocks: 124.218.168.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 20:59:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5042 (0x13b2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:37 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D38D3800E2D32DC6C6E3837ED207328CBE882040 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:e4:77:38:47:fe:51:64:5e:bf:d9:2e:41:6d: d4:9f:dd:86:bf:ee:8a:b5:af:95:13:86:26:b7:c8: 99:3c:ca:96:cf:51:81:a3:a9:00:58:4f:d0:8b:b4: 1d:8b:3a:4f:22:e1:e7:93:ec:c3:d8:46:b4:43:c7: 00:94:8d:34:75:ac:f6:6b:32:db:85:6f:4b:33:4d: 78:e1:77:e6:22:54:30:91:8e:13:79:2d:22:95:79: 1c:41:75:ef:7b:dd:2a:c8:20:40:55:7a:ac:d6:b6: ba:a0:59:ba:82:4c:c9:35:ac:88:90:03:bb:2a:e5: e6:d1:18:7d:99:44:80:47:08:57:33:f6:bb:84:1e: 1e:a1:56:41:2c:40:a4:8c:56:19:60:df:0a:31:ac: f8:8f:e7:72:6a:9d:92:2c:fb:ea:a5:08:0f:99:04: ed:d0:13:80:61:a7:ac:3f:bb:8c:0e:3d:90:b7:ed: 63:e9:a6:dd:8a:d5:d2:1a:b2:37:5c:8f:26:13:bd: 69:e2:c7:0c:8e:19:54:cb:96:f2:76:28:c3:02:dd: 7a:54:12:b2:20:99:d3:aa:82:e0:0e:6b:66:f1:8b: b3:bf:de:0b:b6:78:94:72:6e:10:34:7c:65:df:53: 7a:02:bc:56:67:ed:a8:f5:ce:3a:7c:e6:dd:ec:69: f6:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:8D:38:00:E2:D3:2D:C6:C6:E3:83:7E:D2:07:32:8C:BE:88:20:40 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/0404AOLTLcbG44N-0gcyjL6IIEA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.168.0/22 Signature Algorithm: sha256WithRSAEncryption 30:df:ff:fd:1e:06:4b:99:86:55:74:7c:3a:18:cc:63:25:c0: 26:61:ef:10:6e:69:16:53:84:ef:9c:89:ef:fa:f9:a2:48:42: 06:55:aa:bd:14:13:ed:a9:ea:2c:f9:7a:d0:8e:83:80:b9:a5: 1e:6c:41:6d:e2:1c:ce:3d:91:c7:15:07:e4:ac:f0:9d:89:e5: 26:ab:11:39:ef:c1:b5:37:a3:1e:c8:cc:57:d3:8f:c2:04:ff: 63:a9:ec:d5:80:e8:3d:33:91:b4:18:8a:72:1b:27:41:ac:c9: 94:aa:94:d0:73:bf:b0:63:b2:26:ad:69:de:cb:e1:99:f9:2d: 2b:c6:c0:b3:94:c8:f2:46:7e:47:76:49:65:1f:53:72:0d:d9: 87:21:4b:26:5f:35:7f:b8:b2:4c:fd:52:4c:32:7e:8f:c7:62: d8:ec:c2:d1:58:67:86:a9:37:ec:e8:a2:5d:a7:b8:34:bd:0e: d9:ec:73:49:4a:8b:8f:c2:73:2f:11:9a:f9:26:47:fa:a2:3a: b4:ec:40:c3:6d:65:76:06:64:c2:08:36:f9:68:c0:94:a0:b7: 4b:cf:27:8b:7e:d1:50:0f:6a:83:2e:60:6f:25:93:9d:99:3d: 25:02:6d:0f:a6:31:1d:b4:89:8b:fa:3e:47:76:cb:17:e8:a4: ac:71:9d:20 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICE7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5MzdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQzOEQzODAwRTJEMzJE QzZDNkUzODM3RUQyMDczMjhDQkU4ODIwNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDc5Hc4R/5RZF6/2S5BbdSf3Ya/7oq1r5UThia3yJk8ypbPUYGj qQBYT9CLtB2LOk8i4eeT7MPYRrRDxwCUjTR1rPZrMtuFb0szTXjhd+YiVDCRjhN5 LSKVeRxBde973SrIIEBVeqzWtrqgWbqCTMk1rIiQA7sq5ebRGH2ZRIBHCFcz9ruE Hh6hVkEsQKSMVhlg3woxrPiP53JqnZIs++qlCA+ZBO3QE4Bhp6w/u4wOPZC37WPp pt2K1dIasjdcjyYTvWnixwyOGVTLlvJ2KMMC3XpUErIgmdOqguAOa2bxi7O/3gu2 eJRybhA0fGXfU3oCvFZn7aj1zjp85t3safZ3AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU0404AOLTLcbG44N+0gcyjL6IIEAwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzA0MDRBT0xUTGNiRzQ0Ti0wZ2N5akw2 SUlFQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82qgwDQYJ KoZIhvcNAQELBQADggEBADDf//0eBkuZhlV0fDoYzGMlwCZh7xBuaRZThO+cie/6 +aJIQgZVqr0UE+2p6iz5etCOg4C5pR5sQW3iHM49kccVB+Ss8J2J5SarETnvwbU3 ox7IzFfTj8IE/2Op7NWA6D0zkbQYinIbJ0GsyZSqlNBzv7Bjsiatad7L4Zn5LSvG wLOUyPJGfkd2SWUfU3IN2YchSyZfNX+4skz9Ukwyfo/HYtjswtFYZ4apN+zool2n uDS9Dtnsc0lKi4/Ccy8RmvkmR/qiOrTsQMNtZXYGZMIINvlowJSgt0vPJ4t+0VAP aoMuYG8lk52ZPSUCbQ+mMR20iYv6Pkd2yxfopKxxnSA= -----END CERTIFICATE-----Generated at Wed Nov 5 17:14:35 2025 by rpki-client