$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/5nS3_z1xywgGnPNkxjlEw1zaU98.roa File: 5nS3_z1xywgGnPNkxjlEw1zaU98.roa (raw, json) Hash identifier: DhG2kpFf2/N6Tj2ObZf154ROScnDp3/Z7/Uy9hQd/Iw= Subject key identifier: E6:74:B7:FF:3D:71:CB:08:06:9C:F3:64:C6:39:44:C3:5C:DA:53:DF Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1456 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/5nS3_z1xywgGnPNkxjlEw1zaU98.roa Signing time: Fri 22 Aug 2025 09:00:18 +0000 ROA not before: Fri 22 Aug 2025 09:00:18 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 210.202.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5206 (0x1456) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:18 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=E674B7FF3D71CB08069CF364C63944C35CDA53DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:f5:da:04:01:c2:36:23:7b:b9:77:d8:85:58: fa:f2:34:28:3b:6f:ce:5a:2d:45:3d:97:37:3d:19: 08:6e:30:28:aa:59:ad:88:fe:85:41:5b:32:53:0e: e9:e7:25:d1:a9:4f:7f:75:2d:5f:52:94:e8:20:d6: b9:45:06:16:29:f7:a4:0e:e8:46:c7:d8:fa:29:04: 2b:94:0f:88:bd:2e:89:56:c8:c0:12:56:a9:d7:a0: 05:d9:db:66:61:c2:cf:88:3a:06:ef:0f:f0:03:79: 09:c5:ba:0a:d2:19:c3:e8:15:2b:5f:84:da:fc:62: 6d:6a:62:da:00:16:d6:74:ac:87:52:e9:80:5f:69: 76:06:97:4d:b6:0f:c4:58:f7:90:0f:b5:96:b6:a9: 83:d1:98:e1:7d:78:04:1a:27:19:6f:b3:6d:4b:22: 85:86:1c:e7:46:2f:0a:81:62:f8:56:e9:37:69:4c: 32:a8:c9:34:bc:86:fc:ca:5e:d9:0a:41:b8:7a:cd: 70:dc:d7:ca:67:ef:50:d5:3d:dc:d7:15:8c:11:2e: 8a:03:1b:1f:ad:1d:ef:64:e6:c1:43:9a:6f:05:d2: 68:55:6b:f9:74:a5:56:b4:24:3c:67:e9:47:45:07: 57:5b:1b:72:93:8b:c0:a1:60:5d:19:da:cc:d3:4b: af:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:74:B7:FF:3D:71:CB:08:06:9C:F3:64:C6:39:44:C3:5C:DA:53:DF X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/5nS3_z1xywgGnPNkxjlEw1zaU98.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.202.0.0/19 Signature Algorithm: sha256WithRSAEncryption c2:2b:09:fb:70:e3:98:04:4f:16:09:19:99:6f:f6:7b:f8:7b: ee:7f:9b:4d:c0:55:8c:20:80:47:5c:1a:48:64:5f:4f:4b:b7: a4:7c:8d:d4:30:44:47:01:72:48:8f:da:e4:5e:85:20:76:94: e8:1d:a1:7b:f8:08:42:03:9c:00:3a:e4:b5:71:b4:87:12:f1: 05:e5:c5:08:c5:bd:9d:1a:c2:ab:1f:8b:a9:85:e3:12:05:3a: 99:81:92:a2:b0:11:97:83:2c:b0:91:82:57:cd:66:ad:ad:19: 3e:e3:db:85:1c:0a:7e:8a:22:4c:06:06:03:28:3f:31:da:ef: 8b:fd:6e:36:b5:d1:57:ea:f1:a3:40:5b:da:c6:ff:a5:86:9d: 30:3f:7a:5c:b8:d4:9d:b1:b9:27:e1:c6:8b:1c:5d:4e:0a:1c: 4d:9e:db:1a:06:b4:84:8e:a7:ca:27:3b:f7:64:26:5c:ad:fd: 5f:f7:32:06:6b:3b:76:3e:48:cc:a5:a4:1f:5b:15:77:78:9b: f0:f0:b6:7a:04:59:76:d8:02:fe:d5:d5:e1:76:e7:33:34:d7: 13:81:55:db:9b:8e:25:5a:b0:ee:9f:19:fd:cc:8f:e3:b3:60: 56:55:c4:6f:79:bc:4d:3a:a3:82:66:a3:f2:03:a3:5f:ac:42: 98:c4:10:e4 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEU2NzRCN0ZGM0Q3MUNC MDgwNjlDRjM2NEM2Mzk0NEMzNUNEQTUzREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC59doEAcI2I3u5d9iFWPryNCg7b85aLUU9lzc9GQhuMCiqWa2I /oVBWzJTDunnJdGpT391LV9SlOgg1rlFBhYp96QO6EbH2PopBCuUD4i9LolWyMAS VqnXoAXZ22Zhws+IOgbvD/ADeQnFugrSGcPoFStfhNr8Ym1qYtoAFtZ0rIdS6YBf aXYGl022D8RY95APtZa2qYPRmOF9eAQaJxlvs21LIoWGHOdGLwqBYvhW6TdpTDKo yTS8hvzKXtkKQbh6zXDc18pn71DVPdzXFYwRLooDGx+tHe9k5sFDmm8F0mhVa/l0 pVa0JDxn6UdFB1dbG3KTi8ChYF0Z2szTS6/bAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU5nS3/z1xywgGnPNkxjlEw1zaU98wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzVuUzNfejF4eXdnR25QTmt4amxFdzF6 YVU5OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSygAwDQYJ KoZIhvcNAQELBQADggEBAMIrCftw45gETxYJGZlv9nv4e+5/m03AVYwggEdcGkhk X09Lt6R8jdQwREcBckiP2uRehSB2lOgdoXv4CEIDnAA65LVxtIcS8QXlxQjFvZ0a wqsfi6mF4xIFOpmBkqKwEZeDLLCRglfNZq2tGT7j24UcCn6KIkwGBgMoPzHa74v9 bja10Vfq8aNAW9rG/6WGnTA/ely41J2xuSfhxoscXU4KHE2e2xoGtISOp8onO/dk Jlyt/V/3MgZrO3Y+SMylpB9bFXd4m/DwtnoEWXbYAv7V1eF25zM01xOBVdubjiVa sO6fGf3Mj+OzYFZVxG95vE06o4Jmo/IDo1+sQpjEEOQ= -----END CERTIFICATE-----Generated at Wed Nov 5 21:38:44 2025 by rpki-client