$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/CZLqIxh_hVnIdJcBHKPMqij8TxU.roa File: CZLqIxh_hVnIdJcBHKPMqij8TxU.roa (raw, json) Hash identifier: 9pPdnlsI52xEsV9VRPqwaQSTwUBqtgoPKIoFxPtQ0Rk= Subject key identifier: 09:92:EA:23:18:7F:85:59:C8:74:97:01:1C:A3:CC:AA:28:FC:4F:15 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 147D Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/CZLqIxh_hVnIdJcBHKPMqij8TxU.roa Signing time: Fri 22 Aug 2025 09:00:29 +0000 ROA not before: Fri 22 Aug 2025 09:00:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 210.63.200.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 05:59:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5245 (0x147d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0992EA23187F8559C87497011CA3CCAA28FC4F15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:93:e4:8d:4d:9c:cb:19:27:7a:e6:ad:25:fb: 05:b0:42:1b:12:b8:22:df:d7:39:3f:56:c3:c8:58: ba:e8:7c:94:9a:f1:fc:f6:d7:31:9c:b0:7f:d0:57: 98:d8:48:ed:29:68:4a:c1:95:83:7b:de:27:f4:98: d3:a9:94:58:bd:8a:c4:8c:0a:79:56:c0:0f:dc:fd: a6:79:e4:73:0c:b9:df:af:b4:56:9c:d4:9d:97:5b: b7:c4:0e:44:cf:81:6a:a6:67:dc:22:b1:a3:ee:32: 42:10:5c:34:8a:d4:66:9c:35:56:19:6c:1b:5b:c6: af:4f:b1:85:2a:3d:bf:ab:2e:fc:b6:e3:6b:71:00: 3a:a5:4c:ec:54:a3:9a:18:35:f6:fc:e0:46:df:4f: 32:bd:8e:e1:db:ed:9b:8e:31:ec:5a:d4:89:e3:7b: cb:90:d9:88:9a:4f:7d:3d:9b:38:b0:0b:39:77:1b: 05:95:a0:00:e2:c9:ea:f1:9d:55:e4:19:b5:df:16: 18:5d:b5:b7:bd:e9:58:40:33:4d:ea:84:7b:82:f1: 93:e8:2f:38:b1:b6:74:18:bc:93:f7:e4:88:10:c3: ff:68:d1:51:33:16:e7:88:1f:25:94:b4:1d:05:47: 7f:03:93:8c:54:06:41:17:b0:5f:a7:e9:9f:0b:c7: 37:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:92:EA:23:18:7F:85:59:C8:74:97:01:1C:A3:CC:AA:28:FC:4F:15 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/CZLqIxh_hVnIdJcBHKPMqij8TxU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.63.200.0/21 Signature Algorithm: sha256WithRSAEncryption 4d:07:90:3b:05:0f:d6:db:3b:b0:4e:12:5b:c4:59:bd:46:73: b8:6c:03:85:fb:f8:00:8d:91:bf:25:f0:78:79:2b:04:7f:f7: ce:6c:e6:0c:32:67:09:82:c8:27:87:01:59:2b:07:29:d2:5a: 39:16:38:4b:d8:0b:d4:93:98:e6:54:99:41:3e:66:67:64:fc: 72:08:6b:e3:90:23:57:8e:37:c7:8d:a8:37:90:6d:48:18:66: e9:d6:d0:cc:a2:21:aa:78:4d:0b:de:aa:2f:0a:81:5f:9e:64: c9:c2:8d:e6:2d:76:fa:94:64:99:3a:ac:d2:bc:98:89:bc:36: 23:04:9d:d8:71:f9:b7:3d:a2:fd:3a:13:38:57:d5:c2:43:d5: 11:71:a5:7a:65:27:a8:86:f5:c1:21:10:6e:72:ab:64:4b:ff: 33:58:9e:e9:80:5d:da:79:e1:e9:55:e7:23:0a:e5:0a:8b:74: 7d:ba:e4:cd:9c:08:7d:77:70:cc:d3:78:bc:fb:0a:c0:35:7c: 55:f4:a9:13:9b:bb:4c:e1:8b:55:5a:a3:50:1e:09:aa:85:a6: c6:3f:aa:57:23:f3:57:4f:9f:44:7a:e0:ea:64:15:12:56:23: b8:76:30:ba:4b:ce:a2:8d:fe:ff:56:d6:9b:d0:4a:b5:62:e6: 75:a8:5e:96 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFH0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA5OTJFQTIzMTg3Rjg1 NTlDODc0OTcwMTFDQTNDQ0FBMjhGQzRGMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCk+SNTZzLGSd65q0l+wWwQhsSuCLf1zk/VsPIWLrofJSa8fz2 1zGcsH/QV5jYSO0paErBlYN73if0mNOplFi9isSMCnlWwA/c/aZ55HMMud+vtFac 1J2XW7fEDkTPgWqmZ9wisaPuMkIQXDSK1GacNVYZbBtbxq9PsYUqPb+rLvy242tx ADqlTOxUo5oYNfb84EbfTzK9juHb7ZuOMexa1Inje8uQ2YiaT309mziwCzl3GwWV oADiyerxnVXkGbXfFhhdtbe96VhAM03qhHuC8ZPoLzixtnQYvJP35IgQw/9o0VEz FueIHyWUtB0FR38Dk4xUBkEXsF+n6Z8LxzcxAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUCZLqIxh/hVnIdJcBHKPMqij8TxUwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0NaTHFJeGhfaFZuSWRKY0JIS1BNcWlq OFR4VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPSP8gwDQYJ KoZIhvcNAQELBQADggEBAE0HkDsFD9bbO7BOElvEWb1Gc7hsA4X7+ACNkb8l8Hh5 KwR/985s5gwyZwmCyCeHAVkrBynSWjkWOEvYC9STmOZUmUE+Zmdk/HIIa+OQI1eO N8eNqDeQbUgYZunW0MyiIap4TQveqi8KgV+eZMnCjeYtdvqUZJk6rNK8mIm8NiME ndhx+bc9ov06EzhX1cJD1RFxpXplJ6iG9cEhEG5yq2RL/zNYnumAXdp54elV5yMK 5QqLdH265M2cCH13cMzTeLz7CsA1fFX0qRObu0zhi1Vao1AeCaqFpsY/qlcj81dP n0R64OpkFRJWI7h2MLpLzqKN/v9W1pvQSrVi5nWoXpY= -----END CERTIFICATE-----Generated at Thu Nov 6 01:58:05 2025 by rpki-client