$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/RSxmEARR9iVPqm21A_pXt-vSsa0.roa File: RSxmEARR9iVPqm21A_pXt-vSsa0.roa (raw, json) Hash identifier: b37o2wyEG6rYpiwkpVuVIsjCnQULZCbpKphH7M5uvKY= Subject key identifier: 45:2C:66:10:04:51:F6:25:4F:AA:6D:B5:03:FA:57:B7:EB:D2:B1:AD Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1481 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/RSxmEARR9iVPqm21A_pXt-vSsa0.roa Signing time: Fri 22 Aug 2025 09:00:30 +0000 ROA not before: Fri 22 Aug 2025 09:00:30 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24154 IP address blocks: 210.63.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5249 (0x1481) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:30 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=452C66100451F6254FAA6DB503FA57B7EBD2B1AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a1:a5:4f:c8:32:47:99:30:22:40:a3:3e:d9: 26:e6:51:7b:0d:da:c7:24:8d:03:8d:7b:00:4d:29: ee:71:a7:c1:e6:04:60:3b:16:ba:a9:cb:b2:54:f4: ea:9a:ec:31:97:35:69:03:4d:38:83:9b:a5:b3:69: 49:13:c6:0c:58:87:5e:ae:ea:b5:38:5f:7f:8d:1a: fd:83:e2:c5:29:50:50:4d:a9:9a:28:01:d6:26:68: 20:55:87:01:b2:34:e8:74:8f:6a:8e:b2:4d:74:82: 54:ca:f6:7a:eb:99:f2:2e:57:cd:fe:99:8f:04:5c: 92:c5:44:a3:1b:af:6a:c0:31:5c:fa:1f:b2:32:06: d6:64:86:2e:2b:6e:d4:79:85:ae:b7:52:54:ca:64: 87:18:f1:c2:2f:2a:83:f9:30:1f:7d:87:99:d4:ea: ed:1b:60:46:e7:76:75:66:c5:af:a5:28:5b:66:e2: 4a:ad:cc:a4:12:4d:b0:8f:4e:3c:03:bc:58:4d:a4: 1f:f0:7f:47:e7:60:0e:b8:0f:48:1f:fa:ac:f2:b7: 5d:84:1d:19:40:ed:7a:5a:fb:5b:c0:70:81:8f:cb: 4d:d1:29:62:47:4d:98:01:7e:3d:55:09:c4:fc:1a: f9:7d:f0:64:2c:61:0b:f5:b6:d6:b5:fc:12:f8:58: e7:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:2C:66:10:04:51:F6:25:4F:AA:6D:B5:03:FA:57:B7:EB:D2:B1:AD X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/RSxmEARR9iVPqm21A_pXt-vSsa0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.63.220.0/22 Signature Algorithm: sha256WithRSAEncryption 21:1c:70:47:32:6c:c9:35:d5:64:c8:24:e8:99:3b:37:a5:7e: 52:92:22:b5:e6:8f:9e:d9:ac:f3:c5:a6:7e:5d:c8:83:73:60: e7:b6:b2:8d:4b:10:00:a8:ff:e0:13:fa:15:42:b7:76:51:7a: 8c:57:a2:29:4a:0b:72:f9:a6:ee:9e:20:c6:d7:19:d4:de:9b: f3:61:73:44:aa:40:a5:2d:03:da:c1:7e:ec:b6:93:16:9c:66: b3:a9:7f:ab:75:18:2f:6c:89:5b:20:9b:fa:eb:d4:93:cf:61: 06:f3:d5:c3:40:c5:77:b7:e1:86:30:60:26:b2:3a:36:f1:30: 4e:22:de:f0:0f:5a:96:92:9f:fb:a9:09:6e:1d:76:31:77:89: 51:42:9a:1b:08:94:27:55:16:97:84:40:4a:2e:f0:80:6f:c3: bd:24:d0:61:8f:db:33:8a:0b:ca:c0:09:8a:77:03:65:5d:d0: f5:d8:4c:16:f0:45:8f:a0:a7:5e:7b:8d:d6:3a:11:db:62:ac: 19:fa:be:c9:96:10:0d:a6:96:e1:9e:f0:ea:84:a8:2a:75:29: 52:3a:39:cf:0a:c5:fa:3c:1d:47:56:bf:6a:9a:e1:8b:8a:da: db:93:14:f0:bb:95:f7:3e:2e:47:ff:c0:6e:94:e7:2c:83:8a: a8:16:15:69 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMzBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQ1MkM2NjEwMDQ1MUY2 MjU0RkFBNkRCNTAzRkE1N0I3RUJEMkIxQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuoaVPyDJHmTAiQKM+2SbmUXsN2sckjQONewBNKe5xp8HmBGA7 Frqpy7JU9Oqa7DGXNWkDTTiDm6WzaUkTxgxYh16u6rU4X3+NGv2D4sUpUFBNqZoo AdYmaCBVhwGyNOh0j2qOsk10glTK9nrrmfIuV83+mY8EXJLFRKMbr2rAMVz6H7Iy BtZkhi4rbtR5ha63UlTKZIcY8cIvKoP5MB99h5nU6u0bYEbndnVmxa+lKFtm4kqt zKQSTbCPTjwDvFhNpB/wf0fnYA64D0gf+qzyt12EHRlA7Xpa+1vAcIGPy03RKWJH TZgBfj1VCcT8Gvl98GQsYQv1tta1/BL4WOcHAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQURSxmEARR9iVPqm21A/pXt+vSsa0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1JTeG1FQVJSOWlWUHFtMjFBX3BYdC12 U3NhMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSP9wwDQYJ KoZIhvcNAQELBQADggEBACEccEcybMk11WTIJOiZOzelflKSIrXmj57ZrPPFpn5d yINzYOe2so1LEACo/+AT+hVCt3ZReoxXoilKC3L5pu6eIMbXGdTem/Nhc0SqQKUt A9rBfuy2kxacZrOpf6t1GC9siVsgm/rr1JPPYQbz1cNAxXe34YYwYCayOjbxME4i 3vAPWpaSn/upCW4ddjF3iVFCmhsIlCdVFpeEQEou8IBvw70k0GGP2zOKC8rACYp3 A2Vd0PXYTBbwRY+gp157jdY6EdtirBn6vsmWEA2mluGe8OqEqCp1KVI6Oc8Kxfo8 HUdWv2qa4YuK2tuTFPC7lfc+Lkf/wG6U5yyDiqgWFWk= -----END CERTIFICATE-----Generated at Wed Nov 5 21:45:04 2025 by rpki-client