$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/dZYdk5_NNkXX7iMnN3KpUCFO-ow.roa File: dZYdk5_NNkXX7iMnN3KpUCFO-ow.roa (raw, json) Hash identifier: Aw/ELK0EJbr6QMjIUHIjjgBGYutCkGhHO7PSjr4kJ+4= Subject key identifier: 75:96:1D:93:9F:CD:36:45:D7:EE:23:27:37:72:A9:50:21:4E:FA:8C Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0EEA Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/dZYdk5_NNkXX7iMnN3KpUCFO-ow.roa Signing time: Wed 23 Jul 2025 05:54:01 +0000 ROA not before: Wed 23 Jul 2025 05:54:01 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 11414 IP address blocks: 61.61.6.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:41:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3818 (0xeea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Jul 23 05:54:01 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=75961D939FCD3645D7EE23273772A950214EFA8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:65:04:cb:00:6e:4d:db:fd:3d:16:25:e9:5a: f8:4e:e6:1d:23:49:28:1e:c1:a5:25:4f:ad:c3:af: 3a:e6:68:c4:8b:be:e1:f4:4e:33:08:19:f8:15:ce: 94:36:04:4d:e0:0a:60:eb:9b:3e:48:24:1b:aa:48: 7d:c3:1c:ba:81:70:64:7e:18:36:6a:75:5a:3f:a2: 6a:49:38:60:ae:a5:b4:f6:66:22:c4:95:39:89:eb: 7e:c7:79:b7:f8:b7:83:5f:bf:2c:38:1f:ea:f7:4a: c5:4a:3c:bd:82:f4:52:64:6b:a1:89:46:f1:18:f6: f3:ed:60:f7:6a:de:00:ea:8a:5a:f2:dc:a5:d8:41: a8:06:63:df:e7:8f:6a:09:2d:39:1e:99:72:83:8e: 90:20:95:79:0d:09:30:83:97:95:2a:cd:c2:68:ce: 91:20:c5:48:c5:7e:33:f0:f2:89:3d:e1:a4:b7:58: 15:df:ae:2e:91:60:f0:3a:64:56:f2:52:55:3a:4f: 00:58:1f:21:63:91:51:6b:fd:26:1d:58:27:0c:fd: 48:ff:4c:e9:3e:1f:45:2b:f4:73:b8:99:a5:18:21: e1:5c:61:87:04:be:98:b4:c2:5c:d0:b2:60:cc:b8: f7:98:79:5c:b7:01:97:97:51:93:6b:c9:8a:70:36: c3:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:96:1D:93:9F:CD:36:45:D7:EE:23:27:37:72:A9:50:21:4E:FA:8C X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/dZYdk5_NNkXX7iMnN3KpUCFO-ow.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.6.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:68:1d:c0:34:9a:38:71:04:4d:04:1a:de:c1:f8:ac:c8:38: ad:8a:6b:86:9c:ac:f1:0a:07:ef:62:50:6f:58:bf:5e:e3:43: c1:77:0f:3d:fc:76:84:ba:7d:e2:94:c3:6c:cd:11:ca:f6:82: eb:3c:f1:74:4e:6b:21:8c:3b:70:75:70:41:4f:03:c9:8a:4c: 34:a0:7d:e6:77:fa:6b:2d:c4:03:fb:d2:e1:8b:89:91:39:92: ca:48:3f:15:50:ad:90:91:96:a3:dc:10:b0:79:ea:15:52:16: ec:63:50:b1:0a:00:49:15:cf:3d:de:d3:7a:01:5b:9e:99:c2: d2:c3:4f:4b:37:49:9c:f3:04:dd:34:cd:e0:b5:44:1b:92:26: 85:0f:fe:57:c5:38:d1:70:0e:ed:62:cd:1f:77:e5:35:b1:77: 42:a6:6a:74:bc:dd:80:70:cc:84:84:1a:37:76:82:f0:9d:ab: 9a:0f:31:35:93:6f:41:d6:bf:26:9d:7d:8b:e4:9d:dd:a8:4b: f1:e9:25:bd:a3:a1:93:3b:d3:dd:82:fd:40:69:bb:2f:c6:de: 7b:d5:f0:d0:a9:a8:e8:bd:4e:2d:84:f6:b9:b8:02:aa:d1:1d: 92:ea:d4:b1:0c:76:dc:73:2e:33:34:49:c5:a9:fe:06:07:9e: 1c:85:2c:55 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA3MjMw NTU0MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc1OTYxRDkzOUZDRDM2 NDVEN0VFMjMyNzM3NzJBOTUwMjE0RUZBOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7ZQTLAG5N2/09FiXpWvhO5h0jSSgewaUlT63DrzrmaMSLvuH0 TjMIGfgVzpQ2BE3gCmDrmz5IJBuqSH3DHLqBcGR+GDZqdVo/ompJOGCupbT2ZiLE lTmJ637Hebf4t4Nfvyw4H+r3SsVKPL2C9FJka6GJRvEY9vPtYPdq3gDqilry3KXY QagGY9/nj2oJLTkemXKDjpAglXkNCTCDl5UqzcJozpEgxUjFfjPw8ok94aS3WBXf ri6RYPA6ZFbyUlU6TwBYHyFjkVFr/SYdWCcM/Uj/TOk+H0Ur9HO4maUYIeFcYYcE vpi0wlzQsmDMuPeYeVy3AZeXUZNryYpwNsOPAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUdZYdk5/NNkXX7iMnN3KpUCFO+owwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2RaWWRrNV9OTmtYWDdpTW5OM0twVUNG Ty1vdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PQYwDQYJ KoZIhvcNAQELBQADggEBAI9oHcA0mjhxBE0EGt7B+KzIOK2Ka4acrPEKB+9iUG9Y v17jQ8F3Dz38doS6feKUw2zNEcr2gus88XROayGMO3B1cEFPA8mKTDSgfeZ3+mst xAP70uGLiZE5kspIPxVQrZCRlqPcELB56hVSFuxjULEKAEkVzz3e03oBW56ZwtLD T0s3SZzzBN00zeC1RBuSJoUP/lfFONFwDu1izR935TWxd0KmanS83YBwzISEGjd2 gvCdq5oPMTWTb0HWvyadfYvknd2oS/HpJb2joZM7092C/UBpuy/G3nvV8NCpqOi9 Ti2E9rm4AqrRHZLq1LEMdtxzLjM0ScWp/gYHnhyFLFU= -----END CERTIFICATE-----Generated at Mon Aug 11 10:37:14 2025 by rpki-client