$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MAGICCUBE/mSApZwnuhTHRnFXHnX6RvzTKGYE.roa File: mSApZwnuhTHRnFXHnX6RvzTKGYE.roa (raw, json) Hash identifier: ZoNhTA/dFtecSixl6TwZgm+2FPUyeLITukQ2ucLNwGs= Subject key identifier: 99:20:29:67:09:EE:85:31:D1:9C:55:C7:9D:7E:91:BF:34:CA:19:81 Certificate issuer: /CN=2B3B89AD32F3B95B7AF165F4C8A4CD08E754D5AB Certificate serial: 044C Authority key identifier: 2B:3B:89:AD:32:F3:B9:5B:7A:F1:65:F4:C8:A4:CD:08:E7:54:D5:AB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KzuJrTLzuVt68WX0yKTNCOdU1as.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MAGICCUBE/mSApZwnuhTHRnFXHnX6RvzTKGYE.roa Signing time: Mon 03 Nov 2025 08:56:01 +0000 ROA not before: Mon 03 Nov 2025 08:56:01 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 7483 IP address blocks: 223.26.14.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/MAGICCUBE/KzuJrTLzuVt68WX0yKTNCOdU1as.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/MAGICCUBE/KzuJrTLzuVt68WX0yKTNCOdU1as.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KzuJrTLzuVt68WX0yKTNCOdU1as.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 16:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1100 (0x44c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B3B89AD32F3B95B7AF165F4C8A4CD08E754D5AB Validity Not Before: Nov 3 08:56:01 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=9920296709EE8531D19C55C79D7E91BF34CA1981 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:8e:a5:7a:80:08:44:f8:9b:d4:21:9d:69:61: 71:d8:92:cc:0f:2d:9b:c8:14:ae:e9:fd:20:bf:f0: 73:b1:d0:62:5b:6c:61:04:84:05:0f:36:b6:24:2c: a1:16:d7:67:9b:1a:cc:99:9a:b5:91:08:1b:91:64: 0f:5a:84:b8:c0:25:28:ca:cd:00:c0:65:43:4f:5c: 48:1a:be:2f:10:2c:65:e3:d5:45:d7:35:fe:ef:8a: ee:98:6f:0f:bb:df:7c:3e:89:62:8d:f7:cc:f4:44: d5:49:10:ef:af:e0:9c:89:45:90:20:5a:5e:47:2b: dc:30:3e:e3:01:d4:8c:0c:53:1c:50:92:29:d1:ef: 70:4b:bf:05:69:a7:9a:28:9e:6a:b5:93:24:c6:4e: 21:9f:59:1e:59:10:4a:2b:ff:f2:79:53:62:a0:9e: d5:2b:ae:b5:2f:23:51:bb:0c:93:fc:82:c6:fe:c3: 85:0f:a4:19:d9:f1:ba:f1:9b:09:de:b7:63:fa:dc: a0:a1:f8:f4:1e:70:78:8a:8c:b2:1f:69:63:f3:61: 8e:b9:8c:eb:c1:a8:76:c5:b6:ee:b8:80:f2:17:94: 45:89:55:cd:be:69:0c:35:fa:75:d5:f6:4f:bb:0b: e0:fb:c7:80:76:51:38:0f:46:e6:9a:1a:9f:a5:0d: 63:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:20:29:67:09:EE:85:31:D1:9C:55:C7:9D:7E:91:BF:34:CA:19:81 X509v3 Authority Key Identifier: keyid:2B:3B:89:AD:32:F3:B9:5B:7A:F1:65:F4:C8:A4:CD:08:E7:54:D5:AB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MAGICCUBE/KzuJrTLzuVt68WX0yKTNCOdU1as.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KzuJrTLzuVt68WX0yKTNCOdU1as.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MAGICCUBE/mSApZwnuhTHRnFXHnX6RvzTKGYE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.26.14.0/23 Signature Algorithm: sha256WithRSAEncryption 7e:a6:12:31:a4:cd:54:7b:57:0e:44:26:a6:e3:6b:a5:d4:b3: 57:c6:92:7e:45:d0:35:82:4a:72:6d:bb:6b:00:c5:f1:c9:f6: a9:9e:2e:df:14:09:e4:01:b2:49:19:57:16:fa:0c:0e:47:96: f5:28:35:24:8b:11:cb:44:2a:2f:24:2e:84:50:36:35:06:ad: 7c:4c:6c:81:34:8f:6c:68:5f:3b:39:75:b8:cd:12:6c:33:8f: f1:3c:be:b3:74:dd:83:d0:9b:17:cd:29:c6:de:ec:c8:04:5d: a8:32:3c:25:bd:1e:f3:c8:79:c0:03:b1:32:89:73:9b:71:eb: 43:b2:32:b6:6e:71:89:41:a7:5e:ea:9e:3a:e0:48:ef:5f:d7: 92:44:c5:a2:8c:03:de:62:db:55:b0:87:f8:3a:5a:4d:29:ca: 42:d3:d6:00:49:a7:0b:af:61:36:ac:a6:9f:47:45:f1:ae:41: 6c:13:35:5f:1d:1a:14:5f:e1:5c:a6:bc:f1:5b:50:21:ba:91: dc:2c:0d:43:87:ba:d1:c8:43:57:be:c7:ef:98:53:32:59:24: 18:67:86:0f:91:2e:1c:7f:39:c8:9a:a6:df:78:4c:17:78:a8: fe:34:a6:b3:33:eb:a8:78:31:b5:c0:d1:a2:97:61:af:96:03: e7:c9:bc:a2 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICBEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIz Qjg5QUQzMkYzQjk1QjdBRjE2NUY0QzhBNENEMDhFNzU0RDVBQjAeFw0yNTExMDMw ODU2MDFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDk5MjAyOTY3MDlFRTg1 MzFEMTlDNTVDNzlEN0U5MUJGMzRDQTE5ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOjqV6gAhE+JvUIZ1pYXHYkswPLZvIFK7p/SC/8HOx0GJbbGEE hAUPNrYkLKEW12ebGsyZmrWRCBuRZA9ahLjAJSjKzQDAZUNPXEgavi8QLGXj1UXX Nf7viu6Ybw+733w+iWKN98z0RNVJEO+v4JyJRZAgWl5HK9wwPuMB1IwMUxxQkinR 73BLvwVpp5oonmq1kyTGTiGfWR5ZEEor//J5U2KgntUrrrUvI1G7DJP8gsb+w4UP pBnZ8brxmwnet2P63KCh+PQecHiKjLIfaWPzYY65jOvBqHbFtu64gPIXlEWJVc2+ aQw1+nXV9k+7C+D7x4B2UTgPRuaaGp+lDWNdAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUmSApZwnuhTHRnFXHnX6RvzTKGYEwHwYDVR0jBBgwFoAUKzuJrTLzuVt68WX0 yKTNCOdU1aswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUFHSUND VUJFL0t6dUpyVEx6dVZ0NjhXWDB5S1ROQ09kVTFhcy5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvS3p1SnJUTHp1VnQ2OFdYMHlLVE5DT2RVMWFzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUFHSUNDVUJFL21TQXBad251aFRI Um5GWEhuWDZSdnpUS0dZRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAHfGg4wDQYJKoZIhvcNAQELBQADggEBAH6mEjGkzVR7Vw5EJqbja6XUs1fG kn5F0DWCSnJtu2sAxfHJ9qmeLt8UCeQBskkZVxb6DA5HlvUoNSSLEctEKi8kLoRQ NjUGrXxMbIE0j2xoXzs5dbjNEmwzj/E8vrN03YPQmxfNKcbe7MgEXagyPCW9HvPI ecADsTKJc5tx60OyMrZucYlBp17qnjrgSO9f15JExaKMA95i21Wwh/g6Wk0pykLT 1gBJpwuvYTaspp9HRfGuQWwTNV8dGhRf4VymvPFbUCG6kdwsDUOHutHIQ1e+x++Y UzJZJBhnhg+RLhx/Ociapt94TBd4qP40prMz66h4MbXA0aKXYa+WA+fJvKI= -----END CERTIFICATE-----Generated at Wed Nov 5 13:16:38 2025 by rpki-client