$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/QKIuvQ-cT0aITkKgz-Jvd5KkBnE.roa File: QKIuvQ-cT0aITkKgz-Jvd5KkBnE.roa (raw, json) Hash identifier: rdw62Np8gtZtX96xGEXQVLhQWeXb5ol+7ZsI6m/sAQ4= Subject key identifier: 40:A2:2E:BD:0F:9C:4F:46:88:4E:42:A0:CF:E2:6F:77:92:A4:06:71 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 19FF Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/QKIuvQ-cT0aITkKgz-Jvd5KkBnE.roa Signing time: Fri 22 Aug 2025 08:53:36 +0000 ROA not before: Fri 22 Aug 2025 08:53:36 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4780 IP address blocks: 123.51.181.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 06:29:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6655 (0x19ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 22 08:53:36 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=40A22EBD0F9C4F46884E42A0CFE26F7792A40671 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:0c:41:17:c8:e8:a1:02:2f:f3:09:b3:d3:d5: 85:c5:9d:52:b9:06:4c:6a:7f:b0:6a:ba:78:ef:c1: 32:af:53:d3:f2:d1:25:30:ea:0b:c8:0b:ee:25:b5: 91:0f:23:92:27:e7:df:8d:e4:72:86:cb:6e:80:2e: 99:79:35:8f:90:6f:6e:48:f8:26:87:c4:24:0f:73: d2:ff:02:66:bd:47:02:99:e6:d2:80:d7:3f:37:66: e9:7c:0b:6e:b8:f2:b3:f6:5a:6a:77:e3:7f:9a:f0: 63:48:f2:bf:09:c9:98:0c:83:dd:c4:db:a3:28:6c: 0e:72:51:d5:72:7f:dd:dd:49:c1:0c:5e:4a:41:85: f0:ed:a3:74:b4:73:54:24:27:1e:bb:04:62:90:4e: 08:c9:d8:32:66:c1:bf:17:22:5f:9b:e1:a6:dc:e9: ae:fc:c0:15:ee:c6:d8:77:8c:ec:a5:33:1f:ea:37: f7:fa:2f:d3:9d:2a:db:b7:fa:fd:a7:bf:1a:a4:d4: 58:b1:87:f1:8d:a8:91:3c:90:6b:e4:b4:af:e7:17: 78:de:4d:cd:c3:3a:2f:c2:ae:fb:ab:93:a4:82:db: 75:5a:9a:02:32:c5:02:b9:f3:f0:32:2d:0d:ad:b3: 20:b3:8a:4c:dd:44:ca:b0:f3:08:26:6b:c1:f8:c5: 51:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:A2:2E:BD:0F:9C:4F:46:88:4E:42:A0:CF:E2:6F:77:92:A4:06:71 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/QKIuvQ-cT0aITkKgz-Jvd5KkBnE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.51.181.0/24 Signature Algorithm: sha256WithRSAEncryption 59:c4:7b:a5:61:3f:48:91:1b:31:58:3e:76:fb:bd:d6:c5:2d: 4a:01:e1:4b:45:3d:e4:26:37:3f:a9:61:f3:35:1b:6d:24:f4: 5c:9e:a1:b9:fa:63:69:22:87:b9:39:90:36:9e:47:58:c4:40: 88:7f:d5:5f:2c:69:44:9e:cf:b7:f3:60:22:12:1b:77:bb:65: 37:0e:e6:f7:85:c2:03:e6:77:02:78:e3:b8:f5:d3:57:8f:67: e2:b0:4a:b9:c6:f7:17:ec:ec:45:8a:aa:df:3e:2b:cd:ed:f6: 66:cb:33:6a:9c:b9:4c:33:0d:f2:45:65:d9:0a:0f:b5:ff:c2: 07:d1:da:fc:b9:9e:e2:65:e6:c7:f0:a2:ed:3b:ca:c6:6f:a6: e6:71:1f:21:3c:73:13:7f:ab:3b:fb:db:db:f5:48:d6:03:50: 69:74:c1:dd:0b:a1:45:7d:ca:b8:35:38:46:e9:b1:9c:e4:94: 65:8b:e1:77:67:6c:b6:4a:01:c6:c7:ac:9d:15:17:8d:82:66: 3b:4b:24:6a:4c:2b:cd:11:2e:47:5f:62:5b:96:43:0a:f0:c0: b4:91:ab:a9:21:cf:98:e4:a2:d4:05:d5:b0:2d:5a:62:5e:f1: 16:bc:54:77:99:b6:b8:80:c3:a1:94:92:7a:c0:ab:74:db:e3: b7:d4:22:43 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGf8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw ODUzMzZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQwQTIyRUJEMEY5QzRG NDY4ODRFNDJBMENGRTI2Rjc3OTJBNDA2NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYDEEXyOihAi/zCbPT1YXFnVK5Bkxqf7BqunjvwTKvU9Py0SUw 6gvIC+4ltZEPI5In59+N5HKGy26ALpl5NY+Qb25I+CaHxCQPc9L/Ama9RwKZ5tKA 1z83Zul8C2648rP2Wmp343+a8GNI8r8JyZgMg93E26MobA5yUdVyf93dScEMXkpB hfDto3S0c1QkJx67BGKQTgjJ2DJmwb8XIl+b4abc6a78wBXuxth3jOylMx/qN/f6 L9OdKtu3+v2nvxqk1Fixh/GNqJE8kGvktK/nF3jeTc3DOi/Crvurk6SC23VamgIy xQK58/AyLQ2tsyCzikzdRMqw8wgma8H4xVElAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUQKIuvQ+cT0aITkKgz+Jvd5KkBnEwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUUtJdXZRLWNUMGFJVGtLZ3otSnZk NUtrQm5FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHsztTAN BgkqhkiG9w0BAQsFAAOCAQEAWcR7pWE/SJEbMVg+dvu91sUtSgHhS0U95CY3P6lh 8zUbbST0XJ6hufpjaSKHuTmQNp5HWMRAiH/VXyxpRJ7Pt/NgIhIbd7tlNw7m94XC A+Z3AnjjuPXTV49n4rBKucb3F+zsRYqq3z4rze32Zsszapy5TDMN8kVl2QoPtf/C B9Ha/Lme4mXmx/Ci7TvKxm+m5nEfITxzE3+rO/vb2/VI1gNQaXTB3QuhRX3KuDU4 RumxnOSUZYvhd2dstkoBxsesnRUXjYJmO0skakwrzREuR19iW5ZDCvDAtJGrqSHP mOSi1AXVsC1aYl7xFrxUd5m2uIDDoZSSesCrdNvjt9QiQw== -----END CERTIFICATE-----Generated at Wed Nov 5 04:40:36 2025 by rpki-client