$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/U0XfszxCx5vkxdrYbkIM5iWm-IM.roa File: U0XfszxCx5vkxdrYbkIM5iWm-IM.roa (raw, json) Hash identifier: 9v6EIUKbGA5xqvxpmHh88lTj38Ncl2jS404hCDGYuwE= Subject key identifier: 53:45:DF:B3:3C:42:C7:9B:E4:C5:DA:D8:6E:42:0C:E6:25:A6:F8:83 Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B Certificate serial: 0E1B Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/U0XfszxCx5vkxdrYbkIM5iWm-IM.roa Signing time: Fri 22 Aug 2025 08:51:03 +0000 ROA not before: Fri 22 Aug 2025 08:51:03 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9922 IP address blocks: 39.1.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 20:59:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3611 (0xe1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B Validity Not Before: Aug 22 08:51:03 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=5345DFB33C42C79BE4C5DAD86E420CE625A6F883 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e5:86:5a:7a:1e:02:60:3d:2a:42:99:43:f0: c5:69:16:f4:3a:83:ab:2f:d5:1f:2c:9a:ed:50:e5: 22:7f:ec:1c:2f:84:27:c0:6a:22:71:c9:00:5b:a5: 2c:3f:30:dc:5c:d1:77:0d:7b:85:0e:53:2a:b8:93: 4c:0c:8a:c4:67:4c:a5:02:a1:44:6c:17:24:04:5a: 47:f9:97:41:61:f0:1c:cc:ba:b4:48:e4:87:e6:ec: 79:c1:58:68:2c:5f:73:4d:89:ac:86:a7:23:38:d8: 70:a6:d8:07:24:1a:5e:7e:92:1e:60:d3:33:65:ea: ed:60:91:e0:24:bc:6d:b9:38:d2:98:4a:b9:8a:5e: 9b:18:03:f2:7e:a7:0c:86:50:56:47:02:e3:dd:e0: 9e:1c:36:e9:7d:a4:da:41:24:01:9c:60:f2:8e:49: 62:6b:4b:48:c4:8f:5a:09:ac:80:a4:1e:4b:af:57: 10:a4:2e:24:4e:3c:3b:75:d3:59:22:a5:5d:13:7b: bd:b7:be:80:03:c8:9e:25:9c:15:0a:6f:d5:30:b9: 4d:1f:a0:9a:4d:b2:95:79:05:72:94:da:5f:b4:1c: a7:6e:6e:da:74:b7:a2:58:95:c0:23:68:e9:6d:17: 96:8b:91:7a:a8:6d:05:ff:0c:12:a5:44:e5:51:cd: cf:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:45:DF:B3:3C:42:C7:9B:E4:C5:DA:D8:6E:42:0C:E6:25:A6:F8:83 X509v3 Authority Key Identifier: keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/U0XfszxCx5vkxdrYbkIM5iWm-IM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 39.1.40.0/22 Signature Algorithm: sha256WithRSAEncryption 33:b3:02:a8:34:60:87:20:9b:35:17:8d:ba:9d:b2:01:e9:fa: 3a:ff:43:08:17:67:25:d6:98:4f:2b:37:ea:c9:3e:be:3a:eb: b2:63:ce:62:32:0e:09:01:dd:0f:32:79:1e:f0:2f:b3:9b:ea: cf:f6:99:bb:62:3b:6b:c7:42:da:ef:7e:20:12:5f:f6:78:7d: 31:01:95:84:ae:d8:9f:8a:38:49:0c:2a:9b:b6:3d:7f:41:b9: 69:2f:b2:c6:89:e2:aa:1c:2a:aa:a7:35:58:69:5d:c0:45:1b: 96:34:77:87:b1:e0:25:ce:b8:d9:40:75:90:1a:ee:0c:a5:c8: 85:99:89:14:8b:cb:e8:41:f3:d6:c6:e1:b2:7b:60:3f:f1:e6: 4f:08:f4:db:16:e9:cc:6c:bc:e7:53:81:58:5e:9d:30:37:41: ab:e3:05:e3:e2:59:23:ce:dd:fa:d1:3f:07:bb:ad:96:c7:b7: 64:9f:8a:05:31:f1:50:ba:10:04:c4:94:f0:88:36:71:11:a0: 97:1f:fb:1a:00:81:2c:8d:30:c8:64:00:2a:87:1c:65:ee:03: 73:5e:c1:9c:cd:bc:e0:26:3c:1e:3e:55:4f:0a:b2:2e:17:ee: 2d:3c:c5:c1:d6:04:4e:18:e5:8b:98:82:e2:56:a6:86:41:2b: 3d:1c:fd:88 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yNTA4MjIw ODUxMDNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDUzNDVERkIzM0M0MkM3 OUJFNEM1REFEODZFNDIwQ0U2MjVBNkY4ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDD5YZaeh4CYD0qQplD8MVpFvQ6g6sv1R8smu1Q5SJ/7BwvhCfA aiJxyQBbpSw/MNxc0XcNe4UOUyq4k0wMisRnTKUCoURsFyQEWkf5l0Fh8BzMurRI 5Ifm7HnBWGgsX3NNiayGpyM42HCm2AckGl5+kh5g0zNl6u1gkeAkvG25ONKYSrmK XpsYA/J+pwyGUFZHAuPd4J4cNul9pNpBJAGcYPKOSWJrS0jEj1oJrICkHkuvVxCk LiROPDt101kipV0Te723voADyJ4lnBUKb9UwuU0foJpNspV5BXKU2l+0HKdubtp0 t6JYlcAjaOltF5aLkXqobQX/DBKlROVRzc8NAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUU0XfszxCx5vkxdrYbkIM5iWm+IMwHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5 B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9VMFhmc3p4Q3g1dmt4ZHJZYmtJ TTVpV20tSU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJwEo MA0GCSqGSIb3DQEBCwUAA4IBAQAzswKoNGCHIJs1F426nbIB6fo6/0MIF2cl1phP KzfqyT6+OuuyY85iMg4JAd0PMnke8C+zm+rP9pm7Yjtrx0La734gEl/2eH0xAZWE rtifijhJDCqbtj1/QblpL7LGieKqHCqqpzVYaV3ARRuWNHeHseAlzrjZQHWQGu4M pciFmYkUi8voQfPWxuGye2A/8eZPCPTbFunMbLznU4FYXp0wN0Gr4wXj4lkjzt36 0T8Hu62Wx7dkn4oFMfFQuhAExJTwiDZxEaCXH/saAIEsjTDIZAAqhxxl7gNzXsGc zbzgJjwePlVPCrIuF+4tPMXB1gROGOWLmILiVqaGQSs9HP2I -----END CERTIFICATE-----Generated at Wed Nov 5 17:14:25 2025 by rpki-client