$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/1N4TMqvkZPycK7_y6KbFaykXSrQ.roa File: 1N4TMqvkZPycK7_y6KbFaykXSrQ.roa (raw, json) Hash identifier: a2ORtM7OK5OhMJp81zxhPOm5oBfhaRzESVQG83HXTds= Subject key identifier: D4:DE:13:32:AB:E4:64:FC:9C:2B:BF:F2:E8:A6:C5:6B:29:17:4A:B4 Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0E75 Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/1N4TMqvkZPycK7_y6KbFaykXSrQ.roa Signing time: Fri 22 Aug 2025 08:58:18 +0000 ROA not before: Fri 22 Aug 2025 08:58:18 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131596 IP address blocks: 61.58.64.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 20:59:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3701 (0xe75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Aug 22 08:58:18 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D4DE1332ABE464FC9C2BBFF2E8A6C56B29174AB4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e6:3f:07:12:db:3c:7b:ac:5c:3b:f6:f9:e2: 63:f3:49:42:2a:2a:37:0b:ed:57:98:cf:f9:32:51: d7:53:94:4d:cc:07:05:6d:e0:0b:b8:dc:2f:d1:8d: ef:2b:80:6f:f7:d4:fb:f2:3e:4d:f5:0f:8b:1b:1b: 2b:c9:77:43:67:ba:f4:bb:81:f7:c0:c5:13:45:bf: 44:eb:eb:18:b3:b3:9c:f4:46:d4:b8:2b:5f:6e:62: 73:82:8e:e5:a6:31:ed:26:5b:02:75:4e:9c:b2:b3: de:f8:b3:0e:37:29:a3:9d:63:ae:b3:d3:92:3d:d4: 98:16:5a:c8:59:40:23:12:18:ce:fc:bb:e0:a9:35: c2:07:68:03:29:d0:91:56:00:c7:75:a5:3b:1c:2d: a5:36:f0:ab:40:3f:76:59:5a:59:8e:64:01:50:4f: f1:77:51:4e:4e:36:54:a4:f1:8a:64:72:83:82:32: 12:24:5a:a6:29:f6:ba:d7:27:b0:5f:91:23:ba:09: 41:77:07:a9:81:00:56:58:e2:ad:d5:69:85:c3:52: 80:af:6b:f0:0b:8b:36:9a:c9:67:a2:4a:89:af:11: 47:2a:48:7e:91:e2:e1:4b:a7:d1:1c:6c:fa:42:af: ff:21:2f:4a:bf:0e:9f:cf:2e:7b:e6:17:f3:7d:5b: 33:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:DE:13:32:AB:E4:64:FC:9C:2B:BF:F2:E8:A6:C5:6B:29:17:4A:B4 X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/1N4TMqvkZPycK7_y6KbFaykXSrQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.58.64.0/20 Signature Algorithm: sha256WithRSAEncryption 40:c1:85:b6:bf:0a:19:d9:36:97:f5:bc:3e:df:30:52:a9:43: 48:04:1b:7d:ad:a1:a8:b8:fd:3f:2a:12:fe:75:b9:35:e3:ec: d9:d2:42:ac:de:96:98:74:3d:57:f1:6d:c4:52:22:9d:0f:85: 4d:b3:ef:e7:13:d1:98:96:98:06:de:4e:e5:41:5e:90:55:81: 9c:f8:0f:91:f8:7d:2b:2b:ee:be:f7:27:96:71:83:fd:23:2c: c6:a5:25:48:0d:2c:a5:bb:4d:09:61:7e:01:db:93:c2:45:4e: a5:89:95:d1:f8:72:02:1b:e2:1d:64:c5:3d:1c:af:d1:52:ad: 90:7f:c1:cc:5e:40:33:b4:0d:98:38:52:5a:2b:f5:66:ef:03: b1:98:04:fc:c5:b4:94:81:8e:b3:a0:a3:a0:2c:c3:a1:f9:34: a4:ca:0b:04:df:8c:dd:5e:88:65:08:68:f1:bb:2a:17:93:4d: 9c:50:bf:d7:9f:41:71:27:94:49:ec:c5:9f:e0:a1:0c:db:a3: cf:18:8f:34:73:61:4b:75:92:bc:cf:8f:6e:d4:e0:ef:6c:e6: 10:5a:cc:cd:dd:cc:20:2c:84:ea:93:91:85:f7:26:ff:23:b1: f2:56:7f:ec:20:27:8c:59:fb:ca:13:31:4f:3d:90:75:5f:a2: 9c:7b:b1:99 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDnUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTA4MjIw ODU4MThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQ0REUxMzMyQUJFNDY0 RkM5QzJCQkZGMkU4QTZDNTZCMjkxNzRBQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDi5j8HEts8e6xcO/b54mPzSUIqKjcL7VeYz/kyUddTlE3MBwVt 4Au43C/Rje8rgG/31PvyPk31D4sbGyvJd0NnuvS7gffAxRNFv0Tr6xizs5z0RtS4 K19uYnOCjuWmMe0mWwJ1Tpyys974sw43KaOdY66z05I91JgWWshZQCMSGM78u+Cp NcIHaAMp0JFWAMd1pTscLaU28KtAP3ZZWlmOZAFQT/F3UU5ONlSk8YpkcoOCMhIk WqYp9rrXJ7BfkSO6CUF3B6mBAFZY4q3VaYXDUoCva/ALizaayWeiSomvEUcqSH6R 4uFLp9EcbPpCr/8hL0q/Dp/PLnvmF/N9WzMFAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU1N4TMqvkZPycK7/y6KbFaykXSrQwHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS8xTjRUTXF2a1pQeWNLN195Nkti RmF5a1hTclEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTpA MA0GCSqGSIb3DQEBCwUAA4IBAQBAwYW2vwoZ2TaX9bw+3zBSqUNIBBt9raGouP0/ KhL+dbk14+zZ0kKs3paYdD1X8W3EUiKdD4VNs+/nE9GYlpgG3k7lQV6QVYGc+A+R +H0rK+6+9yeWcYP9IyzGpSVIDSylu00JYX4B25PCRU6liZXR+HICG+IdZMU9HK/R Uq2Qf8HMXkAztA2YOFJaK/Vm7wOxmAT8xbSUgY6zoKOgLMOh+TSkygsE34zdXohl CGjxuyoXk02cUL/Xn0FxJ5RJ7MWf4KEM26PPGI80c2FLdZK8z49u1ODvbOYQWszN 3cwgLITqk5GF9yb/I7HyVn/sICeMWfvKEzFPPZB1X6Kce7GZ -----END CERTIFICATE-----Generated at Wed Nov 5 18:31:31 2025 by rpki-client