$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/OmoKANis5RZ49I0UunbaCwaQaew.roa File: OmoKANis5RZ49I0UunbaCwaQaew.roa (raw, json) Hash identifier: 0uJpWqVAhhOZY/qcNfaTN0dmKIUjkk3DP9pz/bPuC+A= Subject key identifier: 3A:6A:0A:00:D8:AC:E5:16:78:F4:8D:14:BA:76:DA:0B:06:90:69:EC Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0E79 Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/OmoKANis5RZ49I0UunbaCwaQaew.roa Signing time: Fri 22 Aug 2025 08:58:19 +0000 ROA not before: Fri 22 Aug 2025 08:58:19 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 61.58.72.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 20:59:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3705 (0xe79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Aug 22 08:58:19 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3A6A0A00D8ACE51678F48D14BA76DA0B069069EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:9a:d2:e5:3a:7c:8f:0b:88:ef:c7:d3:66:5c: 29:44:10:e8:b6:1c:92:43:75:53:59:21:ab:13:47: 81:f7:5b:28:16:b0:8c:37:f1:34:fa:b3:73:d4:64: 48:86:19:ec:fa:da:a0:59:fa:78:40:9c:60:e2:86: 95:96:c7:5f:3a:6b:2c:76:24:9d:03:9e:99:1f:52: 95:19:9e:82:49:c1:f9:ee:25:98:8f:88:ff:76:3b: 50:de:2b:c8:32:bb:24:88:18:7d:3c:e0:4f:c6:44: b3:37:6b:f2:12:bf:54:67:fd:e0:32:7b:f1:ae:ae: 6a:52:4b:40:a4:5d:c9:5e:df:7e:f2:c9:40:a7:91: 21:58:9d:41:e9:97:35:25:d7:3d:ff:d5:b5:4c:c5: 75:1e:f5:bb:9f:a3:da:1a:30:d0:6c:c5:2e:3e:1f: 42:65:39:71:7a:6e:a4:5a:87:30:f9:83:bf:0e:22: 80:21:64:04:81:77:6b:1f:81:2e:90:09:27:33:f7: 71:44:28:d4:8a:69:a3:a4:fe:5d:11:98:cf:f4:df: 1c:f7:9e:57:5f:36:bc:13:e0:54:2a:36:65:c8:a6: 86:da:a5:92:6d:d5:ee:4e:0a:42:8a:8e:a6:24:19: b1:1c:c0:31:0d:62:bc:b5:da:70:9a:f7:a5:42:9c: 1e:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:6A:0A:00:D8:AC:E5:16:78:F4:8D:14:BA:76:DA:0B:06:90:69:EC X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/OmoKANis5RZ49I0UunbaCwaQaew.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.58.72.0/21 Signature Algorithm: sha256WithRSAEncryption 2b:65:86:9c:55:f9:6f:02:62:50:f9:be:c3:e8:5d:c0:52:b9: 9c:7c:d7:f0:42:de:a5:1a:57:0c:9e:09:af:ed:fe:d6:a9:f1: 29:1e:57:c8:f5:1d:41:3b:6f:1c:47:06:ff:d9:9d:1c:c9:6f: 58:41:8e:15:66:8e:53:ad:6b:89:17:6a:bf:fb:3c:7a:ef:b2: 85:f7:7c:01:9f:c3:75:96:bc:3c:6e:73:d2:2e:d2:15:22:2d: 5f:76:a1:d7:53:85:2c:9d:1c:7f:72:36:8a:5c:c3:b2:88:38: 14:3d:35:36:5b:1e:35:72:19:46:81:b9:e7:3f:cb:61:e8:6e: 93:f7:90:e2:b7:0b:58:13:11:1f:2e:a0:3f:d2:fa:1a:0d:45: 34:21:90:34:55:32:41:83:97:fa:35:86:1f:cf:57:58:a1:76: 13:11:15:2e:27:9a:cb:2f:26:8f:28:32:02:46:35:af:b6:ed: 97:05:74:40:28:67:0e:f4:56:58:47:d9:81:ef:3d:51:e1:99: 45:35:a4:16:ce:62:b6:e2:2d:60:29:c4:58:73:79:e7:47:2c: ce:3c:5c:de:e9:95:44:29:5b:43:d8:ec:24:e5:b2:94:f9:67: 2f:ff:9d:69:6a:0f:62:be:df:9a:cb:1b:e4:ac:76:45:44:68: 7a:27:a0:8e -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDnkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTA4MjIw ODU4MTlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNBNkEwQTAwRDhBQ0U1 MTY3OEY0OEQxNEJBNzZEQTBCMDY5MDY5RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmmtLlOnyPC4jvx9NmXClEEOi2HJJDdVNZIasTR4H3WygWsIw3 8TT6s3PUZEiGGez62qBZ+nhAnGDihpWWx186ayx2JJ0DnpkfUpUZnoJJwfnuJZiP iP92O1DeK8gyuySIGH084E/GRLM3a/ISv1Rn/eAye/GurmpSS0CkXcle337yyUCn kSFYnUHplzUl1z3/1bVMxXUe9bufo9oaMNBsxS4+H0JlOXF6bqRahzD5g78OIoAh ZASBd2sfgS6QCScz93FEKNSKaaOk/l0RmM/03xz3nldfNrwT4FQqNmXIpobapZJt 1e5OCkKKjqYkGbEcwDENYry12nCa96VCnB5PAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUOmoKANis5RZ49I0UunbaCwaQaewwHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9PbW9LQU5pczVSWjQ5STBVdW5i YUN3YVFhZXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTpI MA0GCSqGSIb3DQEBCwUAA4IBAQArZYacVflvAmJQ+b7D6F3AUrmcfNfwQt6lGlcM ngmv7f7WqfEpHlfI9R1BO28cRwb/2Z0cyW9YQY4VZo5TrWuJF2q/+zx677KF93wB n8N1lrw8bnPSLtIVIi1fdqHXU4UsnRx/cjaKXMOyiDgUPTU2Wx41chlGgbnnP8th 6G6T95DitwtYExEfLqA/0voaDUU0IZA0VTJBg5f6NYYfz1dYoXYTERUuJ5rLLyaP KDICRjWvtu2XBXRAKGcO9FZYR9mB7z1R4ZlFNaQWzmK24i1gKcRYc3nnRyzOPFze 6ZVEKVtD2Owk5bKU+Wcv/51pag9ivt+ayxvkrHZFRGh6J6CO -----END CERTIFICATE-----Generated at Wed Nov 5 17:14:28 2025 by rpki-client