$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/zYLt-MYlRQf6gKTqfVdhDxKdAqQ.roa File: zYLt-MYlRQf6gKTqfVdhDxKdAqQ.roa (raw, json) Hash identifier: MR5z8FbxlSB+grCpgZmLewNlf+l2LSjT4oMQKcQjN5Q= Subject key identifier: CD:82:ED:F8:C6:25:45:07:FA:80:A4:EA:7D:57:61:0F:12:9D:02:A4 Certificate issuer: /CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC Certificate serial: 09DB Authority key identifier: CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/zYLt-MYlRQf6gKTqfVdhDxKdAqQ.roa Signing time: Fri 22 Aug 2025 08:50:45 +0000 ROA not before: Fri 22 Aug 2025 08:50:45 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9678 IP address blocks: 2405:fbc0:111::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2523 (0x9db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC Validity Not Before: Aug 22 08:50:45 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=CD82EDF8C6254507FA80A4EA7D57610F129D02A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a4:05:30:48:1a:cc:f8:14:2d:c2:9f:ad:0f: a8:a2:cd:7c:46:48:34:48:29:05:ce:e6:6d:4b:a0: 41:e4:7d:e2:06:8b:dc:a7:18:17:fa:3a:70:f2:ff: 24:66:b8:10:40:c8:7c:f4:8e:56:cc:be:60:be:be: 59:ef:1c:ea:5a:b2:95:fd:2f:d9:7a:8d:4c:7c:94: 1b:4d:eb:36:a4:26:ff:b5:51:6b:4f:e8:db:30:fb: e6:dd:a4:11:fb:21:e2:32:42:36:e2:15:8b:cd:30: cc:58:35:ba:60:37:38:75:b6:e1:5c:ee:79:16:9c: c3:8b:ae:5c:c1:6c:49:86:16:06:ff:97:c9:4a:b1: 7b:27:02:13:89:54:06:40:a5:a9:1e:c4:82:b6:08: 2d:b7:d2:ce:ce:bb:83:13:cc:a5:cb:7c:53:5d:06: 2b:3f:49:a6:d2:54:bc:6f:9f:25:c9:a6:27:34:12: fe:0b:3a:ae:e9:73:11:77:86:82:7d:97:46:34:74: a3:79:dc:55:9a:c7:04:6b:fd:eb:e7:0e:d3:69:0b: 6d:2e:48:3c:65:7b:4e:f7:b9:25:23:d7:19:89:4a: 37:08:42:be:36:d5:87:01:6a:7a:0d:3d:20:e6:2d: 8c:d5:bd:20:d5:47:13:86:45:3e:e5:29:7d:a0:11: 31:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:82:ED:F8:C6:25:45:07:FA:80:A4:EA:7D:57:61:0F:12:9D:02:A4 X509v3 Authority Key Identifier: keyid:CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/zYLt-MYlRQf6gKTqfVdhDxKdAqQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:fbc0:111::/48 Signature Algorithm: sha256WithRSAEncryption 9a:5b:de:57:e7:bc:4e:bc:f0:89:e2:93:2c:13:d2:4c:63:ce: a3:ce:f9:6d:23:59:11:63:60:89:57:a6:f9:23:b6:35:a4:f9: 27:29:90:51:cb:de:02:b3:9f:65:8b:bb:80:ba:62:af:34:d6: 59:d3:73:cf:a0:6c:20:e6:17:c9:25:56:4e:ca:94:57:cb:9e: 7d:79:a5:3c:6a:e4:ac:12:41:b7:7e:67:d8:b2:69:9b:3d:d9: 29:1c:76:b5:f0:66:fa:a7:6b:1a:c8:a2:a5:71:d0:58:f2:64: 42:9e:67:9b:40:13:83:36:63:b6:94:0d:4c:fc:58:54:51:62: 5c:4f:fd:b4:67:31:91:5c:41:ef:c3:14:e0:05:9e:2f:3f:e3: 68:ce:bd:b0:72:84:60:5b:f0:e2:a8:d9:3b:43:a1:36:2f:d9: 82:2a:2c:91:fb:aa:1f:aa:dd:58:4d:00:0e:cb:e1:71:e8:25: 0a:b5:0a:ea:0a:3c:72:af:6e:51:93:3b:a4:e4:3b:8b:03:8e: 89:36:3a:26:01:0a:d3:7f:1e:87:ea:47:3c:27:fa:55:0e:1e: 50:ab:e0:e7:89:34:29:27:40:bd:2a:55:28:df:a8:a9:f8:f9: 36:83:a3:38:13:24:da:c0:63:e2:00:83:0f:0a:7e:c8:de:2a: 59:cc:63:c9 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICCdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0FE NTI3MDIyQzhDRDA3NTY4RUM5RkM4MkExQ0UwRERFNUIyQzRBQzAeFw0yNTA4MjIw ODUwNDVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKENEODJFREY4QzYyNTQ1 MDdGQTgwQTRFQTdENTc2MTBGMTI5RDAyQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGpAUwSBrM+BQtwp+tD6iizXxGSDRIKQXO5m1LoEHkfeIGi9yn GBf6OnDy/yRmuBBAyHz0jlbMvmC+vlnvHOpaspX9L9l6jUx8lBtN6zakJv+1UWtP 6Nsw++bdpBH7IeIyQjbiFYvNMMxYNbpgNzh1tuFc7nkWnMOLrlzBbEmGFgb/l8lK sXsnAhOJVAZApakexIK2CC230s7Ou4MTzKXLfFNdBis/SabSVLxvnyXJpic0Ev4L Oq7pcxF3hoJ9l0Y0dKN53FWaxwRr/evnDtNpC20uSDxle073uSUj1xmJSjcIQr42 1YcBanoNPSDmLYzVvSDVRxOGRT7lKX2gETFTAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUzYLt+MYlRQf6gKTqfVdhDxKdAqQwHwYDVR0jBBgwFoAUytUnAiyM0HVo7J/I Khzg3eWyxKwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdCRVNU V0FSRS95dFVuQWl5TTBIVm83Sl9JS2h6ZzNlV3l4S3cuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL3l0VW5BaXlNMEhWbzdKX0lLaHpnM2VXeXhLdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXQkVTVFdBUkUvellMdC1NWWxS UWY2Z0tUcWZWZGhEeEtkQXFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQC AAIwCQMHACQF+8ABETANBgkqhkiG9w0BAQsFAAOCAQEAmlveV+e8TrzwieKTLBPS TGPOo875bSNZEWNgiVem+SO2NaT5JymQUcveArOfZYu7gLpirzTWWdNzz6BsIOYX ySVWTsqUV8uefXmlPGrkrBJBt35n2LJpmz3ZKRx2tfBm+qdrGsiipXHQWPJkQp5n m0ATgzZjtpQNTPxYVFFiXE/9tGcxkVxB78MU4AWeLz/jaM69sHKEYFvw4qjZO0Oh Ni/ZgioskfuqH6rdWE0ADsvhceglCrUK6go8cq9uUZM7pOQ7iwOOiTY6JgEK038e h+pHPCf6VQ4eUKvg54k0KSdAvSpVKN+oqfj5NoOjOBMk2sBj4gCDDwp+yN4qWcxj yQ== -----END CERTIFICATE-----Generated at Wed Nov 5 22:30:14 2025 by rpki-client