$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CLARK/2TblsBKiiohYgYRCsXYZMAeHMe4.roa File: 2TblsBKiiohYgYRCsXYZMAeHMe4.roa (raw, json) Hash identifier: Cchh/qLAW+/z6TruQPMK8gI7oZt/p6iJiWjrggV/meI= Subject key identifier: D9:36:E5:B0:12:A2:8A:88:58:81:84:42:B1:76:19:30:07:87:31:EE Certificate issuer: /CN=74AF0402FEF56C34A192D1D2185E6FB546AA702C Certificate serial: 01DD Authority key identifier: 74:AF:04:02:FE:F5:6C:34:A1:92:D1:D2:18:5E:6F:B5:46:AA:70:2C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/dK8EAv71bDShktHSGF5vtUaqcCw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/2TblsBKiiohYgYRCsXYZMAeHMe4.roa Signing time: Mon 10 Feb 2025 14:22:38 +0000 ROA not before: Mon 10 Feb 2025 14:22:38 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 63910 IP address blocks: 2400:f420::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/dK8EAv71bDShktHSGF5vtUaqcCw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/dK8EAv71bDShktHSGF5vtUaqcCw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/dK8EAv71bDShktHSGF5vtUaqcCw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 477 (0x1dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74AF0402FEF56C34A192D1D2185E6FB546AA702C Validity Not Before: Feb 10 14:22:38 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D936E5B012A28A8858818442B1761930078731EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:59:8d:1f:ae:32:ad:7d:ca:2f:eb:2e:ec:cc: b4:4c:77:5d:49:32:e1:8a:7c:fb:24:61:59:8e:68: 52:b7:ef:ed:ef:14:84:2c:9b:3c:04:40:c5:7c:d1: 7d:cd:2d:f5:69:2d:f1:fc:02:f0:2d:45:cf:09:77: e7:30:19:7f:48:c4:33:78:ac:c2:ac:72:88:34:c5: 6f:71:d6:62:b3:5e:71:d1:01:7b:04:ae:e9:36:6c: 17:90:f3:8b:af:ec:9a:8f:ce:f9:46:37:5a:e9:bf: cc:ab:7f:eb:ee:82:00:cb:e6:28:32:a0:2a:d2:56: da:1c:b9:5a:1e:b5:04:05:b8:c3:5c:c0:ed:8a:6f: 70:85:81:c5:11:c1:73:03:79:75:b0:a9:ee:22:76: 64:e0:86:0f:dc:b0:64:f0:09:0f:39:4d:06:bb:93: 37:78:99:84:56:76:45:1a:f8:f1:72:b3:70:62:1a: 18:74:9c:c4:28:99:47:a1:b2:70:c4:15:d1:27:1f: 8b:bf:f6:49:25:1f:b8:b9:85:75:dd:1a:d2:21:92: 0d:e7:5f:32:33:52:85:b6:2f:ec:61:2b:1c:ff:5f: b4:fd:fd:32:d3:e2:9b:d4:77:d8:5a:13:f8:75:b1: 89:ad:e5:75:94:00:31:28:e1:af:0f:35:93:26:58: 6a:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:36:E5:B0:12:A2:8A:88:58:81:84:42:B1:76:19:30:07:87:31:EE X509v3 Authority Key Identifier: keyid:74:AF:04:02:FE:F5:6C:34:A1:92:D1:D2:18:5E:6F:B5:46:AA:70:2C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/dK8EAv71bDShktHSGF5vtUaqcCw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/dK8EAv71bDShktHSGF5vtUaqcCw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/2TblsBKiiohYgYRCsXYZMAeHMe4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:f420::/32 Signature Algorithm: sha256WithRSAEncryption a2:65:71:1b:66:63:c1:e6:9e:3c:55:4f:4f:a5:33:12:e6:83: 84:ab:59:aa:4e:0a:d7:02:3d:2d:39:2e:dd:2a:e9:77:09:76: d0:96:3b:56:7d:96:19:ac:4b:bf:8b:8f:d6:ec:39:cf:07:45: 15:bc:a7:c1:52:b1:ed:bb:9b:56:dd:13:25:51:1b:0c:a4:2b: 1e:37:9f:92:cd:12:e1:52:74:90:bb:67:d6:0d:7a:9b:0b:6f: 90:6e:ab:65:b5:6c:ed:3f:ed:52:0e:f2:e8:41:75:7c:d2:57: b1:7b:c3:b1:84:fa:aa:0f:65:18:32:97:bc:ea:af:7b:b8:93: 7a:ff:79:da:71:54:29:aa:6e:be:fc:0b:08:8c:4e:33:19:08: c0:56:d0:08:01:72:a3:3f:f3:ca:31:b0:24:d5:73:42:08:17: a5:00:f8:5a:61:48:65:7e:bb:58:1b:e2:89:b0:31:dd:a4:a8: 05:02:1b:62:3e:c2:ef:15:ee:e4:8b:15:99:18:13:aa:eb:96: d4:e4:a2:dc:1c:fd:dd:aa:90:52:f8:fc:42:17:8e:5b:59:a1: de:99:6d:16:3a:00:ba:b4:d4:c1:b4:7a:49:ba:70:88:d8:b3: ad:fb:a9:e0:a6:db:ca:a4:ee:5e:b0:fc:4b:8b:0e:27:75:fb: ae:5e:5c:a9 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICAd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzRB RjA0MDJGRUY1NkMzNEExOTJEMUQyMTg1RTZGQjU0NkFBNzAyQzAeFw0yNTAyMTAx NDIyMzhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ5MzZFNUIwMTJBMjhB ODg1ODgxODQ0MkIxNzYxOTMwMDc4NzMxRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEWY0frjKtfcov6y7szLRMd11JMuGKfPskYVmOaFK37+3vFIQs mzwEQMV80X3NLfVpLfH8AvAtRc8Jd+cwGX9IxDN4rMKscog0xW9x1mKzXnHRAXsE ruk2bBeQ84uv7JqPzvlGN1rpv8yrf+vuggDL5igyoCrSVtocuVoetQQFuMNcwO2K b3CFgcURwXMDeXWwqe4idmTghg/csGTwCQ85TQa7kzd4mYRWdkUa+PFys3BiGhh0 nMQomUehsnDEFdEnH4u/9kklH7i5hXXdGtIhkg3nXzIzUoW2L+xhKxz/X7T9/TLT 4pvUd9haE/h1sYmt5XWUADEo4a8PNZMmWGrXAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQU2TblsBKiiohYgYRCsXYZMAeHMe4wHwYDVR0jBBgwFoAUdK8EAv71bDShktHS GF5vtUaqcCwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0xBUksv ZEs4RUF2NzFiRFNoa3RIU0dGNXZ0VWFxY0N3LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9kSzhFQXY3MWJEU2hrdEhTR0Y1dnRVYXFjQ3cuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DTEFSSy8yVGJsc0JLaWlvaFlnWVJDc1hZ Wk1BZUhNZTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAD0 IDANBgkqhkiG9w0BAQsFAAOCAQEAomVxG2ZjweaePFVPT6UzEuaDhKtZqk4K1wI9 LTku3Srpdwl20JY7Vn2WGaxLv4uP1uw5zwdFFbynwVKx7bubVt0TJVEbDKQrHjef ks0S4VJ0kLtn1g16mwtvkG6rZbVs7T/tUg7y6EF1fNJXsXvDsYT6qg9lGDKXvOqv e7iTev952nFUKapuvvwLCIxOMxkIwFbQCAFyoz/zyjGwJNVzQggXpQD4WmFIZX67 WBviibAx3aSoBQIbYj7C7xXu5IsVmRgTquuW1OSi3Bz93aqQUvj8QheOW1mh3plt FjoAurTUwbR6SbpwiNizrfup4KbbyqTuXrD8S4sOJ3X7rl5cqQ== -----END CERTIFICATE-----Generated at Fri Apr 18 23:44:54 2025 by rpki-client