$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/Wo39H8OBw13YpMUNSOL3qYIMkY0.roa File: Wo39H8OBw13YpMUNSOL3qYIMkY0.roa (raw, json) Hash identifier: 5ll0oAu62Ii7vdhXbi8zEyOhNidIDMHgC0qL4Gy2tyo= Subject key identifier: 5A:8D:FD:1F:C3:81:C3:5D:D8:A4:C5:0D:48:E2:F7:A9:82:0C:91:8D Certificate issuer: /CN=A082F5D992E6BC25E08997538616180702E857C3 Certificate serial: 041B Authority key identifier: A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/Wo39H8OBw13YpMUNSOL3qYIMkY0.roa Signing time: Mon 10 Feb 2025 14:04:27 +0000 ROA not before: Mon 10 Feb 2025 14:04:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38008 IP address blocks: 2406:d7c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1051 (0x41b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A082F5D992E6BC25E08997538616180702E857C3 Validity Not Before: Feb 10 14:04:27 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5A8DFD1FC381C35DD8A4C50D48E2F7A9820C918D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:95:68:da:5b:fc:96:6c:fb:d9:19:d7:cf:56: d6:64:60:00:e4:a6:1c:d3:52:c7:90:0e:78:f1:65: c0:61:d9:6b:de:3a:9c:d0:43:10:80:83:67:b1:a3: 6e:80:bc:31:53:21:14:1f:fc:12:a0:2a:9e:f3:33: a0:02:68:3a:c5:9a:ab:f6:eb:ac:ce:b0:c8:25:c7: 36:ce:80:83:20:7a:ec:f5:dc:95:11:81:38:cb:e6: ce:67:bb:55:28:28:59:be:f0:50:c0:c9:68:0c:63: 6f:57:33:1d:14:2c:8f:0d:e0:6f:cd:1e:74:d8:2d: 7b:63:12:f9:23:11:ab:70:c7:9f:b8:23:b6:24:64: 14:2b:d0:52:d5:ee:3e:b4:63:fa:af:35:18:57:c7: 8b:f3:a2:20:a4:30:e6:ae:04:7e:9a:0e:b0:96:7a: a6:74:14:97:50:3f:56:7b:91:9a:fc:4d:8c:d8:38: fd:11:94:98:d2:f1:e5:c5:5d:4f:d0:fe:50:8e:c4: bc:34:2f:a8:75:23:27:44:25:21:2b:08:be:14:cc: 83:28:37:68:da:e9:d6:17:56:34:f2:a3:42:8b:41: 09:16:aa:ef:29:c2:e0:76:b8:4d:5a:5f:8b:8e:4c: 83:3a:27:9c:4c:bb:39:28:b5:79:20:47:bb:59:5b: b7:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:8D:FD:1F:C3:81:C3:5D:D8:A4:C5:0D:48:E2:F7:A9:82:0C:91:8D X509v3 Authority Key Identifier: keyid:A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/Wo39H8OBw13YpMUNSOL3qYIMkY0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:d7c0::/32 Signature Algorithm: sha256WithRSAEncryption 3f:f2:10:03:25:18:4e:b9:39:1b:16:dc:74:f6:e0:9c:4c:0d: 38:00:7c:16:0e:86:f5:f7:73:d1:c7:ed:a1:1b:1a:9a:a1:72: ba:ba:f0:ef:ca:2c:f1:3a:5b:80:f8:73:d3:0c:cd:8a:50:9a: e0:62:2b:d3:0f:f0:99:0d:be:39:45:a2:47:4b:45:23:81:54: db:84:50:91:c7:5e:9b:df:f7:6d:f6:cb:00:88:0a:89:dc:a7: 37:7f:28:50:fc:72:6d:ea:fb:e1:7b:bc:9e:55:3e:d8:48:4e: f8:0e:09:1d:cc:60:68:af:70:8c:46:dc:57:b2:b7:33:14:3b: c2:d4:36:30:9c:d6:ec:3b:23:5f:17:cf:87:81:7f:31:45:cc: 05:81:59:93:61:36:47:9c:81:30:c5:7b:e7:f1:dc:b9:ae:b5: 73:a8:0f:6f:e2:ce:fa:18:6e:65:6d:23:52:66:f3:b9:e2:2f: b3:1a:25:72:de:b1:08:64:63:28:48:53:e6:ab:e1:a0:b4:ec: 75:34:68:07:69:86:68:17:a2:4e:93:e7:61:4b:ab:2e:48:1a: 4d:8e:67:df:d1:f4:bc:39:9e:a1:90:6a:a6:b6:62:ff:87:8d: 00:be:6d:78:9c:11:86:b8:ba:b8:20:42:fb:78:4d:3e:1b:1a: ea:24:17:40 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICBBswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTA4 MkY1RDk5MkU2QkMyNUUwODk5NzUzODYxNjE4MDcwMkU4NTdDMzAeFw0yNTAyMTAx NDA0MjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVBOERGRDFGQzM4MUMz NUREOEE0QzUwRDQ4RTJGN0E5ODIwQzkxOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7lWjaW/yWbPvZGdfPVtZkYADkphzTUseQDnjxZcBh2WveOpzQ QxCAg2exo26AvDFTIRQf/BKgKp7zM6ACaDrFmqv266zOsMglxzbOgIMgeuz13JUR gTjL5s5nu1UoKFm+8FDAyWgMY29XMx0ULI8N4G/NHnTYLXtjEvkjEatwx5+4I7Yk ZBQr0FLV7j60Y/qvNRhXx4vzoiCkMOauBH6aDrCWeqZ0FJdQP1Z7kZr8TYzYOP0R lJjS8eXFXU/Q/lCOxLw0L6h1IydEJSErCL4UzIMoN2ja6dYXVjTyo0KLQQkWqu8p wuB2uE1aX4uOTIM6J5xMuzkotXkgR7tZW7fxAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUWo39H8OBw13YpMUNSOL3qYIMkY0wHwYDVR0jBBgwFoAUoIL12ZLmvCXgiZdT hhYYBwLoV8MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVL L29JTDEyWkxtdkNYZ2laZFRoaFlZQndMb1Y4TS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0Evb0lMMTJaTG12Q1hnaVpkVGhoWVlCd0xvVjhNLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVLL1dvMzlIOE9CdzEzWXBNVU5T T0wzcVlJTWtZMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk BtfAMA0GCSqGSIb3DQEBCwUAA4IBAQA/8hADJRhOuTkbFtx09uCcTA04AHwWDob1 93PRx+2hGxqaoXK6uvDvyizxOluA+HPTDM2KUJrgYivTD/CZDb45RaJHS0UjgVTb hFCRx16b3/dt9ssAiAqJ3Kc3fyhQ/HJt6vvhe7yeVT7YSE74DgkdzGBor3CMRtxX srczFDvC1DYwnNbsOyNfF8+HgX8xRcwFgVmTYTZHnIEwxXvn8dy5rrVzqA9v4s76 GG5lbSNSZvO54i+zGiVy3rEIZGMoSFPmq+GgtOx1NGgHaYZoF6JOk+dhS6suSBpN jmff0fS8OZ6hkGqmtmL/h40Avm14nBGGuLq4IEL7eE0+GxrqJBdA -----END CERTIFICATE-----Generated at Fri Apr 18 22:41:05 2025 by rpki-client