$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/a-fvCV_UgnInv6hYd9FEW3er4Ak.roa File: a-fvCV_UgnInv6hYd9FEW3er4Ak.roa (raw, json) Hash identifier: KkCMyzjydS7IVP8FMnUfep38ydB6njKc8B8PZSbRmgk= Subject key identifier: 6B:E7:EF:09:5F:D4:82:72:27:BF:A8:58:77:D1:44:5B:77:AB:E0:09 Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Certificate serial: 01C1 Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/a-fvCV_UgnInv6hYd9FEW3er4Ak.roa Signing time: Mon 10 Feb 2025 14:21:24 +0000 ROA not before: Mon 10 Feb 2025 14:21:24 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38842 IP address blocks: 2406:f340::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 16:47:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 449 (0x1c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Validity Not Before: Feb 10 14:21:24 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=6BE7EF095FD4827227BFA85877D1445B77ABE009 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:72:37:6b:be:b2:16:c0:b9:30:27:9f:5c:cc: 65:55:6a:06:bc:c8:79:90:e6:5e:51:d6:2d:30:4c: 04:7b:96:93:9a:63:9b:d8:fb:f7:65:f4:91:eb:e8: 39:5f:24:27:c0:88:91:c6:a3:61:ec:32:93:46:4e: f5:10:2e:27:86:4d:5f:dd:22:2b:e4:a4:4d:4d:52: 31:b7:c3:04:ba:76:c7:ef:aa:aa:75:a8:17:92:13: e1:a7:46:6e:f7:a2:c7:3a:be:00:31:51:b9:50:2a: 53:ce:b6:7c:20:26:12:29:58:8a:ce:dd:07:6f:95: 8d:b5:a5:3c:57:64:76:30:44:fd:5e:73:e7:4b:12: 23:eb:71:1f:a4:ac:3c:68:34:da:a2:3e:44:1f:b3: 6a:8b:91:14:a4:4f:f6:4d:98:d3:34:3d:e6:36:4d: 27:b6:e5:ae:a9:49:a3:3b:30:ea:e1:54:30:de:55: cd:ec:d8:2a:ea:81:24:bd:4c:8d:3e:48:a6:a9:12: 03:c1:21:39:c9:53:f5:4a:1a:bf:c8:22:87:0b:b0: 92:c9:2f:43:e2:e3:39:a6:fa:6a:28:ec:4c:60:d6: 95:fd:74:2c:ad:8f:b2:44:78:8a:0e:f0:c2:49:78: cc:db:ff:4e:43:d9:ca:b9:e5:85:5c:dc:72:b8:61: b0:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:E7:EF:09:5F:D4:82:72:27:BF:A8:58:77:D1:44:5B:77:AB:E0:09 X509v3 Authority Key Identifier: keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/a-fvCV_UgnInv6hYd9FEW3er4Ak.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:f340::/32 Signature Algorithm: sha256WithRSAEncryption 32:e3:ab:22:0c:20:64:20:7e:d9:f6:e4:f9:b5:16:82:95:e1: 8c:c2:b6:c3:de:4d:4f:d3:ec:91:7e:52:03:78:4a:25:cc:be: 9f:ec:5d:6c:88:10:94:a2:b0:9e:af:c2:cb:84:fe:b3:f4:46: ad:eb:f7:80:00:d1:78:68:be:72:af:ad:4d:40:ef:ca:15:d5: 0e:72:47:71:39:aa:19:f6:26:40:31:93:ef:96:24:25:16:97: 64:7d:c7:de:a4:0c:26:93:f0:09:50:6f:69:dd:b8:7e:83:74: f0:43:bb:6f:d1:07:a1:73:60:47:2d:84:3f:e8:79:fc:46:23: 98:8c:21:a2:65:55:25:42:d9:fc:b2:23:aa:5a:60:fe:26:07: fe:f4:f8:0b:b3:2e:a5:d2:43:d9:c1:88:6f:e0:9f:ef:c3:8e: a7:37:d9:c3:42:86:79:e8:38:b4:59:fd:3d:5a:89:e2:75:62: 9c:ce:3e:78:5a:f4:b2:52:43:e3:90:0f:18:68:82:56:c6:c3: 34:94:85:31:b7:ae:18:61:d1:2d:7e:fd:39:cd:2c:3d:65:14: 4b:9d:27:00:7e:47:11:36:9b:61:d9:91:39:9d:60:19:b6:c0: 0c:5f:24:c4:09:23:f9:9e:28:c3:36:bf:f6:a6:41:30:b1:04: ba:dd:06:4c -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICAcEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjc3 ODk1RTY0QkU0MUI3MTgyNjY0RTEzNDVDRDU3RTVEMzZBMUFGMjAeFw0yNTAyMTAx NDIxMjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDZCRTdFRjA5NUZENDgy NzIyN0JGQTg1ODc3RDE0NDVCNzdBQkUwMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMcjdrvrIWwLkwJ59czGVVaga8yHmQ5l5R1i0wTAR7lpOaY5vY +/dl9JHr6DlfJCfAiJHGo2HsMpNGTvUQLieGTV/dIivkpE1NUjG3wwS6dsfvqqp1 qBeSE+GnRm73osc6vgAxUblQKlPOtnwgJhIpWIrO3QdvlY21pTxXZHYwRP1ec+dL EiPrcR+krDxoNNqiPkQfs2qLkRSkT/ZNmNM0PeY2TSe25a6pSaM7MOrhVDDeVc3s 2CrqgSS9TI0+SKapEgPBITnJU/VKGr/IIocLsJLJL0Pi4zmm+moo7Exg1pX9dCyt j7JEeIoO8MJJeMzb/05D2cq55YVc3HK4YbBlAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUa+fvCV/UgnInv6hYd9FEW3er4AkwHwYDVR0jBBgwFoAUJ3iV5kvkG3GCZk4T Rc1X5dNqGvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVU L0ozaVY1a3ZrRzNHQ1prNFRSYzFYNWROcUd2SS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVUL2EtZnZDVl9VZ25JbnY2aFlk OUZFVzNlcjRBay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk BvNAMA0GCSqGSIb3DQEBCwUAA4IBAQAy46siDCBkIH7Z9uT5tRaCleGMwrbD3k1P 0+yRflIDeEolzL6f7F1siBCUorCer8LLhP6z9Eat6/eAANF4aL5yr61NQO/KFdUO ckdxOaoZ9iZAMZPvliQlFpdkfcfepAwmk/AJUG9p3bh+g3TwQ7tv0Qehc2BHLYQ/ 6Hn8RiOYjCGiZVUlQtn8siOqWmD+Jgf+9PgLsy6l0kPZwYhv4J/vw46nN9nDQoZ5 6Di0Wf09WonidWKczj54WvSyUkPjkA8YaIJWxsM0lIUxt64YYdEtfv05zSw9ZRRL nScAfkcRNpth2ZE5nWAZtsAMXyTECSP5nijDNr/2pkEwsQS63QZM -----END CERTIFICATE-----Generated at Sat Apr 19 15:33:13 2025 by rpki-client