$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/t4WvXU-zA9EWBSzxnWrOEhUgTk8.roa File: t4WvXU-zA9EWBSzxnWrOEhUgTk8.roa (raw, json) Hash identifier: 3R6q3V4PJdnXnqjWfE6pZzQ5EZNQYRRV9VaM/iPAQTc= Subject key identifier: B7:85:AF:5D:4F:B3:03:D1:16:05:2C:F1:9D:6A:CE:12:15:20:4E:4F Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Certificate serial: 01C3 Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/t4WvXU-zA9EWBSzxnWrOEhUgTk8.roa Signing time: Mon 10 Feb 2025 14:21:24 +0000 ROA not before: Mon 10 Feb 2025 14:21:24 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38842 IP address blocks: 103.160.226.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 10:48:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 451 (0x1c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Validity Not Before: Feb 10 14:21:24 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B785AF5D4FB303D116052CF19D6ACE1215204E4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:84:05:70:f3:fa:a1:ec:66:92:84:fc:b4:17: 86:c6:38:3b:1a:29:a3:9b:f5:84:40:36:c3:c2:94: 98:2e:9b:d1:31:10:fa:ab:ba:19:2e:09:4b:fd:10: 07:f1:5c:6b:f7:f3:e1:26:35:c0:16:c8:ff:6f:13: 95:0d:5e:6c:e3:6e:f4:81:e5:22:66:16:39:3e:6d: 31:12:8b:66:d0:b9:44:66:cd:90:35:75:ec:01:a2: dc:72:1f:f1:c1:90:1d:cb:3a:07:68:c1:f4:cd:d8: 15:c7:b0:dc:d6:fa:db:55:7f:42:c7:0b:2f:c9:a0: ce:7f:ae:c3:a0:4c:f2:3d:fc:3a:4d:27:1e:fd:3c: 2f:49:b0:0f:1d:fd:cc:c2:7c:0c:1b:5d:0b:41:da: 3d:49:08:9d:ba:da:c2:7b:f0:89:0c:c9:02:2c:60: 4f:bf:14:e8:21:1b:24:62:ed:6e:fe:9f:6d:4c:8f: 4d:59:3e:eb:f1:9a:5e:02:68:2e:e0:c4:9c:fa:68: ac:7e:3a:35:5f:eb:db:4d:64:e4:92:f7:68:e2:ff: b3:20:46:51:76:cc:42:d8:59:86:93:eb:65:4c:50: 22:6b:df:d0:e7:f1:96:bb:2f:98:c8:43:a2:7a:ff: 4b:d5:12:01:00:9a:ac:db:60:fe:6f:8c:99:7b:a8: 6b:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:85:AF:5D:4F:B3:03:D1:16:05:2C:F1:9D:6A:CE:12:15:20:4E:4F X509v3 Authority Key Identifier: keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/t4WvXU-zA9EWBSzxnWrOEhUgTk8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.160.226.0/23 Signature Algorithm: sha256WithRSAEncryption 09:10:33:e0:d8:c4:6c:58:a1:88:9a:02:a9:44:49:04:3e:b9: a9:f7:97:c1:6f:ea:bb:64:cd:f3:9d:b6:5e:29:52:40:7f:94: 00:e0:f9:c6:36:67:af:0b:f6:4e:fe:fc:87:d7:29:fe:48:c1: a7:da:c7:aa:2c:c7:0e:52:25:29:70:e2:ec:05:56:d5:48:ca: f2:8c:76:7f:fd:85:f5:1d:16:1c:f2:6d:53:4a:c1:b3:22:19: 90:fc:e5:bb:f1:7b:7a:fc:18:21:d6:ab:32:de:55:63:9e:d8: d0:96:30:ff:fb:d8:45:f6:8f:12:a4:c5:ff:5c:b0:f1:90:36: 2b:01:0e:0d:30:52:2b:06:97:c3:5d:42:51:a5:ee:b0:0c:f8: d0:3c:b8:7d:39:b8:86:36:82:9c:b2:7c:3d:5e:57:e3:7f:ba: 8c:1c:33:19:2c:77:8a:e2:df:8b:2f:22:10:19:f2:57:d9:51: 41:66:84:11:de:60:c0:af:7e:37:51:5c:b9:d5:d9:e8:4d:e0: 12:5c:64:28:d6:84:bb:46:20:1a:d6:6a:a9:21:0f:23:61:ac: 7c:3d:b1:7a:ad:3b:ef:58:f5:32:4e:cb:45:b8:83:68:11:70: 54:e6:28:92:da:d2:7b:4d:ba:6f:94:bf:c3:7f:0f:87:fd:77: b2:68:24:bf -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICAcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjc3 ODk1RTY0QkU0MUI3MTgyNjY0RTEzNDVDRDU3RTVEMzZBMUFGMjAeFw0yNTAyMTAx NDIxMjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI3ODVBRjVENEZCMzAz RDExNjA1MkNGMTlENkFDRTEyMTUyMDRFNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvhAVw8/qh7GaShPy0F4bGODsaKaOb9YRANsPClJgum9ExEPqr uhkuCUv9EAfxXGv38+EmNcAWyP9vE5UNXmzjbvSB5SJmFjk+bTESi2bQuURmzZA1 dewBotxyH/HBkB3LOgdowfTN2BXHsNzW+ttVf0LHCy/JoM5/rsOgTPI9/DpNJx79 PC9JsA8d/czCfAwbXQtB2j1JCJ262sJ78IkMyQIsYE+/FOghGyRi7W7+n21Mj01Z Puvxml4CaC7gxJz6aKx+OjVf69tNZOSS92ji/7MgRlF2zELYWYaT62VMUCJr39Dn 8Za7L5jIQ6J6/0vVEgEAmqzbYP5vjJl7qGsvAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUt4WvXU+zA9EWBSzxnWrOEhUgTk8wHwYDVR0jBBgwFoAUJ3iV5kvkG3GCZk4T Rc1X5dNqGvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVU L0ozaVY1a3ZrRzNHQ1prNFRSYzFYNWROcUd2SS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVUL3Q0V3ZYVS16QTlFV0JTenhu V3JPRWhVZ1RrOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn oOIwDQYJKoZIhvcNAQELBQADggEBAAkQM+DYxGxYoYiaAqlESQQ+uan3l8Fv6rtk zfOdtl4pUkB/lADg+cY2Z68L9k7+/IfXKf5Iwafax6osxw5SJSlw4uwFVtVIyvKM dn/9hfUdFhzybVNKwbMiGZD85bvxe3r8GCHWqzLeVWOe2NCWMP/72EX2jxKkxf9c sPGQNisBDg0wUisGl8NdQlGl7rAM+NA8uH05uIY2gpyyfD1eV+N/uowcMxksd4ri 34svIhAZ8lfZUUFmhBHeYMCvfjdRXLnV2ehN4BJcZCjWhLtGIBrWaqkhDyNhrHw9 sXqtO+9Y9TJOy0W4g2gRcFTmKJLa0ntNum+Uv8N/D4f9d7JoJL8= -----END CERTIFICATE-----Generated at Wed Apr 23 07:46:03 2025 by rpki-client