$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWINS/hhMYMGOaHFmrV_Wz1RZ5iLOeXkU.roa File: hhMYMGOaHFmrV_Wz1RZ5iLOeXkU.roa (raw, json) Hash identifier: olQ5nKpJYa22CYGMvRXLH1IA+hL3jYOli5T5aglyxCU= Subject key identifier: 86:13:18:30:63:9A:1C:59:AB:57:F5:B3:D5:16:79:88:B3:9E:5E:45 Certificate issuer: /CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791 Certificate serial: 0CCF Authority key identifier: 61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/hhMYMGOaHFmrV_Wz1RZ5iLOeXkU.roa Signing time: Mon 10 Feb 2025 14:05:58 +0000 ROA not before: Mon 10 Feb 2025 14:05:58 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 138915 IP address blocks: 43.224.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 11:07:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3279 (0xccf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791 Validity Not Before: Feb 10 14:05:58 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=86131830639A1C59AB57F5B3D5167988B39E5E45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:8a:c6:2f:f5:2a:66:7f:42:4c:9e:db:55:15: ae:fb:bc:f6:bc:35:8c:69:e5:18:7c:96:45:00:47: 78:9f:68:66:3e:fc:1b:47:b1:8e:35:c4:33:06:59: a0:b4:0e:7d:14:b4:ff:66:f2:5b:7f:04:86:0d:d7: 2f:73:f7:04:29:19:8d:dd:60:34:68:f7:44:8e:b4: 8c:9f:59:02:88:a8:58:02:a1:4c:84:7d:ce:29:43: 3f:7e:e7:1a:f4:d0:0e:c8:94:97:78:9a:f0:05:57: e4:38:49:65:96:6c:b5:da:16:ae:b7:11:cc:da:cc: 1c:3b:66:f2:6f:c7:51:b9:ea:9b:ca:38:45:08:98: 47:c6:63:3a:26:f0:df:5a:f3:c1:7e:e2:70:f1:2b: 74:0b:3d:fe:12:dd:a6:b8:fc:ac:49:4d:fb:1a:e3: f0:70:30:47:15:f5:c8:b7:cd:a9:df:ba:69:ab:14: 18:9a:a0:04:96:91:77:57:2f:f0:0b:8c:14:6f:f1: de:a8:7a:9e:eb:2f:0b:d6:84:db:6b:b5:41:ae:7a: 91:c4:fa:f0:08:c5:c0:33:11:f6:43:6c:bc:48:52: 77:31:a2:bf:96:ab:1f:60:50:ed:ca:e8:35:35:2c: b5:0a:08:cb:03:5c:e6:ea:dc:40:64:f8:4d:77:a8: 22:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:13:18:30:63:9A:1C:59:AB:57:F5:B3:D5:16:79:88:B3:9E:5E:45 X509v3 Authority Key Identifier: keyid:61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/hhMYMGOaHFmrV_Wz1RZ5iLOeXkU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.224.20.0/24 Signature Algorithm: sha256WithRSAEncryption 61:65:66:04:e7:fc:8e:f5:8b:17:74:d4:3e:62:7c:b3:94:71: 1b:6e:7a:85:0f:1a:15:71:28:35:b0:f5:a4:13:58:aa:db:41: 02:d7:75:44:83:46:fb:b5:bf:ea:9f:f9:ad:97:49:2f:5d:1c: a0:6c:25:44:58:7b:17:ac:5a:a0:a7:87:12:23:de:0d:76:ab: c4:b1:9c:98:25:b9:dd:b0:5f:46:48:df:3f:3f:e3:f4:41:90: 15:79:c9:56:23:eb:21:87:a7:98:c4:f1:e4:33:a4:a7:6e:9d: 58:e6:43:0f:61:69:c1:21:21:13:19:6c:fa:bc:d3:d3:85:eb: a0:e9:6e:d2:3e:05:1f:e5:fb:36:5e:72:a0:4a:6e:54:d6:5a: 90:e6:f3:e5:09:ef:4e:39:92:3c:39:7d:45:86:be:e8:fc:86: cc:b9:23:cc:24:ea:d7:7c:6e:a8:12:ac:6b:08:b6:96:0a:18: be:fa:3d:7c:5f:13:17:e3:a2:7b:24:d8:3f:45:ee:50:00:56: c8:92:d6:6b:4c:0c:3b:65:4e:b6:8f:35:72:36:38:36:2f:8e: 44:3e:0d:2f:87:9a:e7:39:e4:6c:c9:4b:6f:eb:76:c1:29:75: 61:f6:d4:b5:7b:85:03:62:04:fe:88:33:80:eb:94:4f:02:27: 4c:1d:7b:a5 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE1 RjlCRDk4Q0M3MEU4ODM2RDAxQTk0ODFDMTlDNUMyRDQ1RDc5MTAeFw0yNTAyMTAx NDA1NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg2MTMxODMwNjM5QTFD NTlBQjU3RjVCM0Q1MTY3OTg4QjM5RTVFNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwisYv9Spmf0JMnttVFa77vPa8NYxp5Rh8lkUAR3ifaGY+/BtH sY41xDMGWaC0Dn0UtP9m8lt/BIYN1y9z9wQpGY3dYDRo90SOtIyfWQKIqFgCoUyE fc4pQz9+5xr00A7IlJd4mvAFV+Q4SWWWbLXaFq63EczazBw7ZvJvx1G56pvKOEUI mEfGYzom8N9a88F+4nDxK3QLPf4S3aa4/KxJTfsa4/BwMEcV9ci3zanfummrFBia oASWkXdXL/ALjBRv8d6oep7rLwvWhNtrtUGuepHE+vAIxcAzEfZDbLxIUncxor+W qx9gUO3K6DU1LLUKCMsDXObq3EBk+E13qCKHAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUhhMYMGOaHFmrV/Wz1RZ5iLOeXkUwHwYDVR0jBBgwFoAUYV+b2YzHDog20BqU gcGcXC1F15EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdJTlMv WVYtYjJZekhEb2cyMEJxVWdjR2NYQzFGMTVFLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9ZVi1iMll6SERvZzIwQnFVZ2NHY1hDMUYxNUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9EV0lOUy9oaE1ZTUdPYUhGbXJWX1d6MVJa NWlMT2VYa1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK+AU MA0GCSqGSIb3DQEBCwUAA4IBAQBhZWYE5/yO9YsXdNQ+YnyzlHEbbnqFDxoVcSg1 sPWkE1iq20EC13VEg0b7tb/qn/mtl0kvXRygbCVEWHsXrFqgp4cSI94NdqvEsZyY JbndsF9GSN8/P+P0QZAVeclWI+shh6eYxPHkM6Snbp1Y5kMPYWnBISETGWz6vNPT heug6W7SPgUf5fs2XnKgSm5U1lqQ5vPlCe9OOZI8OX1Fhr7o/IbMuSPMJOrXfG6o EqxrCLaWChi++j18XxMX46J7JNg/Re5QAFbIktZrTAw7ZU62jzVyNjg2L45EPg0v h5rnOeRsyUtv63bBKXVh9tS1e4UDYgT+iDOA65RPAidMHXul -----END CERTIFICATE-----Generated at Wed Apr 9 09:58:10 2025 by rpki-client