$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWINS/ulzSpZ_xIQb7bESJcQDqgFSdO2E.roa File: ulzSpZ_xIQb7bESJcQDqgFSdO2E.roa (raw, json) Hash identifier: 0vCyhPhc7YQad9Iq3RyKgs1zIf6QQ63oZtBlPpOOTA8= Subject key identifier: BA:5C:D2:A5:9F:F1:21:06:FB:6C:44:89:71:00:EA:80:54:9D:3B:61 Certificate issuer: /CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791 Certificate serial: 0CCC Authority key identifier: 61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/ulzSpZ_xIQb7bESJcQDqgFSdO2E.roa Signing time: Mon 10 Feb 2025 14:05:57 +0000 ROA not before: Mon 10 Feb 2025 14:05:57 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 136173 IP address blocks: 43.224.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 02:36:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3276 (0xccc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791 Validity Not Before: Feb 10 14:05:57 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=BA5CD2A59FF12106FB6C44897100EA80549D3B61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d2:34:80:ef:2e:3c:38:0e:40:ea:9d:91:41: c3:29:a3:c1:07:a5:4e:dc:9f:c0:a1:f9:dc:72:90: 99:30:25:ed:57:37:58:bd:5b:ee:20:db:e9:b7:ca: 88:e8:7e:a5:4d:78:45:07:49:aa:7a:f1:e7:be:85: 74:ea:fa:4b:40:b5:05:9a:95:5f:82:62:89:df:9e: f7:37:27:33:42:61:a7:ac:6d:d2:62:0a:3f:5c:5f: e0:00:c5:14:6d:ba:74:86:2c:ef:7d:3d:ec:be:2a: da:3a:e3:59:dc:4c:1d:bc:27:ae:f0:17:bc:b1:b1: b4:f7:da:9c:b1:cf:15:82:f3:f3:f4:9f:4f:ba:96: cb:2b:e6:51:cd:2b:5f:fa:ce:00:94:4a:64:2c:11: 9f:0f:d2:4e:3b:c0:69:c6:c8:ae:44:e2:ec:f8:ca: e2:5f:cd:7f:f4:f9:8c:ea:b1:9c:cc:a3:ac:76:ed: be:b7:d6:52:1c:73:db:bd:95:84:f7:a3:40:59:bd: 5e:40:d6:8e:e1:95:6e:86:a0:a8:d6:ed:44:bd:3d: de:a4:3d:e7:ae:19:fc:6c:e7:46:fd:70:e7:4a:25: 62:71:55:83:0e:fd:39:a8:5a:24:44:d8:f4:7e:60: 97:f7:45:42:6b:95:e9:f2:96:74:19:40:39:cd:fd: 15:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:5C:D2:A5:9F:F1:21:06:FB:6C:44:89:71:00:EA:80:54:9D:3B:61 X509v3 Authority Key Identifier: keyid:61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/ulzSpZ_xIQb7bESJcQDqgFSdO2E.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.224.23.0/24 Signature Algorithm: sha256WithRSAEncryption 60:57:b0:00:9c:89:08:2e:41:b8:fd:02:dc:b6:26:fa:77:ab: ef:99:a3:77:b0:5c:af:73:fd:82:29:16:46:c6:15:01:df:62: 45:8b:48:54:dd:5b:19:c2:a1:ea:f4:8b:8f:f2:36:2b:a3:f1: 86:89:e5:29:70:19:16:57:b8:a0:c0:ca:bb:0f:32:0f:f4:4a: df:0e:8d:94:e8:e2:3c:1f:c4:2c:c2:6b:ba:67:b4:ab:f3:b0: a2:8d:19:c4:5a:ec:08:d9:ec:d0:65:ab:f5:99:75:c0:93:85: 1f:80:f9:c9:c4:37:6a:f7:d4:05:6a:9c:06:24:b7:fe:02:b9: 42:31:4c:45:0b:eb:58:67:13:33:cb:e1:d4:a3:12:5c:fb:6e: 58:6f:a5:7e:55:e7:61:fb:3b:9d:79:3a:60:5f:61:2c:a0:84: 81:c0:12:78:f9:8e:50:54:d9:3a:50:74:ff:aa:67:de:68:82: 1e:ea:ad:cf:87:08:ae:cd:d6:f5:d7:92:0e:41:33:64:57:78: 96:2c:42:d6:5d:5f:e2:71:f4:b5:2e:7d:fe:0c:d5:6b:6e:92: d2:a1:bb:6d:1b:49:9d:d0:fb:63:86:8d:cf:7d:fb:28:2e:17: 5c:05:a7:48:34:74:58:b0:6e:fc:92:06:2c:2c:5d:50:e0:4c: d9:59:2a:fa -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE1 RjlCRDk4Q0M3MEU4ODM2RDAxQTk0ODFDMTlDNUMyRDQ1RDc5MTAeFw0yNTAyMTAx NDA1NTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJBNUNEMkE1OUZGMTIx MDZGQjZDNDQ4OTcxMDBFQTgwNTQ5RDNCNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW0jSA7y48OA5A6p2RQcMpo8EHpU7cn8Ch+dxykJkwJe1XN1i9 W+4g2+m3yojofqVNeEUHSap68ee+hXTq+ktAtQWalV+CYonfnvc3JzNCYaesbdJi Cj9cX+AAxRRtunSGLO99Pey+Kto641ncTB28J67wF7yxsbT32pyxzxWC8/P0n0+6 lssr5lHNK1/6zgCUSmQsEZ8P0k47wGnGyK5E4uz4yuJfzX/0+YzqsZzMo6x27b63 1lIcc9u9lYT3o0BZvV5A1o7hlW6GoKjW7US9Pd6kPeeuGfxs50b9cOdKJWJxVYMO /TmoWiRE2PR+YJf3RUJrlenylnQZQDnN/RWNAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUulzSpZ/xIQb7bESJcQDqgFSdO2EwHwYDVR0jBBgwFoAUYV+b2YzHDog20BqU gcGcXC1F15EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdJTlMv WVYtYjJZekhEb2cyMEJxVWdjR2NYQzFGMTVFLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9ZVi1iMll6SERvZzIwQnFVZ2NHY1hDMUYxNUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9EV0lOUy91bHpTcFpfeElRYjdiRVNKY1FE cWdGU2RPMkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK+AX MA0GCSqGSIb3DQEBCwUAA4IBAQBgV7AAnIkILkG4/QLctib6d6vvmaN3sFyvc/2C KRZGxhUB32JFi0hU3VsZwqHq9IuP8jYro/GGieUpcBkWV7igwMq7DzIP9ErfDo2U 6OI8H8Qswmu6Z7Sr87CijRnEWuwI2ezQZav1mXXAk4UfgPnJxDdq99QFapwGJLf+ ArlCMUxFC+tYZxMzy+HUoxJc+25Yb6V+Vedh+zudeTpgX2EsoISBwBJ4+Y5QVNk6 UHT/qmfeaIIe6q3Phwiuzdb115IOQTNkV3iWLELWXV/icfS1Ln3+DNVrbpLSobtt G0md0Ptjho3PffsoLhdcBadINHRYsG78kgYsLF1Q4EzZWSr6 -----END CERTIFICATE-----Generated at Sat Apr 5 23:14:30 2025 by rpki-client