$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/na900zgWs54EDVa1nBJKbOShrzI.roa File: na900zgWs54EDVa1nBJKbOShrzI.roa (raw, json) Hash identifier: 4WCjXfiXRT2W9l7U7IIGIQBxhUC8A1i9PUnnbX+kUz4= Subject key identifier: 9D:AF:74:D3:38:16:B3:9E:04:0D:56:B5:9C:12:4A:6C:E4:A1:AF:32 Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059 Certificate serial: 0F8F Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/na900zgWs54EDVa1nBJKbOShrzI.roa Signing time: Mon 10 Feb 2025 14:30:51 +0000 ROA not before: Mon 10 Feb 2025 14:30:51 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131641 IP address blocks: 2404:8cc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3983 (0xf8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059 Validity Not Before: Feb 10 14:30:51 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9DAF74D33816B39E040D56B59C124A6CE4A1AF32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:25:d1:a9:b1:8b:b6:f3:b2:dc:14:64:8e:a2: 39:4e:d3:10:19:be:a6:62:c1:6d:34:fe:6a:f2:0e: 8d:f0:70:0a:b3:1a:ff:1b:86:c0:7e:0f:4f:46:8c: 7d:cb:93:97:26:7b:6a:f9:32:e3:3c:08:ae:65:d9: 0c:81:36:b3:d6:c4:a5:58:d0:20:64:15:81:21:df: 50:b1:5a:52:70:13:e5:b3:70:0c:50:9d:d8:6f:6f: f2:83:ba:54:4f:28:fc:5a:25:dd:df:4e:36:36:4c: 8e:a9:65:3d:d7:f7:7c:0e:6f:44:49:95:84:d4:b8: d8:35:86:c5:9c:03:9d:1e:b0:b0:eb:f5:af:b6:6e: b5:f9:7a:57:46:cf:48:80:be:55:da:ce:71:dd:cf: 33:fb:48:34:9f:db:54:9b:89:33:e4:99:79:2f:92: cc:9c:24:74:99:e7:2e:54:3a:29:ac:c6:57:84:89: 65:8a:cb:f2:44:2a:bb:d9:45:70:a8:17:f1:2f:bf: 44:24:0d:cf:af:14:4e:28:dc:9a:ee:15:c6:b4:df: 31:86:d8:65:73:bb:4f:a3:7e:05:14:1c:89:d7:eb: 8f:fe:bb:bf:10:e8:c3:ba:4c:83:2f:db:78:93:5e: db:27:4f:92:94:f6:2c:49:6b:66:7e:0d:17:98:0f: 83:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:AF:74:D3:38:16:B3:9E:04:0D:56:B5:9C:12:4A:6C:E4:A1:AF:32 X509v3 Authority Key Identifier: keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/na900zgWs54EDVa1nBJKbOShrzI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:8cc0::/32 Signature Algorithm: sha256WithRSAEncryption 98:06:0a:dd:d5:3b:ac:1b:72:c3:2b:c8:93:b7:05:a4:7e:11: 1a:ef:3f:62:2b:64:9d:d3:3b:f3:42:bb:54:2a:50:24:bf:63: 93:20:9b:d2:e5:c9:be:70:75:68:26:a9:1a:05:2a:cf:d3:cd: 9c:77:e4:6e:e7:36:b4:f6:49:e3:db:2e:45:4a:ee:e3:52:ef: b3:05:42:44:53:30:4c:31:93:ed:fc:81:0b:cc:9e:4b:63:4d: 03:26:63:9b:20:1d:4d:f3:95:ca:6a:a2:dd:04:9a:ba:42:24: 7b:89:43:fc:ce:fe:f3:59:59:e9:35:db:2e:f3:f8:bd:00:ff: b9:d2:f6:5c:d5:14:7e:aa:ca:6a:3f:34:23:44:f3:af:8e:67: 9a:73:f6:69:32:8c:e6:83:68:ba:eb:d9:e8:e1:d7:43:16:33: e3:6d:2e:46:58:cf:fd:e8:bf:a2:cb:16:4c:81:ac:95:b0:2d: b5:0b:37:64:7b:69:c9:1d:90:e0:b3:33:3e:aa:a3:ae:98:74: 25:b2:c7:8c:65:0c:3d:50:da:7f:59:2a:56:82:d0:27:a5:0b: 2a:82:af:42:98:5b:49:e5:36:87:04:fe:81:95:e5:f5:87:b5: 8d:8d:91:c4:d0:3f:e6:d6:1a:c8:d4:94:1c:93:0e:00:a3:87: ac:ca:80:a5 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICD48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTAyMTAx NDMwNTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlEQUY3NEQzMzgxNkIz OUUwNDBENTZCNTlDMTI0QTZDRTRBMUFGMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbJdGpsYu287LcFGSOojlO0xAZvqZiwW00/mryDo3wcAqzGv8b hsB+D09GjH3Lk5cme2r5MuM8CK5l2QyBNrPWxKVY0CBkFYEh31CxWlJwE+WzcAxQ ndhvb/KDulRPKPxaJd3fTjY2TI6pZT3X93wOb0RJlYTUuNg1hsWcA50esLDr9a+2 brX5eldGz0iAvlXaznHdzzP7SDSf21SbiTPkmXkvksycJHSZ5y5UOimsxleEiWWK y/JEKrvZRXCoF/Evv0QkDc+vFE4o3JruFca03zGG2GVzu0+jfgUUHInX64/+u78Q 6MO6TIMv23iTXtsnT5KU9ixJa2Z+DReYD4NbAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUna900zgWs54EDVa1nBJKbOShrzIwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75 mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL25hOTAwemdXczU0RURWYTFuQkpLYk9T aHJ6SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBIzAMA0G CSqGSIb3DQEBCwUAA4IBAQCYBgrd1TusG3LDK8iTtwWkfhEa7z9iK2Sd0zvzQrtU KlAkv2OTIJvS5cm+cHVoJqkaBSrP082cd+Ru5za09knj2y5FSu7jUu+zBUJEUzBM MZPt/IELzJ5LY00DJmObIB1N85XKaqLdBJq6QiR7iUP8zv7zWVnpNdsu8/i9AP+5 0vZc1RR+qspqPzQjRPOvjmeac/ZpMozmg2i669no4ddDFjPjbS5GWM/96L+iyxZM gayVsC21Czdke2nJHZDgszM+qqOumHQlsseMZQw9UNp/WSpWgtAnpQsqgq9CmFtJ 5TaHBP6BleX1h7WNjZHE0D/m1hrI1JQckw4Ao4esyoCl -----END CERTIFICATE-----Generated at Fri Apr 18 23:47:55 2025 by rpki-client