$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa File: s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa (raw, json) Hash identifier: QzsbOEzyGHyu+MaVCnE6ernqsIx6bRtycwY7gv3al5A= Subject key identifier: B3:C0:86:39:C0:1D:73:70:32:C1:68:39:3D:D2:09:DE:13:6B:43:AE Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059 Certificate serial: 0F8E Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa Signing time: Mon 10 Feb 2025 14:30:51 +0000 ROA not before: Mon 10 Feb 2025 14:30:51 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24168 IP address blocks: 2404:8cc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3982 (0xf8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059 Validity Not Before: Feb 10 14:30:51 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B3C08639C01D737032C168393DD209DE136B43AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:07:20:bc:db:be:4d:d0:d6:61:cb:9f:67:65: 33:0d:06:a7:72:c6:54:4c:4a:f8:ba:fa:18:1d:04: bb:c5:de:b5:32:87:4a:d0:3c:eb:29:bf:92:25:0e: 19:b5:d1:15:23:6a:a1:b7:51:e2:d5:73:99:d3:8e: 66:49:f9:d2:4b:69:48:01:81:bb:e8:73:95:0e:a8: d2:86:1a:e8:b8:41:c9:43:20:2c:93:72:5c:9e:c5: d2:23:4b:64:4b:16:87:b5:54:3b:ca:79:ed:67:91: 5b:51:92:05:ea:d5:98:fc:78:97:16:5a:f7:dc:ba: 83:96:c7:df:50:71:a0:b1:e8:b1:fc:d6:02:88:b1: 2f:9f:3b:bd:51:e2:13:cd:54:1c:cf:5e:b7:98:b3: f2:6a:93:b5:e1:1e:ab:90:20:be:1e:04:74:c9:59: c2:0a:16:5f:a9:87:5e:1c:47:1c:4a:ee:ce:f7:5e: 0a:6e:ce:0a:b9:b2:9e:c1:87:55:b2:78:16:88:a7: 04:c5:7a:07:93:5a:ad:5f:30:d5:45:e1:4e:d6:25: 17:70:52:b9:ca:92:d3:51:b5:50:7f:7d:73:08:23: 46:ef:e5:3a:71:a8:78:90:10:08:ea:d9:c4:48:3c: 77:4f:05:45:3d:b2:0d:91:4f:14:b7:e8:dc:37:28: 01:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:C0:86:39:C0:1D:73:70:32:C1:68:39:3D:D2:09:DE:13:6B:43:AE X509v3 Authority Key Identifier: keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:8cc0::/32 Signature Algorithm: sha256WithRSAEncryption 7a:1a:1e:6c:67:a8:75:9d:fd:9c:99:e5:ca:d9:e7:30:e6:2e: 50:41:5d:fa:28:ae:2a:60:fe:39:5c:33:6e:90:fc:b7:69:bd: 4a:d4:11:ea:72:d9:6e:e0:e8:92:c6:65:ba:4e:d8:78:3d:3c: f4:84:21:4c:04:b9:82:16:48:ed:ce:e5:2b:e8:28:db:4c:70: e0:9b:01:aa:6f:bd:37:6b:1c:49:69:af:29:e1:47:e8:e4:6f: f9:94:65:54:ca:3a:3b:21:57:bf:98:3e:a4:9e:43:38:d0:ff: fc:98:5d:48:4e:11:83:5a:b7:de:bf:aa:0f:27:87:15:79:d7: 7f:75:2e:ab:0b:ac:e0:c4:15:69:a9:f0:21:42:89:dc:c0:ef: 4c:53:19:4f:6b:2e:30:e3:ca:e8:94:2f:f0:d9:f9:3e:e9:a7: 95:16:eb:4d:8d:72:c1:df:9a:d7:b4:c7:3f:c0:8a:12:36:d3: 4a:54:68:9c:01:ae:1e:56:26:61:83:86:5f:93:4c:3a:cb:81: b9:e6:e6:ce:0f:06:d6:af:8e:c9:d3:8e:6a:4a:86:4b:67:1d: 3e:56:20:f6:76:73:ae:98:75:68:1b:4b:ee:da:17:ad:a2:da: 8d:99:aa:de:e7:fa:96:bc:19:bb:26:f9:e3:4c:4f:0f:24:e9: b0:18:55:a5 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICD44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTAyMTAx NDMwNTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIzQzA4NjM5QzAxRDcz NzAzMkMxNjgzOTNERDIwOURFMTM2QjQzQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDByC8275N0NZhy59nZTMNBqdyxlRMSvi6+hgdBLvF3rUyh0rQ POspv5IlDhm10RUjaqG3UeLVc5nTjmZJ+dJLaUgBgbvoc5UOqNKGGui4QclDICyT clyexdIjS2RLFoe1VDvKee1nkVtRkgXq1Zj8eJcWWvfcuoOWx99QcaCx6LH81gKI sS+fO71R4hPNVBzPXreYs/Jqk7XhHquQIL4eBHTJWcIKFl+ph14cRxxK7s73Xgpu zgq5sp7Bh1WyeBaIpwTFegeTWq1fMNVF4U7WJRdwUrnKktNRtVB/fXMII0bv5Tpx qHiQEAjq2cRIPHdPBUU9sg2RTxS36Nw3KAGnAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUs8CGOcAdc3AywWg5PdIJ3hNrQ64wHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75 mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL3M4Q0dPY0FkYzNBeXdXZzVQZElKM2hO clE2NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBIzAMA0G CSqGSIb3DQEBCwUAA4IBAQB6Gh5sZ6h1nf2cmeXK2ecw5i5QQV36KK4qYP45XDNu kPy3ab1K1BHqctlu4OiSxmW6Tth4PTz0hCFMBLmCFkjtzuUr6CjbTHDgmwGqb703 axxJaa8p4Ufo5G/5lGVUyjo7IVe/mD6knkM40P/8mF1IThGDWrfev6oPJ4cVedd/ dS6rC6zgxBVpqfAhQoncwO9MUxlPay4w48rolC/w2fk+6aeVFutNjXLB35rXtMc/ wIoSNtNKVGicAa4eViZhg4Zfk0w6y4G55ubODwbWr47J045qSoZLZx0+ViD2dnOu mHVoG0vu2hetotqNmare5/qWvBm7JvnjTE8PJOmwGFWl -----END CERTIFICATE-----Generated at Fri Apr 18 23:47:53 2025 by rpki-client