$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/5t82g2tQQI1ZrIE1UsuslUgsJSE.roa File: 5t82g2tQQI1ZrIE1UsuslUgsJSE.roa (raw, json) Hash identifier: BCIuMuhEZjI2CyQT7IyYX0F5P9q4M3ABIyfMq4oexoI= Subject key identifier: E6:DF:36:83:6B:50:40:8D:59:AC:81:35:52:CB:AC:95:48:2C:25:21 Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Certificate serial: 0D79 Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/5t82g2tQQI1ZrIE1UsuslUgsJSE.roa Signing time: Mon 10 Feb 2025 13:50:03 +0000 ROA not before: Mon 10 Feb 2025 13:50:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9244 IP address blocks: 61.56.64.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 21:18:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3449 (0xd79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Validity Not Before: Feb 10 13:50:03 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E6DF36836B50408D59AC813552CBAC95482C2521 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:70:6a:f3:a2:f1:a1:55:cb:dd:68:79:75:74: 35:4b:99:bb:ff:e6:ed:28:3f:d0:0d:43:db:7e:28: f0:cc:be:b0:a6:8d:fb:72:4e:1d:d8:3b:e3:ba:b0: b5:51:de:07:50:a7:a8:07:a3:e0:72:2c:99:d9:3c: 13:ca:39:cf:e5:15:44:4a:1d:5a:9b:93:bf:40:71: 50:d6:6d:f0:b1:03:7f:b5:83:d4:b3:db:2c:91:f5: 43:b8:6a:45:35:c6:1d:26:8a:0e:ec:7a:ba:c5:9a: 96:da:51:66:a5:32:29:a6:5e:04:f1:9b:f6:78:57: fa:20:b1:c9:c7:20:92:4f:bb:de:72:41:d6:04:e8: fb:0d:e6:80:58:0f:b8:37:70:01:06:d9:16:82:1f: 83:8c:da:75:5d:e9:d9:41:d4:8b:c3:dd:68:14:84: c9:59:bc:32:a0:89:ed:06:f7:f8:1c:ee:e1:9c:24: 05:00:72:41:6d:be:d3:72:2d:63:97:68:0d:c1:5b: 76:66:04:71:b1:40:f3:4b:58:e8:21:48:6e:9f:b6: 6a:e9:bd:ff:30:32:df:12:bf:ef:91:70:42:f2:47: e1:38:16:96:5c:e6:e6:13:fb:3e:6d:f8:03:b9:7c: 77:0d:96:f5:c4:e0:05:86:9d:89:1b:25:83:7c:61: 5d:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:DF:36:83:6B:50:40:8D:59:AC:81:35:52:CB:AC:95:48:2C:25:21 X509v3 Authority Key Identifier: keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/5t82g2tQQI1ZrIE1UsuslUgsJSE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.56.64.0/20 Signature Algorithm: sha256WithRSAEncryption 45:75:4e:f8:e0:e2:97:b8:ba:e5:eb:b6:91:12:ce:60:ab:0e: 1c:1b:a5:3e:fa:e0:8b:42:48:57:8e:05:49:f8:4a:53:2a:f0: c3:7f:a7:60:df:79:b4:6f:91:e3:ba:a6:55:2e:eb:40:fe:82: f3:73:65:f8:22:d6:3c:44:56:31:44:aa:be:b2:5a:da:25:34: 11:f6:4f:1d:74:59:b4:4f:1f:42:cc:6c:33:71:4b:8e:20:b9: f4:ef:43:87:ba:e7:89:11:b6:a7:05:0f:d3:2e:d9:ab:c0:1f: 7d:50:cd:f5:aa:92:8b:eb:73:d9:5e:b3:c9:8e:72:4a:3d:02: 4c:da:d3:4e:be:86:c8:50:ef:19:c7:43:ef:a9:1f:bb:86:c0: 0a:d0:25:03:f6:d1:20:e3:bc:d2:bd:23:bb:de:db:6e:fd:6b: f4:40:a9:f0:fa:ac:61:a8:91:64:9d:6d:01:2f:cb:71:07:9e: 28:11:04:f3:9b:1f:26:a8:ec:7f:38:98:d5:88:c4:7a:4a:82: 08:1d:bc:ae:20:e0:3c:a0:89:c8:2c:2d:02:09:89:91:fa:c6: 4e:36:3e:94:f9:c4:0e:56:0c:b8:e8:11:77:41:01:70:e1:8b: 2f:1e:ac:f1:13:d5:f3:61:c7:cd:81:65:fa:5b:46:39:fa:80: 04:28:c4:47 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNTAyMTAx MzUwMDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEU2REYzNjgzNkI1MDQw OEQ1OUFDODEzNTUyQ0JBQzk1NDgyQzI1MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkcGrzovGhVcvdaHl1dDVLmbv/5u0oP9ANQ9t+KPDMvrCmjfty Th3YO+O6sLVR3gdQp6gHo+ByLJnZPBPKOc/lFURKHVqbk79AcVDWbfCxA3+1g9Sz 2yyR9UO4akU1xh0mig7serrFmpbaUWalMimmXgTxm/Z4V/ogscnHIJJPu95yQdYE 6PsN5oBYD7g3cAEG2RaCH4OM2nVd6dlB1IvD3WgUhMlZvDKgie0G9/gc7uGcJAUA ckFtvtNyLWOXaA3BW3ZmBHGxQPNLWOghSG6ftmrpvf8wMt8Sv++RcELyR+E4FpZc 5uYT+z5t+AO5fHcNlvXE4AWGnYkbJYN8YV1fAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU5t82g2tQQI1ZrIE1UsuslUgsJSEwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVULzV0ODJnMnRRUUkxWnJJRTFV c3VzbFVnc0pTRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9 OEAwDQYJKoZIhvcNAQELBQADggEBAEV1Tvjg4pe4uuXrtpESzmCrDhwbpT764ItC SFeOBUn4SlMq8MN/p2DfebRvkeO6plUu60D+gvNzZfgi1jxEVjFEqr6yWtolNBH2 Tx10WbRPH0LMbDNxS44gufTvQ4e654kRtqcFD9Mu2avAH31QzfWqkovrc9les8mO cko9Akza006+hshQ7xnHQ++pH7uGwArQJQP20SDjvNK9I7ve2279a/RAqfD6rGGo kWSdbQEvy3EHnigRBPObHyao7H84mNWIxHpKgggdvK4g4DygicgsLQIJiZH6xk42 PpT5xA5WDLjoEXdBAXDhiy8erPET1fNhx82BZfpbRjn6gAQoxEc= -----END CERTIFICATE-----Generated at Tue Apr 22 19:11:09 2025 by rpki-client