$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/QaPgGgdkEzHoyU_mDcQXjLzJeC0.roa File: QaPgGgdkEzHoyU_mDcQXjLzJeC0.roa (raw, json) Hash identifier: oA8aNOeiAaXsg5674d8rxKc9sCsf4mnw3YXTmcIeNfY= Subject key identifier: 41:A3:E0:1A:07:64:13:31:E8:C9:4F:E6:0D:C4:17:8C:BC:C9:78:2D Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Certificate serial: 0D7C Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/QaPgGgdkEzHoyU_mDcQXjLzJeC0.roa Signing time: Mon 10 Feb 2025 13:50:03 +0000 ROA not before: Mon 10 Feb 2025 13:50:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9244 IP address blocks: 61.247.168.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3452 (0xd7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Validity Not Before: Feb 10 13:50:03 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=41A3E01A07641331E8C94FE60DC4178CBCC9782D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:35:3a:7e:5e:67:13:6b:52:7b:d5:46:2a:d3: 93:fc:6b:80:6f:ed:f8:8b:f5:97:d6:88:7d:46:60: af:96:13:53:96:33:6d:2f:15:9e:dc:90:69:df:9e: 70:6b:43:16:78:00:bc:79:29:86:9c:75:77:ed:d1: 17:d4:2d:9e:10:fa:a7:c2:18:cb:62:63:86:76:42: 8e:c5:8c:18:b6:47:8c:a8:04:28:fb:ad:5c:e8:9a: c4:6e:44:b7:9c:28:f1:71:86:7e:f4:10:33:14:00: 3f:84:3b:18:4d:68:59:d5:4e:d1:02:6f:b6:a1:35: 3e:9a:6d:3d:2a:a7:a9:92:ff:0b:a6:23:36:69:5c: e5:63:bd:a8:b2:4f:e5:bd:ab:0c:90:b6:ff:bd:3a: 4b:76:d3:fa:fe:1c:98:d3:4b:2e:9d:ae:91:2e:f0: 9f:e9:f7:b4:ea:81:c6:63:e5:01:e2:5b:70:9a:e3: 60:ee:29:53:ed:7e:26:05:38:a6:87:6a:2e:1e:57: 80:8c:62:a4:82:fe:79:7e:43:a3:0b:94:f0:cc:67: 0c:8f:be:cf:51:64:17:2b:c7:32:f6:09:62:10:6a: f5:cc:18:22:5d:35:84:b1:e7:4f:1e:b1:f3:b9:88: 31:95:7a:b2:ad:4b:55:a6:37:0a:1b:02:14:64:06: 64:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:A3:E0:1A:07:64:13:31:E8:C9:4F:E6:0D:C4:17:8C:BC:C9:78:2D X509v3 Authority Key Identifier: keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/QaPgGgdkEzHoyU_mDcQXjLzJeC0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.247.168.0/21 Signature Algorithm: sha256WithRSAEncryption b0:c5:28:7f:8c:b3:68:69:ce:5e:8e:91:05:4a:8c:8c:66:09: 03:3b:ef:b1:5b:61:82:d0:18:09:ed:06:23:86:95:3d:38:87: ce:9b:2f:f8:3e:d1:03:0c:9f:38:dd:89:16:cf:b6:1e:5e:ad: 77:74:0c:77:21:35:0f:3a:a9:e4:a7:35:2c:69:39:90:27:12: 81:ef:4e:2a:f6:89:89:1a:1f:0e:75:2e:7a:57:19:8e:08:e8: 50:f7:49:3b:1a:84:f5:2d:f2:fe:07:fc:68:25:83:34:5b:f9: fc:65:c7:b2:e3:9f:1c:36:77:8e:51:10:43:6f:35:8e:f9:21: e6:a4:0f:01:ac:60:0a:ff:54:20:5f:59:97:30:33:da:c8:2e: c3:e5:ab:a5:29:0c:8f:1a:e6:bd:e9:a7:1c:2c:2c:1b:48:c6: 28:f1:1f:36:0a:cf:93:a2:19:44:f7:c3:21:d3:72:e5:74:a4: 2a:4d:3d:a9:aa:b9:3a:c3:69:e3:40:fd:6e:0a:3b:d0:a3:da: 04:f1:43:1b:04:01:3d:29:6c:7f:ca:7b:7d:b3:d9:b7:c9:5b: d1:7e:45:ef:36:1b:5a:8b:04:02:86:39:3d:e2:48:78:a5:1f: 13:66:69:30:7c:9c:83:15:ac:00:bd:ba:db:62:2f:48:1f:6d: 95:48:76:e0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDXwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNTAyMTAx MzUwMDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQxQTNFMDFBMDc2NDEz MzFFOEM5NEZFNjBEQzQxNzhDQkNDOTc4MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmNTp+XmcTa1J71UYq05P8a4Bv7fiL9ZfWiH1GYK+WE1OWM20v FZ7ckGnfnnBrQxZ4ALx5KYacdXft0RfULZ4Q+qfCGMtiY4Z2Qo7FjBi2R4yoBCj7 rVzomsRuRLecKPFxhn70EDMUAD+EOxhNaFnVTtECb7ahNT6abT0qp6mS/wumIzZp XOVjvaiyT+W9qwyQtv+9Okt20/r+HJjTSy6drpEu8J/p97TqgcZj5QHiW3Ca42Du KVPtfiYFOKaHai4eV4CMYqSC/nl+Q6MLlPDMZwyPvs9RZBcrxzL2CWIQavXMGCJd NYSx508esfO5iDGVerKtS1WmNwobAhRkBmR9AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUQaPgGgdkEzHoyU/mDcQXjLzJeC0wHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL1FhUGdHZ2RrRXpIb3lVX21E Y1FYakx6SmVDMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9 96gwDQYJKoZIhvcNAQELBQADggEBALDFKH+Ms2hpzl6OkQVKjIxmCQM777FbYYLQ GAntBiOGlT04h86bL/g+0QMMnzjdiRbPth5erXd0DHchNQ86qeSnNSxpOZAnEoHv Tir2iYkaHw51LnpXGY4I6FD3STsahPUt8v4H/GglgzRb+fxlx7Ljnxw2d45REENv NY75IeakDwGsYAr/VCBfWZcwM9rILsPlq6UpDI8a5r3ppxwsLBtIxijxHzYKz5Oi GUT3wyHTcuV0pCpNPamquTrDaeNA/W4KO9Cj2gTxQxsEAT0pbH/Ke32z2bfJW9F+ Re82G1qLBAKGOT3iSHilHxNmaTB8nIMVrAC9uttiL0gfbZVIduA= -----END CERTIFICATE-----Generated at Fri Apr 18 19:19:51 2025 by rpki-client