$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/XYfWQlgvtmcfgpWOXZc8y6WSF1g.roa File: XYfWQlgvtmcfgpWOXZc8y6WSF1g.roa (raw, json) Hash identifier: pLOEpPDrAAFdhcLInjDoqTOrzuq5sQyq4k+mxiEvGI8= Subject key identifier: 5D:87:D6:42:58:2F:B6:67:1F:82:95:8E:5D:97:3C:CB:A5:92:17:58 Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Certificate serial: 0D85 Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/XYfWQlgvtmcfgpWOXZc8y6WSF1g.roa Signing time: Mon 10 Feb 2025 13:50:05 +0000 ROA not before: Mon 10 Feb 2025 13:50:05 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9244 IP address blocks: 61.56.64.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3461 (0xd85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Validity Not Before: Feb 10 13:50:05 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5D87D642582FB6671F82958E5D973CCBA5921758 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:2d:7b:04:1a:93:a7:4d:96:8a:92:c7:1b:5a: be:b6:fa:9c:fe:46:de:c6:73:b4:9f:a2:50:93:b4: b1:6d:8a:c0:eb:2a:9a:47:c5:67:06:2a:9d:37:60: 44:bb:0a:8a:50:7a:9a:94:2c:bf:58:f3:db:ff:e7: 4d:f1:bf:9a:54:ca:d8:9f:49:ff:04:8e:61:e7:57: 9d:0d:de:2d:d1:36:d9:27:6e:0c:6f:61:9b:73:a9: b5:b8:f2:89:cb:f6:e4:9b:e4:f6:f3:c9:27:a1:57: 3a:e4:10:41:b3:13:85:81:eb:dd:a4:9c:82:b7:1f: 43:d1:d0:6d:80:1b:35:55:a7:69:25:5e:41:1b:63: ce:a5:02:4b:9e:d6:71:56:8a:56:77:4d:a3:60:e4: de:23:60:d1:3a:ee:90:93:79:29:8c:09:fc:67:61: ab:26:a0:fb:61:a7:ad:d2:83:0f:78:da:d9:ef:4c: 28:cf:f9:c5:dd:9b:31:a1:e7:59:82:7a:3b:f7:40: a7:f3:b3:41:fc:1e:00:6a:95:d0:6d:8d:0a:2e:1b: 70:9d:7d:01:bd:3c:29:5f:4d:c1:51:ec:91:3f:80: 8e:f8:fc:2c:7d:21:78:79:e5:b6:2a:d1:13:20:bb: c0:5f:65:ed:0d:ae:04:18:54:30:d3:4d:3d:9e:30: 10:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:87:D6:42:58:2F:B6:67:1F:82:95:8E:5D:97:3C:CB:A5:92:17:58 X509v3 Authority Key Identifier: keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/XYfWQlgvtmcfgpWOXZc8y6WSF1g.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.56.64.0/21 Signature Algorithm: sha256WithRSAEncryption 45:f6:45:58:38:9a:3e:f1:87:4e:15:a4:3d:f0:3c:f1:89:41: a0:f2:e8:2c:fb:0b:6b:4c:fe:9c:8b:28:a3:17:ba:12:26:f4: de:4c:a5:62:14:10:69:3e:0e:d2:77:2d:09:4a:32:e8:50:c9: 39:e7:30:bd:17:62:30:13:4b:02:96:e8:6e:67:5f:b3:09:de: 82:38:42:bb:82:70:2f:77:9f:ff:04:89:15:09:2d:96:0a:a1: f8:be:e0:4c:5f:5b:cb:98:7a:7f:6c:e0:97:8f:53:15:54:ee: c9:d4:b4:f6:a7:bd:24:e9:9e:fe:f7:d9:63:f0:59:4c:2f:cd: 46:76:60:11:c1:b3:a0:fa:bd:47:22:58:da:cb:7a:fd:65:6b: b6:7d:9e:c1:f6:d6:5d:6f:03:ef:01:33:3e:bf:dc:2a:db:ed: 25:f6:2d:7f:9d:c2:a4:2d:e4:fe:97:58:a6:d3:ad:43:af:32: c9:1f:87:3d:35:0d:74:da:d2:64:52:af:f6:bd:68:dd:10:d2: cd:7f:ca:31:e7:48:33:70:0f:59:92:3a:4a:62:6a:90:89:51: 64:8c:35:5c:da:6a:db:13:53:dc:09:43:35:48:64:69:bb:f9: d0:aa:cf:79:d1:6a:83:5b:7a:bf:d4:c0:19:20:24:d7:c8:4f: 6c:4b:bd:50 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDYUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNTAyMTAx MzUwMDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVEODdENjQyNTgyRkI2 NjcxRjgyOTU4RTVEOTczQ0NCQTU5MjE3NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQLXsEGpOnTZaKkscbWr62+pz+Rt7Gc7SfolCTtLFtisDrKppH xWcGKp03YES7CopQepqULL9Y89v/503xv5pUytifSf8EjmHnV50N3i3RNtknbgxv YZtzqbW48onL9uSb5PbzySehVzrkEEGzE4WB692knIK3H0PR0G2AGzVVp2klXkEb Y86lAkue1nFWilZ3TaNg5N4jYNE67pCTeSmMCfxnYasmoPthp63Sgw942tnvTCjP +cXdmzGh51mCejv3QKfzs0H8HgBqldBtjQouG3CdfQG9PClfTcFR7JE/gI74/Cx9 IXh55bYq0RMgu8BfZe0NrgQYVDDTTT2eMBDZAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUXYfWQlgvtmcfgpWOXZc8y6WSF1gwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL1hZZldRbGd2dG1jZmdwV09Y WmM4eTZXU0YxZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9 OEAwDQYJKoZIhvcNAQELBQADggEBAEX2RVg4mj7xh04VpD3wPPGJQaDy6Cz7C2tM /pyLKKMXuhIm9N5MpWIUEGk+DtJ3LQlKMuhQyTnnML0XYjATSwKW6G5nX7MJ3oI4 QruCcC93n/8EiRUJLZYKofi+4ExfW8uYen9s4JePUxVU7snUtPanvSTpnv732WPw WUwvzUZ2YBHBs6D6vUciWNrLev1la7Z9nsH21l1vA+8BMz6/3Crb7SX2LX+dwqQt 5P6XWKbTrUOvMskfhz01DXTa0mRSr/a9aN0Q0s1/yjHnSDNwD1mSOkpiapCJUWSM NVzaatsTU9wJQzVIZGm7+dCqz3nRaoNber/UwBkgJNfIT2xLvVA= -----END CERTIFICATE-----Generated at Fri Apr 18 19:42:09 2025 by rpki-client