$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/yZ4PKHLiZrZ60aVPfm9ZOAX-mSg.roa File: yZ4PKHLiZrZ60aVPfm9ZOAX-mSg.roa (raw, json) Hash identifier: OW/FPU4aW3bgTiOuFbdNTUS2DQ9AWdT4lP6f0gBG98s= Subject key identifier: C9:9E:0F:28:72:E2:66:B6:7A:D1:A5:4F:7E:6F:59:38:05:FE:99:28 Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Certificate serial: 0D7F Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/yZ4PKHLiZrZ60aVPfm9ZOAX-mSg.roa Signing time: Mon 10 Feb 2025 13:50:04 +0000 ROA not before: Mon 10 Feb 2025 13:50:04 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9244 IP address blocks: 61.247.160.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 16:48:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3455 (0xd7f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Validity Not Before: Feb 10 13:50:04 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C99E0F2872E266B67AD1A54F7E6F593805FE9928 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:7b:d7:52:1d:36:fa:06:91:68:2c:62:8b:43: f4:d4:11:6d:44:2f:15:cf:db:23:44:41:f3:c5:22: a3:05:7e:43:0c:cc:e8:1a:5e:36:31:71:2e:08:e7: 51:42:9f:fe:e9:5d:50:2a:bd:81:e5:8d:68:3f:5b: 6d:f2:52:bc:43:a9:97:9e:e9:7b:87:19:40:27:b5: 3c:f7:e0:2b:c0:72:6a:6a:02:0a:f3:9b:5e:f2:c6: 0c:ae:93:ca:a8:35:08:63:cd:ee:47:12:78:45:1b: 88:05:a7:e9:af:9a:b8:7a:23:2b:41:b2:e6:a6:a8: 0f:7f:bb:c0:15:3c:99:14:a3:27:99:70:d3:b8:d9: 54:79:c4:50:a3:84:93:4b:0e:7f:4c:e6:40:e0:bb: d5:bf:ff:3d:ad:b2:1a:bd:89:99:f7:50:ba:01:45: 0c:ae:7a:d9:fe:e6:5f:a9:ec:e2:80:1f:fa:77:62: a7:e3:cc:2d:34:9d:62:f4:52:65:69:6d:bb:f9:7a: 97:e3:20:a3:39:97:19:75:94:5c:ad:d8:76:23:68: b1:26:4e:2a:43:c5:69:21:66:e8:43:fe:d7:02:c3: 52:1c:08:84:2a:d1:fa:b0:f1:88:c8:b2:f1:c4:82: f5:ad:18:ae:18:43:98:7c:dd:eb:2b:bb:5e:bd:5b: cc:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:9E:0F:28:72:E2:66:B6:7A:D1:A5:4F:7E:6F:59:38:05:FE:99:28 X509v3 Authority Key Identifier: keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/yZ4PKHLiZrZ60aVPfm9ZOAX-mSg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.247.160.0/20 Signature Algorithm: sha256WithRSAEncryption 5d:06:35:0f:07:5e:6e:80:01:d7:de:db:71:fa:90:64:79:e3: 4c:6f:87:4d:86:c1:45:04:6f:2d:b3:a9:ed:69:7f:e7:1e:e6: d4:88:fb:f1:ef:38:07:ed:58:d8:88:db:bd:45:f2:75:9f:f9: 12:ed:1e:32:c5:cc:76:2a:c0:e5:af:70:1f:b6:8d:98:ad:ca: c3:f1:d7:b3:26:b9:9e:7c:78:88:fd:45:24:37:d0:5c:63:e3: ba:b3:ef:de:96:30:8a:9b:80:1a:34:02:a3:01:57:dc:3b:91: 43:aa:46:0e:d7:8f:42:31:77:75:c5:e3:59:34:65:03:dc:2f: 47:03:a9:0a:7c:6d:25:51:af:4c:b7:9c:e5:97:0a:43:6c:4b: 47:d7:71:bf:60:d4:a9:2d:e4:b1:ec:bc:78:d9:a5:79:0b:0a: 9e:f6:be:2e:c7:3c:f7:41:84:cb:d8:8c:47:6f:ac:40:2e:4b: 31:b0:05:77:ba:30:ae:91:cb:03:72:65:9e:ae:cd:f3:47:ed: be:08:5a:df:b7:47:72:c8:98:a8:0c:fa:eb:01:cc:ac:a5:87: 0b:a1:af:05:e1:31:36:7b:a5:73:45:23:85:30:21:0a:3e:70: c2:86:37:26:3e:c9:c8:f5:5a:13:be:9f:23:ce:92:d1:3f:2d: d2:b2:04:31 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDX8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNTAyMTAx MzUwMDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM5OUUwRjI4NzJFMjY2 QjY3QUQxQTU0RjdFNkY1OTM4MDVGRTk5MjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDme9dSHTb6BpFoLGKLQ/TUEW1ELxXP2yNEQfPFIqMFfkMMzOga XjYxcS4I51FCn/7pXVAqvYHljWg/W23yUrxDqZee6XuHGUAntTz34CvAcmpqAgrz m17yxgyuk8qoNQhjze5HEnhFG4gFp+mvmrh6IytBsuamqA9/u8AVPJkUoyeZcNO4 2VR5xFCjhJNLDn9M5kDgu9W//z2tshq9iZn3ULoBRQyuetn+5l+p7OKAH/p3Yqfj zC00nWL0UmVpbbv5epfjIKM5lxl1lFyt2HYjaLEmTipDxWkhZuhD/tcCw1IcCIQq 0fqw8YjIsvHEgvWtGK4YQ5h83esru169W8yLAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUyZ4PKHLiZrZ60aVPfm9ZOAX+mSgwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL3laNFBLSExpWnJaNjBhVlBm bTlaT0FYLW1TZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9 96AwDQYJKoZIhvcNAQELBQADggEBAF0GNQ8HXm6AAdfe23H6kGR540xvh02GwUUE by2zqe1pf+ce5tSI+/HvOAftWNiI271F8nWf+RLtHjLFzHYqwOWvcB+2jZitysPx 17MmuZ58eIj9RSQ30Fxj47qz796WMIqbgBo0AqMBV9w7kUOqRg7Xj0Ixd3XF41k0 ZQPcL0cDqQp8bSVRr0y3nOWXCkNsS0fXcb9g1Kkt5LHsvHjZpXkLCp72vi7HPPdB hMvYjEdvrEAuSzGwBXe6MK6RywNyZZ6uzfNH7b4IWt+3R3LImKgM+usBzKylhwuh rwXhMTZ7pXNFI4UwIQo+cMKGNyY+ycj1WhO+nyPOktE/LdKyBDE= -----END CERTIFICATE-----Generated at Tue Apr 22 13:46:53 2025 by rpki-client