$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EASPNET/DS893f-1kaeoDKKfR5r7F_c2s0w.roa File: DS893f-1kaeoDKKfR5r7F_c2s0w.roa (raw, json) Hash identifier: VaTgQbX1X3+vL8wC0sxFnDW5BEMID7UwfpvG4f8dCPg= Subject key identifier: 0D:2F:3D:DD:FF:B5:91:A7:A8:0C:A2:9F:47:9A:FB:17:F7:36:B3:4C Certificate issuer: /CN=552B16164C361040D88F32D36509448CF3BB9D25 Certificate serial: 0CA5 Authority key identifier: 55:2B:16:16:4C:36:10:40:D8:8F:32:D3:65:09:44:8C:F3:BB:9D:25 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/DS893f-1kaeoDKKfR5r7F_c2s0w.roa Signing time: Mon 10 Feb 2025 13:55:53 +0000 ROA not before: Mon 10 Feb 2025 13:55:53 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 10135 IP address blocks: 49.128.112.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3237 (0xca5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=552B16164C361040D88F32D36509448CF3BB9D25 Validity Not Before: Feb 10 13:55:53 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0D2F3DDDFFB591A7A80CA29F479AFB17F736B34C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:33:5f:3c:bf:94:7c:68:48:7e:3d:4b:d4:57: 8d:2c:ec:47:c1:5d:18:63:91:8c:e2:27:06:f5:23: 3d:db:78:4c:c4:c0:3e:e3:b9:18:98:83:4c:ea:b4: 9c:f7:c3:da:63:56:a4:fb:d2:f1:d8:3d:e8:de:bf: 98:2e:b5:5c:3d:ec:47:34:88:78:e3:01:3e:11:65: 3d:0d:1b:7d:1d:7a:f7:9f:57:8b:3c:bf:e1:45:22: 99:ef:dd:6c:4a:64:73:6a:6a:8b:f4:46:3a:ea:b5: 5c:30:47:7e:57:a6:d2:d4:13:30:b6:79:45:f1:f6: d3:6b:ff:0d:99:6e:bb:69:cf:ce:2d:e9:f0:46:c0: e7:2f:e4:37:61:a0:e2:45:60:7f:96:9a:a0:d3:68: b6:0d:cb:77:9c:c3:27:30:ae:68:54:fd:ee:1d:c4: a8:8b:0e:32:36:49:f2:da:c2:89:39:67:25:c0:16: 60:22:64:49:18:db:05:f6:1c:16:02:08:b6:bb:21: 92:41:48:30:c5:55:d6:50:7e:12:a2:8c:73:ec:66: 99:f4:98:ad:9a:96:be:d9:48:0e:73:fc:5f:24:2e: a3:84:cb:c7:bb:4a:1a:95:cd:71:40:1e:d3:a5:bd: 90:c7:ae:97:ce:fc:4b:87:c5:61:c7:c7:0f:6f:03: 39:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:2F:3D:DD:FF:B5:91:A7:A8:0C:A2:9F:47:9A:FB:17:F7:36:B3:4C X509v3 Authority Key Identifier: keyid:55:2B:16:16:4C:36:10:40:D8:8F:32:D3:65:09:44:8C:F3:BB:9D:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/DS893f-1kaeoDKKfR5r7F_c2s0w.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.128.112.0/20 Signature Algorithm: sha256WithRSAEncryption 21:7b:e2:a3:39:30:7c:d1:35:dc:ea:4e:db:e2:b1:7a:fc:d9: 45:a1:94:a5:40:01:71:5b:7a:dd:d6:e4:09:3c:ba:e1:5c:71: 3c:b8:49:6d:b7:c1:66:e3:16:4e:78:5b:9c:00:0b:64:82:ed: e9:90:7e:8a:02:a6:08:e3:c3:f6:78:67:de:25:d6:71:8f:69: 44:ee:d1:71:2b:36:f1:22:c6:d3:a6:dc:e7:ad:25:e1:f0:ae: 4e:75:ec:25:fb:45:24:8e:d0:ac:12:3f:66:b7:8a:e6:fd:91: 3c:14:5e:24:19:e4:36:a0:94:05:db:31:e5:f9:89:f3:c2:d3: cd:61:18:9e:29:b3:0d:05:0c:b1:a3:b0:f8:6f:00:16:bb:92: 32:75:67:a5:25:76:7a:dd:08:90:93:54:82:60:96:cc:91:06: 46:33:ea:27:24:4d:86:04:4e:9d:50:99:36:65:b9:4a:83:d4: 5b:54:21:60:fe:cc:2c:e1:b2:f4:65:23:1c:e5:77:dd:0a:e6: 3a:30:00:92:12:d5:3a:8e:a2:4a:f1:fa:9d:46:23:bf:b9:32: f1:66:d3:1c:04:40:ca:da:ef:9e:6d:b4:e1:3d:08:67:97:eb: c7:fc:bd:13:ce:45:09:b6:42:a4:fa:b0:0e:e9:fe:5d:bb:e9: 48:1b:e3:94 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTUy QjE2MTY0QzM2MTA0MEQ4OEYzMkQzNjUwOTQ0OENGM0JCOUQyNTAeFw0yNTAyMTAx MzU1NTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBEMkYzRERERkZCNTkx QTdBODBDQTI5RjQ3OUFGQjE3RjczNkIzNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClM188v5R8aEh+PUvUV40s7EfBXRhjkYziJwb1Iz3beEzEwD7j uRiYg0zqtJz3w9pjVqT70vHYPejev5gutVw97Ec0iHjjAT4RZT0NG30devefV4s8 v+FFIpnv3WxKZHNqaov0RjrqtVwwR35XptLUEzC2eUXx9tNr/w2Zbrtpz84t6fBG wOcv5DdhoOJFYH+WmqDTaLYNy3ecwycwrmhU/e4dxKiLDjI2SfLawok5ZyXAFmAi ZEkY2wX2HBYCCLa7IZJBSDDFVdZQfhKijHPsZpn0mK2alr7ZSA5z/F8kLqOEy8e7 ShqVzXFAHtOlvZDHrpfO/EuHxWHHxw9vAzk7AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUDS893f+1kaeoDKKfR5r7F/c2s0wwHwYDVR0jBBgwFoAUVSsWFkw2EEDYjzLT ZQlEjPO7nSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRUFTUE5F VC9WU3NXRmt3MkVFRFlqekxUWlFsRWpQTzduU1UuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1ZTc1dGa3cyRUVEWWp6TFRaUWxFalBPN25TVS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0VBU1BORVQvRFM4OTNmLTFrYWVvREtL ZlI1cjdGX2MyczB3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BDGAcDANBgkqhkiG9w0BAQsFAAOCAQEAIXviozkwfNE13OpO2+KxevzZRaGUpUAB cVt63dbkCTy64VxxPLhJbbfBZuMWTnhbnAALZILt6ZB+igKmCOPD9nhn3iXWcY9p RO7RcSs28SLG06bc560l4fCuTnXsJftFJI7QrBI/ZreK5v2RPBReJBnkNqCUBdsx 5fmJ88LTzWEYnimzDQUMsaOw+G8AFruSMnVnpSV2et0IkJNUgmCWzJEGRjPqJyRN hgROnVCZNmW5SoPUW1QhYP7MLOGy9GUjHOV33QrmOjAAkhLVOo6iSvH6nUYjv7ky 8WbTHARAytrvnm204T0IZ5frx/y9E85FCbZCpPqwDun+XbvpSBvjlA== -----END CERTIFICATE-----Generated at Fri Apr 18 22:20:37 2025 by rpki-client