$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/L7zcj7Rryja2T0yGUz5uKVtwyPM.roa File: L7zcj7Rryja2T0yGUz5uKVtwyPM.roa (raw, json) Hash identifier: 3p5BqbFSnyautujWMsblKMj2ODfTmBJ23mjKvGutQ0c= Subject key identifier: 2F:BC:DC:8F:B4:6B:CA:36:B6:4F:4C:86:53:3E:6E:29:5B:70:C8:F3 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 10C6 Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/L7zcj7Rryja2T0yGUz5uKVtwyPM.roa Signing time: Mon 10 Feb 2025 13:56:29 +0000 ROA not before: Mon 10 Feb 2025 13:56:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17809 IP address blocks: 203.217.120.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 21:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4294 (0x10c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Feb 10 13:56:29 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2FBCDC8FB46BCA36B64F4C86533E6E295B70C8F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:df:11:5b:a5:26:b6:31:f6:f8:12:c7:14:96: d6:65:69:66:23:52:68:37:c2:7e:a3:8a:2f:cf:e6: 69:e8:be:57:d9:90:07:5b:1b:a5:79:f6:b8:ba:67: e3:9f:b4:10:69:1f:c5:00:71:25:2f:fa:c5:be:83: 8b:25:d6:21:46:b8:81:e8:ae:3e:81:a5:bd:f9:7a: 71:ea:eb:27:52:73:03:1d:d0:fb:87:da:78:ab:d7: c1:9a:1f:85:52:eb:92:34:c7:02:59:1a:57:51:d9: 5e:ff:fa:8d:c3:83:87:4a:09:53:f5:25:9c:35:a8: e6:53:18:d5:49:f1:17:51:ad:5e:a3:88:c1:ce:7b: 6e:b8:54:fa:bf:6f:33:70:ca:21:a8:2a:13:15:a1: 3d:ce:55:2c:64:da:59:97:89:55:06:ac:3a:5f:b7: 28:f7:ed:e6:c1:6c:82:45:68:89:16:9f:52:72:4d: 58:df:6a:35:98:8c:c1:49:4a:67:92:16:86:58:70: 29:c8:ba:8b:fa:ba:30:22:b1:d7:c4:e4:80:a7:d5: 26:46:b8:21:5d:bd:20:9c:8d:27:58:a1:2f:42:86: a7:5f:27:3a:39:2a:2c:a9:66:87:8f:01:c9:3c:57: 98:5f:b6:47:51:c4:fd:e0:4e:ca:63:79:6f:f8:c6: f7:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:BC:DC:8F:B4:6B:CA:36:B6:4F:4C:86:53:3E:6E:29:5B:70:C8:F3 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/L7zcj7Rryja2T0yGUz5uKVtwyPM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.217.120.0/21 Signature Algorithm: sha256WithRSAEncryption 41:1d:76:b5:65:e6:b3:39:dc:67:c4:18:90:82:f0:8d:f8:b3: 01:3f:68:ac:75:79:02:90:55:7c:47:61:64:74:1e:a9:0d:ac: fa:68:c2:d5:cf:5e:c3:c3:6b:d1:ff:6c:a4:49:2e:5f:a7:93: ba:01:d4:75:c6:31:07:d6:e2:6f:25:d5:11:9e:a7:db:9b:84: 34:40:85:d6:5c:2a:39:c2:34:ad:87:96:41:33:3a:4e:ea:2d: 38:a9:3a:c4:82:60:30:bb:4d:5b:81:28:dc:35:9e:5c:a0:96: e8:f0:d7:01:b2:da:3e:f7:35:b9:d0:6c:8c:48:fa:fd:ad:2d: cc:81:04:95:04:0a:69:72:48:75:58:dc:9c:98:fe:3a:af:cc: d0:37:8d:4a:54:6e:05:f5:cd:7f:d9:58:e1:f0:e4:d4:3d:18: 52:31:41:f8:3a:6a:04:cf:99:72:72:e6:e5:b5:43:60:57:5a: df:12:65:08:5a:db:8a:b6:a8:dc:a6:54:e4:74:dc:4a:5a:0d: f7:dd:a9:07:ff:b0:c7:c8:d9:9a:8f:6c:90:dc:8b:57:b9:25: f4:71:d5:11:45:7c:ba:b6:70:d7:de:9b:79:a4:99:e0:e2:c7: cb:cd:b6:b6:c2:13:fa:96:43:1d:67:59:e3:06:4f:bc:d3:22: 2c:13:cf:50 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEMYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx MzU2MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJGQkNEQzhGQjQ2QkNB MzZCNjRGNEM4NjUzM0U2RTI5NUI3MEM4RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC53xFbpSa2Mfb4EscUltZlaWYjUmg3wn6jii/P5mnovlfZkAdb G6V59ri6Z+OftBBpH8UAcSUv+sW+g4sl1iFGuIHorj6Bpb35enHq6ydScwMd0PuH 2nir18GaH4VS65I0xwJZGldR2V7/+o3Dg4dKCVP1JZw1qOZTGNVJ8RdRrV6jiMHO e264VPq/bzNwyiGoKhMVoT3OVSxk2lmXiVUGrDpftyj37ebBbIJFaIkWn1JyTVjf ajWYjMFJSmeSFoZYcCnIuov6ujAisdfE5ICn1SZGuCFdvSCcjSdYoS9ChqdfJzo5 KiypZoePAck8V5hftkdRxP3gTspjeW/4xvc5AgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUL7zcj7Rryja2T0yGUz5uKVtwyPMwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTDd6Y2o3UnJ5amEyVDB5R1V6NXVL VnR3eVBNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8vZeDAN BgkqhkiG9w0BAQsFAAOCAQEAQR12tWXmszncZ8QYkILwjfizAT9orHV5ApBVfEdh ZHQeqQ2s+mjC1c9ew8Nr0f9spEkuX6eTugHUdcYxB9bibyXVEZ6n25uENECF1lwq OcI0rYeWQTM6TuotOKk6xIJgMLtNW4Eo3DWeXKCW6PDXAbLaPvc1udBsjEj6/a0t zIEElQQKaXJIdVjcnJj+Oq/M0DeNSlRuBfXNf9lY4fDk1D0YUjFB+DpqBM+ZcnLm 5bVDYFda3xJlCFrbirao3KZU5HTcSloN992pB/+wx8jZmo9skNyLV7kl9HHVEUV8 urZw196beaSZ4OLHy822tsIT+pZDHWdZ4wZPvNMiLBPPUA== -----END CERTIFICATE-----Generated at Tue Apr 8 18:06:14 2025 by rpki-client