$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ymKIEc5uSeP8tzF30QiAKPrmQRU.roa File: ymKIEc5uSeP8tzF30QiAKPrmQRU.roa (raw, json) Hash identifier: z1bzpm2UM9yJcoVcKnMm2sGXvrBr7hLlVkpUYeXSUtY= Subject key identifier: CA:62:88:11:CE:6E:49:E3:FC:B7:31:77:D1:08:80:28:FA:E6:41:15 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 10EC Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ymKIEc5uSeP8tzF30QiAKPrmQRU.roa Signing time: Mon 10 Feb 2025 13:56:36 +0000 ROA not before: Mon 10 Feb 2025 13:56:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17809 IP address blocks: 113.61.233.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 21:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4332 (0x10ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Feb 10 13:56:36 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CA628811CE6E49E3FCB73177D1088028FAE64115 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:05:25:31:19:ab:2c:9f:f5:d5:d9:db:5a:4a: 1f:c3:fa:88:ea:01:c5:c3:7b:b0:e6:09:65:9c:a1: 0c:ff:d1:d6:c2:ed:90:4f:4e:5b:39:08:d1:7d:a3: 17:7c:9c:17:ad:f5:18:e9:91:05:f4:7a:42:4c:1c: aa:f9:fc:fb:c2:4e:71:74:c9:67:f3:d4:a8:07:92: e3:0f:a7:04:14:c3:ac:1b:76:ed:85:b7:20:91:19: 4c:db:7f:0f:c6:fe:51:16:b0:8d:68:e9:45:02:12: be:e2:cd:3f:69:0d:c8:97:b7:0f:b5:5a:be:23:46: fc:b8:3a:94:4a:b3:7b:54:4f:05:7c:69:ef:27:8a: c5:b0:0d:f5:e9:29:e6:cf:fb:35:8f:dd:62:b5:f3: 0b:86:d0:02:db:1b:81:1c:af:ac:0c:c3:bf:a3:f0: 5a:79:c3:64:92:cd:63:89:3c:70:f1:15:f1:de:61: f3:3f:d6:c8:41:85:81:d2:d5:37:46:b4:a5:ca:8f: 5c:ae:9f:3f:5b:28:42:41:a7:ba:12:8f:1f:09:62: 12:15:c2:21:88:be:89:ee:a6:f1:7d:12:85:ce:e9: 06:11:5a:af:b0:79:bd:81:0c:29:c8:b3:9a:65:c9: 19:c6:1f:67:6a:71:83:de:7b:ea:d1:6b:29:00:02: f2:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:62:88:11:CE:6E:49:E3:FC:B7:31:77:D1:08:80:28:FA:E6:41:15 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ymKIEc5uSeP8tzF30QiAKPrmQRU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.61.233.0/24 Signature Algorithm: sha256WithRSAEncryption b2:45:4d:17:12:14:c6:4c:c7:f0:29:fa:40:1f:95:70:94:c4: d1:6e:5e:cf:7f:0d:ef:a9:cd:55:ac:74:fa:6b:e3:4b:33:31: 6d:df:d7:73:8d:7c:2f:78:07:1e:48:ec:5d:6b:52:4e:c7:eb: 5c:64:4f:cf:e7:22:68:d1:51:72:67:72:9e:af:a8:a4:a1:fa: 33:c0:fd:55:8e:9e:c7:b2:4f:53:59:fe:9c:fa:1a:6e:45:65: 43:c3:b5:eb:eb:05:7e:e5:41:43:5b:6d:8f:f3:06:c9:95:8b: ae:4a:fc:31:99:67:8b:d1:71:a2:50:21:f9:0c:9d:ff:fd:03: 7b:4b:66:77:05:66:94:8e:0e:b6:b0:48:2b:c8:e6:ac:9c:9f: 30:e3:da:6f:3c:cd:49:4e:c3:11:93:32:c1:65:11:8a:52:60: d8:c5:58:1c:b1:e3:33:da:88:b4:b7:98:20:49:ce:32:3f:0a: 94:eb:ff:1f:59:68:57:34:bb:4a:1c:b1:c0:c8:ec:48:8d:f3: cd:3e:20:6b:83:c3:b3:c0:a5:df:fb:ff:b4:c3:2c:90:bc:8f: 82:c4:1f:7d:1a:2e:1c:69:8d:10:4b:da:2c:48:1c:27:5b:0b: dd:9c:dc:4b:bd:c0:89:78:22:81:a1:09:30:53:90:5d:a1:b1: 13:31:cd:d7 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx MzU2MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENBNjI4ODExQ0U2RTQ5 RTNGQ0I3MzE3N0QxMDg4MDI4RkFFNjQxMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9BSUxGassn/XV2dtaSh/D+ojqAcXDe7DmCWWcoQz/0dbC7ZBP Tls5CNF9oxd8nBet9RjpkQX0ekJMHKr5/PvCTnF0yWfz1KgHkuMPpwQUw6wbdu2F tyCRGUzbfw/G/lEWsI1o6UUCEr7izT9pDciXtw+1Wr4jRvy4OpRKs3tUTwV8ae8n isWwDfXpKebP+zWP3WK18wuG0ALbG4Ecr6wMw7+j8Fp5w2SSzWOJPHDxFfHeYfM/ 1shBhYHS1TdGtKXKj1yunz9bKEJBp7oSjx8JYhIVwiGIvonupvF9EoXO6QYRWq+w eb2BDCnIs5plyRnGH2dqcYPee+rRaykAAvIjAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUymKIEc5uSeP8tzF30QiAKPrmQRUwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgveW1LSUVjNXVTZVA4dHpGMzBRaUFL UHJtUVJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHE96TAN BgkqhkiG9w0BAQsFAAOCAQEAskVNFxIUxkzH8Cn6QB+VcJTE0W5ez38N76nNVax0 +mvjSzMxbd/Xc418L3gHHkjsXWtSTsfrXGRPz+ciaNFRcmdynq+opKH6M8D9VY6e x7JPU1n+nPoabkVlQ8O16+sFfuVBQ1ttj/MGyZWLrkr8MZlni9FxolAh+Qyd//0D e0tmdwVmlI4OtrBIK8jmrJyfMOPabzzNSU7DEZMywWURilJg2MVYHLHjM9qItLeY IEnOMj8KlOv/H1loVzS7ShyxwMjsSI3zzT4ga4PDs8Cl3/v/tMMskLyPgsQffRou HGmNEEvaLEgcJ1sL3ZzcS73AiXgigaEJMFOQXaGxEzHN1w== -----END CERTIFICATE-----Generated at Tue Apr 8 18:07:40 2025 by rpki-client