$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/pNn5VEJ1MN8-pFvkKCFYnuu7RVY.roa File: pNn5VEJ1MN8-pFvkKCFYnuu7RVY.roa (raw, json) Hash identifier: l6XI+3FPVrylaAj2670BOkkOS6bMBd0qPwboSUJNNNo= Subject key identifier: A4:D9:F9:54:42:75:30:DF:3E:A4:5B:E4:28:21:58:9E:EB:BB:45:56 Certificate issuer: /CN=3BF441B57C86BD9D193451A005D26CE1A3C6DEE7 Certificate serial: 02AA Authority key identifier: 3B:F4:41:B5:7C:86:BD:9D:19:34:51:A0:05:D2:6C:E1:A3:C6:DE:E7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/pNn5VEJ1MN8-pFvkKCFYnuu7RVY.roa Signing time: Mon 10 Feb 2025 14:05:17 +0000 ROA not before: Mon 10 Feb 2025 14:05:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18041 IP address blocks: 2406:ee40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 22:38:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 682 (0x2aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BF441B57C86BD9D193451A005D26CE1A3C6DEE7 Validity Not Before: Feb 10 14:05:17 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A4D9F954427530DF3EA45BE42821589EEBBB4556 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1b:07:58:ed:00:13:1e:c4:67:23:f4:65:f1: cf:a6:0a:1c:b4:fc:2a:19:28:be:4d:74:62:5b:c4: ac:6a:23:a0:02:3a:f3:f0:05:a5:90:3b:3d:35:c8: ad:43:06:83:08:77:12:b9:51:7e:33:de:aa:35:70: 6b:f8:06:ea:3a:c3:92:71:48:b8:b2:34:fe:68:04: e9:47:b8:4e:94:53:e7:37:0a:0e:03:a0:1e:ed:b2: 9c:4f:8d:a8:e5:df:c5:b5:10:ae:99:74:09:5f:17: e0:21:45:64:06:40:bb:32:ac:ca:d1:b1:1d:1d:a3: 1f:94:ff:26:88:6a:3e:57:78:1a:be:21:07:a7:10: b0:ea:22:18:db:0c:e6:12:30:b6:58:fc:3e:db:a6: 55:9b:bd:7c:d9:19:24:84:6a:bf:f5:cc:7d:5d:53: e1:97:39:cd:f4:75:11:d4:f1:34:50:3e:c6:f5:1a: 66:55:89:3d:5c:d7:9a:fa:08:23:88:98:2c:64:af: a2:6d:b2:eb:9c:ad:be:2e:98:6a:2c:1f:db:45:50: 53:54:dc:7f:5c:30:e2:4d:c8:c1:42:83:46:2e:1d: a3:04:3f:65:d5:48:38:87:db:d1:86:ff:80:b3:bb: 97:8e:ac:44:de:51:13:38:3a:ad:f5:60:3c:5d:97: 59:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:D9:F9:54:42:75:30:DF:3E:A4:5B:E4:28:21:58:9E:EB:BB:45:56 X509v3 Authority Key Identifier: keyid:3B:F4:41:B5:7C:86:BD:9D:19:34:51:A0:05:D2:6C:E1:A3:C6:DE:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/pNn5VEJ1MN8-pFvkKCFYnuu7RVY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:ee40::/32 Signature Algorithm: sha256WithRSAEncryption 53:fa:e5:e8:61:0a:68:3f:4f:81:d1:43:25:c7:1c:0b:5c:aa: 0e:2f:4a:8c:8b:0e:10:9b:a8:7d:20:75:d5:97:1b:72:1d:31: a4:8c:7b:83:48:0c:8a:43:85:44:23:5c:01:16:de:06:a6:ad: 34:12:b6:28:69:c3:6f:2f:12:79:69:6a:ad:7d:80:bd:93:27: 8e:5e:81:be:26:56:6d:31:7c:67:bd:98:9b:85:8e:c6:e2:f0: e3:df:76:30:3d:a9:ad:30:2d:d0:f8:49:f7:74:2e:c5:87:7e: 4b:b0:09:ec:7f:7c:48:a1:aa:1c:77:79:12:ad:23:96:f2:12: 87:5c:e7:53:f4:3c:77:fb:06:4c:34:e3:f4:a0:3f:68:a4:b4: bc:bf:2e:ad:3d:4b:f7:c5:df:61:59:9b:3a:f3:f6:f3:b5:16: 54:1e:62:25:79:97:84:22:33:a0:04:89:c1:53:58:f9:14:fa: 08:b9:7f:6f:0a:20:02:a8:4a:7e:48:b5:53:ba:64:4c:01:b2: d9:8d:a7:1d:09:48:ae:96:8a:fc:a7:a9:01:07:57:f4:f3:66: c7:bc:7a:73:49:34:8c:ad:66:44:af:ca:db:1a:1e:00:79:e6: 29:ef:10:16:2d:ee:7a:13:65:46:42:ef:c6:4e:cc:e3:86:c4: 21:8f:2b:6b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JG NDQxQjU3Qzg2QkQ5RDE5MzQ1MUEwMDVEMjZDRTFBM0M2REVFNzAeFw0yNTAyMTAx NDA1MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE0RDlGOTU0NDI3NTMw REYzRUE0NUJFNDI4MjE1ODlFRUJCQjQ1NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9GwdY7QATHsRnI/Rl8c+mChy0/CoZKL5NdGJbxKxqI6ACOvPw BaWQOz01yK1DBoMIdxK5UX4z3qo1cGv4Buo6w5JxSLiyNP5oBOlHuE6UU+c3Cg4D oB7tspxPjajl38W1EK6ZdAlfF+AhRWQGQLsyrMrRsR0dox+U/yaIaj5XeBq+IQen ELDqIhjbDOYSMLZY/D7bplWbvXzZGSSEar/1zH1dU+GXOc30dRHU8TRQPsb1GmZV iT1c15r6CCOImCxkr6Jtsuucrb4umGosH9tFUFNU3H9cMOJNyMFCg0YuHaMEP2XV SDiH29GG/4Czu5eOrETeURM4Oq31YDxdl1mLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUpNn5VEJ1MN8+pFvkKCFYnuu7RVYwHwYDVR0jBBgwFoAUO/RBtXyGvZ0ZNFGg BdJs4aPG3ucwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRVJBWUlO Rk8vT19SQnRYeUd2WjBaTkZHZ0JkSnM0YVBHM3VjLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9PX1JCdFh5R3ZaMFpORkdnQmRKczRhUEczdWMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FUkFZSU5GTy9wTm41VkVKMU1OOC1w RnZrS0NGWW51dTdSVlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUAJAbuQDANBgkqhkiG9w0BAQsFAAOCAQEAU/rl6GEKaD9PgdFDJcccC1yqDi9K jIsOEJuofSB11Zcbch0xpIx7g0gMikOFRCNcARbeBqatNBK2KGnDby8SeWlqrX2A vZMnjl6BviZWbTF8Z72Ym4WOxuLw4992MD2prTAt0PhJ93QuxYd+S7AJ7H98SKGq HHd5Eq0jlvISh1znU/Q8d/sGTDTj9KA/aKS0vL8urT1L98XfYVmbOvP287UWVB5i JXmXhCIzoASJwVNY+RT6CLl/bwogAqhKfki1U7pkTAGy2Y2nHQlIrpaK/KepAQdX 9PNmx7x6c0k0jK1mRK/K2xoeAHnmKe8QFi3uehNlRkLvxk7M44bEIY8raw== -----END CERTIFICATE-----Generated at Thu Apr 17 20:38:16 2025 by rpki-client