$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/0Qr7Cfev5uEuZY_5a_MzpSLBjlk.roa File: 0Qr7Cfev5uEuZY_5a_MzpSLBjlk.roa (raw, json) Hash identifier: 5pyNsFGfHlnTBMgk0pFrLw53ZvcV4sgkmMNixs2qpR4= Subject key identifier: D1:0A:FB:09:F7:AF:E6:E1:2E:65:8F:F9:6B:F3:33:A5:22:C1:8E:59 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 123A Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/0Qr7Cfev5uEuZY_5a_MzpSLBjlk.roa Signing time: Mon 10 Feb 2025 14:28:11 +0000 ROA not before: Mon 10 Feb 2025 14:28:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 210.63.208.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4666 (0x123a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:11 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D10AFB09F7AFE6E12E658FF96BF333A522C18E59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:52:7a:aa:19:e7:a2:2a:61:04:59:7c:c2:a3: 3d:c2:1d:a6:69:7d:0a:0d:15:a0:1b:92:86:27:3c: 62:82:8e:80:88:d5:ea:6f:bc:6f:fb:1b:36:8e:29: 07:48:51:bd:6f:9d:17:cc:42:6b:89:0f:6f:57:80: d6:3c:a1:2d:bb:c2:70:e0:e9:a4:bd:db:33:43:ab: 54:e8:40:e2:3b:50:d4:8f:8e:4f:cf:7c:e0:0a:ce: 85:a4:e9:2a:21:a0:b7:37:df:95:76:30:de:2f:b6: 6c:01:01:6b:19:17:6c:92:0b:c1:21:5a:de:08:da: c3:8a:96:b2:55:43:35:64:2f:7f:e5:b5:ae:f8:34: a9:30:15:e2:29:ff:40:5a:2d:f8:eb:ad:84:e9:85: 54:79:ec:96:50:1b:58:c5:01:13:e5:e7:18:a2:46: 09:8c:8d:78:60:78:6e:fc:85:a2:1a:4b:ad:16:de: 25:a6:90:75:4d:ac:0d:e9:46:d6:99:f6:ec:97:19: e7:c5:7a:8b:71:42:ff:c8:8f:2b:e2:16:b9:45:c9: 2e:22:62:10:69:5e:6d:9e:1d:71:91:22:8d:b4:54: b5:b3:97:6c:b5:e7:d3:12:0c:63:47:7d:c1:af:16: e6:17:2f:3d:ed:91:51:de:7d:7d:8d:bc:87:74:1b: ae:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:0A:FB:09:F7:AF:E6:E1:2E:65:8F:F9:6B:F3:33:A5:22:C1:8E:59 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/0Qr7Cfev5uEuZY_5a_MzpSLBjlk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.63.208.0/21 Signature Algorithm: sha256WithRSAEncryption 7a:3f:e7:50:ce:df:d0:cb:58:66:67:8b:4a:db:ec:c5:1b:6c: 2f:e2:47:a5:92:86:8e:29:1e:f2:6c:cf:18:f5:81:3e:df:cc: 00:5c:82:3a:aa:04:74:e6:6f:cd:e5:d1:8e:a6:ae:51:80:b8: c1:59:ff:57:3f:06:c5:9b:28:23:a3:d8:88:05:eb:52:6f:9d: b0:39:50:3f:c8:58:29:7b:4c:66:82:34:c9:77:f9:84:07:f2: 1c:d2:19:a2:31:fb:97:58:8e:3b:b0:11:df:8c:2e:16:fc:bb: 5e:2f:26:25:7d:f5:98:98:00:f9:f4:12:85:95:36:ed:56:9d: b4:19:c7:0a:66:89:e0:e9:84:bb:e9:af:15:0b:39:47:00:4a: 2f:c5:99:c3:bb:98:2e:8d:52:23:27:a5:44:3b:f1:a7:ab:27: fb:92:fa:93:d3:3e:dc:f8:d9:c4:72:9a:2e:d7:cd:57:dc:59: 0f:4a:ef:29:4c:b0:e7:75:17:2e:ff:b8:3f:78:ca:6e:c4:f1: 4d:4a:9a:5c:b9:4c:9e:9d:b2:ab:f2:5d:fb:dd:8b:27:dd:bd: e4:f6:ca:84:1f:2d:80:f7:89:5b:95:d6:5e:bb:ba:e7:1b:5e: 7d:6a:a5:0f:2c:3d:4a:84:49:81:df:df:fd:c6:2d:2e:8f:58: a2:69:4c:0f -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQxMEFGQjA5RjdBRkU2 RTEyRTY1OEZGOTZCRjMzM0E1MjJDMThFNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD5UnqqGeeiKmEEWXzCoz3CHaZpfQoNFaAbkoYnPGKCjoCI1epv vG/7GzaOKQdIUb1vnRfMQmuJD29XgNY8oS27wnDg6aS92zNDq1ToQOI7UNSPjk/P fOAKzoWk6SohoLc335V2MN4vtmwBAWsZF2ySC8EhWt4I2sOKlrJVQzVkL3/lta74 NKkwFeIp/0BaLfjrrYTphVR57JZQG1jFARPl5xiiRgmMjXhgeG78haIaS60W3iWm kHVNrA3pRtaZ9uyXGefFeotxQv/IjyviFrlFyS4iYhBpXm2eHXGRIo20VLWzl2y1 59MSDGNHfcGvFuYXLz3tkVHefX2NvId0G649AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU0Qr7Cfev5uEuZY/5a/MzpSLBjlkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzBRcjdDZmV2NXVFdVpZXzVhX016cFNM Qmpsay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPSP9AwDQYJ KoZIhvcNAQELBQADggEBAHo/51DO39DLWGZni0rb7MUbbC/iR6WSho4pHvJszxj1 gT7fzABcgjqqBHTmb83l0Y6mrlGAuMFZ/1c/BsWbKCOj2IgF61JvnbA5UD/IWCl7 TGaCNMl3+YQH8hzSGaIx+5dYjjuwEd+MLhb8u14vJiV99ZiYAPn0EoWVNu1WnbQZ xwpmieDphLvprxULOUcASi/FmcO7mC6NUiMnpUQ78aerJ/uS+pPTPtz42cRymi7X zVfcWQ9K7ylMsOd1Fy7/uD94ym7E8U1Kmly5TJ6dsqvyXfvdiyfdveT2yoQfLYD3 iVuV1l67uucbXn1qpQ8sPUqESYHf3/3GLS6PWKJpTA8= -----END CERTIFICATE-----Generated at Mon Apr 7 20:56:40 2025 by rpki-client