$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/2hmBUK3-Y-i5GdDSkNmlmIJhwEg.roa File: 2hmBUK3-Y-i5GdDSkNmlmIJhwEg.roa (raw, json) Hash identifier: p9r8UYg6EyrP7n2+ea2Ykd3IpMUlVE/7ZrkLyJ5PiuE= Subject key identifier: DA:19:81:50:AD:FE:63:E8:B9:19:D0:D2:90:D9:A5:98:82:61:C0:48 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1249 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/2hmBUK3-Y-i5GdDSkNmlmIJhwEg.roa Signing time: Mon 10 Feb 2025 14:28:15 +0000 ROA not before: Mon 10 Feb 2025 14:28:15 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 219.91.0.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4681 (0x1249) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:15 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DA198150ADFE63E8B919D0D290D9A5988261C048 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d1:2a:f0:98:6e:22:44:69:3d:a8:38:d2:a7: 9f:d2:62:a5:d8:bb:48:34:a4:34:63:2f:2f:7b:3d: 70:ff:a7:45:64:c0:76:64:bb:ba:de:33:61:10:f4: 43:ab:87:3d:cf:9c:2f:e2:47:ec:a7:7e:3d:11:ee: 42:5d:bc:39:d6:79:35:9c:f9:f6:0e:a2:c8:85:02: 7c:7e:eb:18:a9:b8:16:02:f7:1e:17:68:52:23:2a: 2c:ee:59:71:8d:1d:8c:2b:ec:f6:78:b2:d8:f5:36: 23:66:33:65:dc:14:a6:ae:4e:a2:e5:37:db:0a:a6: a0:1a:d4:19:f0:18:1c:c5:d4:a3:91:8a:79:27:3c: 50:f5:60:fa:82:a5:e9:34:81:89:e1:c7:23:90:87: 2e:63:d9:3e:60:60:20:81:50:66:5f:3b:98:25:ec: 9f:08:db:ae:3b:50:f1:42:6d:b2:0d:ee:fa:f3:b5: 04:c1:e1:96:de:a5:ac:f8:da:ca:c0:7c:87:5f:1c: 7b:2a:25:51:06:bd:07:87:60:a6:eb:3c:53:19:9b: dc:dd:70:02:a2:ce:60:38:d4:07:dc:e0:f0:a9:30: ba:07:bc:8d:3e:b5:8e:d0:1f:36:43:d0:33:3f:fc: 73:ac:36:2a:26:2c:e5:b2:93:98:05:76:df:96:ca: 86:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:19:81:50:AD:FE:63:E8:B9:19:D0:D2:90:D9:A5:98:82:61:C0:48 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/2hmBUK3-Y-i5GdDSkNmlmIJhwEg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.91.0.0/18 Signature Algorithm: sha256WithRSAEncryption 23:05:32:41:d4:ec:e1:37:45:10:81:95:96:66:57:ee:b1:14: aa:81:8b:66:e0:c3:00:80:fe:a8:d4:1f:2d:ae:a9:9a:a5:d2: 71:ee:6a:37:3b:f7:ae:83:0c:92:89:37:05:44:c5:11:43:90: dc:1c:1f:c1:f5:f0:a4:55:a9:68:85:c8:fd:03:e3:16:c9:03: 17:11:bb:89:0b:f2:05:82:c7:f8:fb:ca:4d:77:3f:5b:73:56: 46:d1:a6:a4:85:02:b0:f9:87:1d:11:19:e9:96:24:79:e2:b5: dd:9c:72:48:f2:5b:af:6c:a2:1d:b2:f1:9d:aa:b1:04:58:63: 2f:dc:db:6c:36:3e:fb:de:1f:57:59:1e:a2:76:c7:29:e7:dc: 88:56:3e:6c:60:1a:2b:08:72:ea:6c:82:8a:fd:41:93:c3:7e: 57:d5:a3:f5:60:7f:40:e2:e0:2b:3a:39:f7:db:dc:79:cc:2b: 80:6d:80:57:9a:01:1c:de:78:42:6e:12:47:99:e5:da:2c:9a: 6b:59:b1:62:8d:e4:96:e6:b3:d4:d4:3e:28:e0:56:e1:d7:92: ab:bf:a9:24:f4:33:57:41:eb:3a:fb:4c:68:d8:8f:21:a9:08: 4a:6e:3e:bf:9f:1f:03:f9:e5:1f:c8:57:25:12:40:87:ea:85: c9:8a:02:90 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERBMTk4MTUwQURGRTYz RThCOTE5RDBEMjkwRDlBNTk4ODI2MUMwNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC50SrwmG4iRGk9qDjSp5/SYqXYu0g0pDRjLy97PXD/p0VkwHZk u7reM2EQ9EOrhz3PnC/iR+ynfj0R7kJdvDnWeTWc+fYOosiFAnx+6xipuBYC9x4X aFIjKizuWXGNHYwr7PZ4stj1NiNmM2XcFKauTqLlN9sKpqAa1BnwGBzF1KORinkn PFD1YPqCpek0gYnhxyOQhy5j2T5gYCCBUGZfO5gl7J8I2647UPFCbbIN7vrztQTB 4Zbepaz42srAfIdfHHsqJVEGvQeHYKbrPFMZm9zdcAKizmA41Afc4PCpMLoHvI0+ tY7QHzZD0DM//HOsNiomLOWyk5gFdt+WyoaXAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU2hmBUK3+Y+i5GdDSkNmlmIJhwEgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzJobUJVSzMtWS1pNUdkRFNrTm1sbUlK aHdFZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbbWwAwDQYJ KoZIhvcNAQELBQADggEBACMFMkHU7OE3RRCBlZZmV+6xFKqBi2bgwwCA/qjUHy2u qZql0nHuajc7966DDJKJNwVExRFDkNwcH8H18KRVqWiFyP0D4xbJAxcRu4kL8gWC x/j7yk13P1tzVkbRpqSFArD5hx0RGemWJHnitd2cckjyW69soh2y8Z2qsQRYYy/c 22w2PvveH1dZHqJ2xynn3IhWPmxgGisIcupsgor9QZPDflfVo/Vgf0Di4Cs6Offb 3HnMK4BtgFeaARzeeEJuEkeZ5dosmmtZsWKN5Jbms9TUPijgVuHXkqu/qST0M1dB 6zr7TGjYjyGpCEpuPr+fHwP55R/IVyUSQIfqhcmKApA= -----END CERTIFICATE-----Generated at Sat Apr 5 16:36:13 2025 by rpki-client