$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/3GuAAnRq554cI1OOsKxVb5dwiBE.roa File: 3GuAAnRq554cI1OOsKxVb5dwiBE.roa (raw, json) Hash identifier: XCf8rzrlHvE8SWd75RqL9831bBRba5+6S3QLnrjDRks= Subject key identifier: DC:6B:80:02:74:6A:E7:9E:1C:23:53:8E:B0:AC:55:6F:97:70:88:11 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 11DE Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/3GuAAnRq554cI1OOsKxVb5dwiBE.roa Signing time: Mon 10 Feb 2025 14:27:49 +0000 ROA not before: Mon 10 Feb 2025 14:27:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9922 IP address blocks: 124.218.178.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4574 (0x11de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:49 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DC6B8002746AE79E1C23538EB0AC556F97708811 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f8:98:49:18:f8:7a:46:c6:e4:bc:71:1a:63: 50:2c:52:e2:45:6d:6e:03:08:60:69:73:0a:d6:d8: ba:73:fc:6b:2b:4e:ed:3e:07:a4:77:9d:29:85:f9: 4e:61:8d:52:f7:08:d8:25:17:b2:4c:17:fc:0e:2a: ca:e4:84:af:73:db:af:a7:e0:ea:49:8d:4a:e4:0e: c2:b7:a6:45:c1:b0:a8:32:e2:3a:78:d8:b7:2e:cd: 61:a5:d5:b6:f7:95:1d:8c:ed:29:c7:bd:0c:9e:72: 47:a8:2b:10:41:be:74:b3:11:69:38:ec:51:cf:bc: b3:27:43:ed:5f:30:aa:d6:c3:67:83:8c:ba:ee:38: 9c:01:a9:97:49:25:4d:d6:e0:6e:90:84:78:3e:cb: 38:f1:69:b7:0b:a6:69:94:a8:16:64:dc:0b:7e:f2: 61:f4:e3:7e:97:76:1c:4e:ca:1a:89:48:13:38:55: 04:42:b7:22:94:b1:e3:9f:eb:be:66:43:d5:5a:27: 39:a8:6e:17:41:3d:3d:73:6b:2d:45:c8:44:80:0a: 0e:27:4f:92:ff:6b:27:14:2a:83:e4:75:31:1a:b5: d9:3e:7f:1b:72:75:3e:99:d8:88:46:59:e8:42:98: 50:ff:05:b5:64:53:b1:fd:05:00:25:2b:78:5f:5d: 01:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:6B:80:02:74:6A:E7:9E:1C:23:53:8E:B0:AC:55:6F:97:70:88:11 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/3GuAAnRq554cI1OOsKxVb5dwiBE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.178.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:53:f4:4b:86:78:fb:71:e9:c3:24:8d:82:98:a1:f0:b0:7d: d2:80:84:8a:55:7a:bf:76:7e:c8:12:21:9a:aa:1e:f6:9d:6d: c7:15:dc:ef:5e:1b:63:8b:4b:a2:59:37:32:2b:01:15:f2:b6: af:b8:2a:98:cc:6b:82:0f:18:89:84:01:68:97:33:fe:07:05: 39:02:cb:12:40:97:f8:42:75:03:b0:6e:d7:4b:5c:e6:e5:14: 23:71:41:6c:1c:fc:dd:61:4e:52:5d:8c:13:db:68:ec:65:7d: be:c1:06:18:98:44:c3:f5:02:aa:76:4e:58:17:65:d6:b3:5a: 9f:57:0c:0d:30:0d:15:f3:cc:3a:bc:e4:74:0f:7e:1f:ee:ba: da:5d:61:ed:23:0a:d7:97:8e:a9:c5:01:a6:5c:0a:bc:2c:a1: 5e:f0:fe:cf:8e:da:fe:4e:c5:27:1c:8e:6e:37:00:9f:0d:20: e7:ed:f7:63:73:a3:4c:62:61:36:8f:fb:b6:21:a2:37:a1:5a: 8e:8d:2d:f4:32:8b:f6:be:0f:e5:8e:77:de:ae:b2:0a:05:79: 52:57:75:f4:db:fd:ce:01:f2:07:95:bc:d6:e1:52:c1:9f:de: e1:d0:82:51:d3:1b:f6:2d:0a:12:b8:38:9b:7f:91:b7:48:62: e3:0f:6c:0f -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDNkI4MDAyNzQ2QUU3 OUUxQzIzNTM4RUIwQUM1NTZGOTc3MDg4MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9+JhJGPh6RsbkvHEaY1AsUuJFbW4DCGBpcwrW2Lpz/GsrTu0+ B6R3nSmF+U5hjVL3CNglF7JMF/wOKsrkhK9z26+n4OpJjUrkDsK3pkXBsKgy4jp4 2LcuzWGl1bb3lR2M7SnHvQyeckeoKxBBvnSzEWk47FHPvLMnQ+1fMKrWw2eDjLru OJwBqZdJJU3W4G6QhHg+yzjxabcLpmmUqBZk3At+8mH0436XdhxOyhqJSBM4VQRC tyKUseOf675mQ9VaJzmobhdBPT1zay1FyESACg4nT5L/aycUKoPkdTEatdk+fxty dT6Z2IhGWehCmFD/BbVkU7H9BQAlK3hfXQGrAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU3GuAAnRq554cI1OOsKxVb5dwiBEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzNHdUFBblJxNTU0Y0kxT09zS3hWYjVk d2lCRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB82rIwDQYJ KoZIhvcNAQELBQADggEBAHtT9EuGePtx6cMkjYKYofCwfdKAhIpVer92fsgSIZqq HvadbccV3O9eG2OLS6JZNzIrARXytq+4KpjMa4IPGImEAWiXM/4HBTkCyxJAl/hC dQOwbtdLXOblFCNxQWwc/N1hTlJdjBPbaOxlfb7BBhiYRMP1Aqp2TlgXZdazWp9X DA0wDRXzzDq85HQPfh/uutpdYe0jCteXjqnFAaZcCrwsoV7w/s+O2v5OxSccjm43 AJ8NIOft92Nzo0xiYTaP+7YhojehWo6NLfQyi/a+D+WOd96usgoFeVJXdfTb/c4B 8geVvNbhUsGf3uHQglHTG/YtChK4OJt/kbdIYuMPbA8= -----END CERTIFICATE-----Generated at Mon Apr 7 17:42:01 2025 by rpki-client