$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/DWHjcoi57SZkoPdAiDP2r7nhZLE.roa File: DWHjcoi57SZkoPdAiDP2r7nhZLE.roa (raw, json) Hash identifier: QgkQXdgZdI9m4L2NOIhMIY7rKjx74O2axCqUiYRLAFk= Subject key identifier: 0D:61:E3:72:88:B9:ED:26:64:A0:F7:40:88:33:F6:AF:B9:E1:64:B1 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1258 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/DWHjcoi57SZkoPdAiDP2r7nhZLE.roa Signing time: Mon 10 Feb 2025 14:28:19 +0000 ROA not before: Mon 10 Feb 2025 14:28:19 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 210.201.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4696 (0x1258) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:19 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0D61E37288B9ED2664A0F7408833F6AFB9E164B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8d:51:2e:f5:b2:e9:a5:b5:f5:bb:67:b1:ba: 17:a5:9b:eb:28:83:17:2e:78:db:7b:f5:81:9b:82: 4e:92:8c:68:ed:36:f4:13:97:35:3e:d8:6c:aa:19: 61:21:de:1e:fb:60:ed:86:58:6f:b4:38:32:8d:70: e5:8d:65:ec:2e:97:92:5b:c8:e1:8c:22:50:b3:61: 80:81:e9:56:49:c6:aa:d7:33:a0:2b:2e:54:d8:b2: 8e:f3:eb:87:c2:8a:36:6e:93:fa:0e:23:34:08:a1: 71:72:20:e9:77:68:fc:b3:0f:23:60:a9:e4:78:ed: 92:ff:b6:f7:36:c3:34:7e:03:4e:66:12:04:0b:42: df:b2:e0:b1:97:12:16:d7:ed:2f:5d:ef:bf:c6:8d: 7c:82:1c:cd:55:f5:a0:4b:8b:bc:24:65:ab:a3:56: f3:88:70:01:d1:a1:e8:8b:e4:42:13:29:33:f5:34: d4:54:f4:58:34:67:8e:21:97:78:f0:6a:d9:5d:45: 0a:7b:5e:08:67:7a:00:d7:55:fd:c4:4e:a4:a5:a3: 72:0c:ab:39:fa:93:f8:c4:4e:67:79:d9:4c:67:2f: 65:4e:b7:99:a5:63:80:5d:88:db:d4:7f:68:ee:fd: 25:ed:b4:e4:d1:f2:09:26:3e:dc:d4:40:66:93:bb: e5:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:61:E3:72:88:B9:ED:26:64:A0:F7:40:88:33:F6:AF:B9:E1:64:B1 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/DWHjcoi57SZkoPdAiDP2r7nhZLE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.201.32.0/22 Signature Algorithm: sha256WithRSAEncryption 4c:c3:eb:70:14:3f:9b:92:8e:b0:99:f7:2a:fe:95:aa:17:6f: b5:ae:c3:79:81:d6:a6:ec:82:26:31:62:2f:17:2e:08:8e:48: 59:3f:52:85:0e:4a:0a:8d:bf:12:cc:07:b7:15:60:f1:e9:56: 00:3a:96:3f:7f:a0:a7:33:46:7e:d7:e2:ef:24:82:d2:99:f8: 79:b7:50:bb:b4:02:36:08:aa:3c:c5:ea:1c:19:64:e0:e1:0d: c9:0f:26:ca:35:0f:e7:b6:53:66:af:02:f4:96:ce:d2:5a:97: f9:a9:fe:f3:a0:6f:13:b1:82:1e:3f:04:df:ad:8d:29:04:7e: 0b:b3:fb:bb:32:cd:a0:db:d7:2a:d8:19:5b:4e:ae:de:cc:04: 50:c0:ea:80:9c:65:76:e9:ba:19:1c:55:29:43:f6:a8:19:57: 14:ff:0f:fb:b0:7e:f8:c4:43:2b:7f:fc:b8:01:a0:25:f2:7e: f7:00:8c:05:b4:c7:66:c6:34:70:89:4e:f4:c5:7f:cf:1f:0f: 33:3f:d1:f8:9a:d2:d1:57:fd:bb:3e:16:2a:fa:ea:14:bd:ae: 20:20:7c:66:d7:cf:4d:ae:b0:e1:46:cb:3d:f5:85:1f:50:e9: fe:2f:22:a7:b6:2f:59:28:98:a1:f5:3f:79:fb:50:2f:c1:73: 83:68:cf:55 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICElgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBENjFFMzcyODhCOUVE MjY2NEEwRjc0MDg4MzNGNkFGQjlFMTY0QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCjVEu9bLppbX1u2exuhelm+sogxcueNt79YGbgk6SjGjtNvQT lzU+2GyqGWEh3h77YO2GWG+0ODKNcOWNZewul5JbyOGMIlCzYYCB6VZJxqrXM6Ar LlTYso7z64fCijZuk/oOIzQIoXFyIOl3aPyzDyNgqeR47ZL/tvc2wzR+A05mEgQL Qt+y4LGXEhbX7S9d77/GjXyCHM1V9aBLi7wkZaujVvOIcAHRoeiL5EITKTP1NNRU 9Fg0Z44hl3jwatldRQp7XghnegDXVf3ETqSlo3IMqzn6k/jETmd52UxnL2VOt5ml Y4BdiNvUf2ju/SXttOTR8gkmPtzUQGaTu+WtAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUDWHjcoi57SZkoPdAiDP2r7nhZLEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0RXSGpjb2k1N1Naa29QZEFpRFAycjdu aFpMRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSySAwDQYJ KoZIhvcNAQELBQADggEBAEzD63AUP5uSjrCZ9yr+laoXb7Wuw3mB1qbsgiYxYi8X LgiOSFk/UoUOSgqNvxLMB7cVYPHpVgA6lj9/oKczRn7X4u8kgtKZ+Hm3ULu0AjYI qjzF6hwZZODhDckPJso1D+e2U2avAvSWztJal/mp/vOgbxOxgh4/BN+tjSkEfguz +7syzaDb1yrYGVtOrt7MBFDA6oCcZXbpuhkcVSlD9qgZVxT/D/uwfvjEQyt//LgB oCXyfvcAjAW0x2bGNHCJTvTFf88fDzM/0fia0tFX/bs+Fir66hS9riAgfGbXz02u sOFGyz31hR9Q6f4vIqe2L1komKH1P3n7UC/Bc4Noz1U= -----END CERTIFICATE-----Generated at Mon Apr 7 20:44:30 2025 by rpki-client