$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/DYVSXRpb4qQUFlpf5yhe1rWqKQk.roa File: DYVSXRpb4qQUFlpf5yhe1rWqKQk.roa (raw, json) Hash identifier: pNlhD1PqaKleh1CPf98vb2mCq6T+r88+fW88YW8iCVk= Subject key identifier: 0D:85:52:5D:1A:5B:E2:A4:14:16:5A:5F:E7:28:5E:D6:B5:AA:29:09 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1248 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/DYVSXRpb4qQUFlpf5yhe1rWqKQk.roa Signing time: Mon 10 Feb 2025 14:28:15 +0000 ROA not before: Mon 10 Feb 2025 14:28:15 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9922 IP address blocks: 124.218.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4680 (0x1248) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:15 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0D85525D1A5BE2A414165A5FE7285ED6B5AA2909 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:6b:fb:df:b1:40:1f:78:22:2a:a4:78:d1:d3: 79:75:1f:84:5a:fa:c2:36:36:19:6a:41:66:a7:98: 38:36:bf:0e:b7:30:16:ba:b0:0b:bb:7e:76:78:15: eb:c9:7e:74:e3:2d:97:69:c9:03:95:a5:79:e3:dd: 10:60:14:78:07:53:5d:5f:b4:9e:35:a7:b8:e5:f4: 14:5d:75:7e:b4:16:ca:9b:88:de:a4:07:bb:53:2b: 0f:c1:e6:29:e1:e2:f4:dc:5e:2c:f5:56:6d:4b:53: d7:17:b6:f0:85:33:dd:15:c8:64:83:b8:af:aa:2c: cd:4f:5f:bb:ce:1d:f9:76:88:21:f2:51:cc:f6:61: 7a:94:d4:d3:18:ac:02:46:cd:51:66:13:f4:5e:6c: c4:a0:83:3c:ef:9e:ae:a3:b2:e4:8c:6b:63:b3:e4: fd:35:6c:d6:a7:c9:0f:dd:31:56:9f:40:9a:68:ed: 3b:69:91:6a:4a:46:b7:bc:14:76:04:96:96:57:97: 1d:47:a1:73:36:be:e8:dd:18:76:ee:74:6b:6c:fa: ea:01:ff:20:46:f0:f6:5c:e6:c8:d2:9f:48:95:39: 07:09:bb:3b:8c:9e:2a:5b:28:53:cd:ec:a3:8f:56: a9:60:84:aa:bf:1f:0c:ac:25:25:1a:87:c1:ea:e0: 49:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:85:52:5D:1A:5B:E2:A4:14:16:5A:5F:E7:28:5E:D6:B5:AA:29:09 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/DYVSXRpb4qQUFlpf5yhe1rWqKQk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.68.0/22 Signature Algorithm: sha256WithRSAEncryption b4:4e:0b:a5:e5:12:f2:6e:b7:db:9b:0c:37:64:f8:67:ce:eb: 64:72:ee:0f:aa:ce:97:93:fe:d2:27:a4:b6:cc:a6:2a:34:92: c6:75:5f:bd:4b:45:f0:e0:bc:b6:f2:5b:5d:c3:63:ce:62:2e: fe:dd:fe:ac:c8:21:ff:55:38:60:d4:04:23:70:ca:32:c3:f2: 62:70:40:86:b1:0e:83:1b:26:f0:fc:7f:47:2d:2b:5b:c4:8f: 5a:8f:c6:e8:fb:ad:e7:e6:b4:f9:71:b0:55:db:ea:d8:71:cf: 8e:43:6d:cf:7f:7a:6e:91:a5:62:b4:1f:b5:65:d6:2c:86:b7: cf:d3:27:d0:35:4e:7c:d6:71:76:42:f3:07:fd:9e:ed:a1:0b: d2:d9:66:d5:f5:9f:2f:66:9f:f2:42:ef:c2:6b:e3:ed:c8:9d: ae:62:94:a8:d0:8d:4d:76:a4:ce:30:37:66:74:3f:5a:46:1f: 54:73:e6:63:8a:52:70:c0:5e:8c:80:17:2c:db:c6:81:f7:a5: 53:cf:ca:85:6f:69:af:ec:50:35:14:fd:7f:7a:50:99:f4:7a: 9d:20:df:a3:91:43:0a:6c:47:5d:72:94:4e:40:10:a1:05:e1: 5f:38:6c:78:41:96:bc:2a:07:4d:97:66:b2:9c:6a:29:21:a1: ba:e5:cf:f9 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEkgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBEODU1MjVEMUE1QkUy QTQxNDE2NUE1RkU3Mjg1RUQ2QjVBQTI5MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCma/vfsUAfeCIqpHjR03l1H4Ra+sI2NhlqQWanmDg2vw63MBa6 sAu7fnZ4FevJfnTjLZdpyQOVpXnj3RBgFHgHU11ftJ41p7jl9BRddX60FsqbiN6k B7tTKw/B5inh4vTcXiz1Vm1LU9cXtvCFM90VyGSDuK+qLM1PX7vOHfl2iCHyUcz2 YXqU1NMYrAJGzVFmE/RebMSggzzvnq6jsuSMa2Oz5P01bNanyQ/dMVafQJpo7Ttp kWpKRre8FHYElpZXlx1HoXM2vujdGHbudGts+uoB/yBG8PZc5sjSn0iVOQcJuzuM nipbKFPN7KOPVqlghKq/HwysJSUah8Hq4Em/AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUDYVSXRpb4qQUFlpf5yhe1rWqKQkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0RZVlNYUnBiNHFRVUZscGY1eWhlMXJX cUtRay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82kQwDQYJ KoZIhvcNAQELBQADggEBALROC6XlEvJut9ubDDdk+GfO62Ry7g+qzpeT/tInpLbM pio0ksZ1X71LRfDgvLbyW13DY85iLv7d/qzIIf9VOGDUBCNwyjLD8mJwQIaxDoMb JvD8f0ctK1vEj1qPxuj7refmtPlxsFXb6thxz45Dbc9/em6RpWK0H7Vl1iyGt8/T J9A1TnzWcXZC8wf9nu2hC9LZZtX1ny9mn/JC78Jr4+3Ina5ilKjQjU12pM4wN2Z0 P1pGH1Rz5mOKUnDAXoyAFyzbxoH3pVPPyoVvaa/sUDUU/X96UJn0ep0g36ORQwps R11ylE5AEKEF4V84bHhBlrwqB02XZrKcaikhobrlz/k= -----END CERTIFICATE-----Generated at Mon Apr 7 17:43:23 2025 by rpki-client