$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/En7kSAWvB1VpmmTFOL-YdyDmkSE.roa File: En7kSAWvB1VpmmTFOL-YdyDmkSE.roa (raw, json) Hash identifier: zUpUEPl1zDD6IHj6ETQv4Y3OYBb55gYEpw3zXtoLMbU= Subject key identifier: 12:7E:E4:48:05:AF:07:55:69:9A:64:C5:38:BF:98:77:20:E6:91:21 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 11EA Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/En7kSAWvB1VpmmTFOL-YdyDmkSE.roa Signing time: Mon 10 Feb 2025 14:27:52 +0000 ROA not before: Mon 10 Feb 2025 14:27:52 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 210.201.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4586 (0x11ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:52 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=127EE44805AF0755699A64C538BF987720E69121 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:00:ad:f5:31:ae:d1:c0:41:6b:27:39:10:b8: 4f:ec:3e:75:57:30:45:b4:f6:05:c0:b7:4f:a7:02: 18:c0:05:f5:51:d5:42:9b:57:2b:20:9b:d3:75:e6: 92:dc:2f:31:21:15:9b:80:b5:8d:0f:42:6c:9f:0e: 29:b6:76:c9:c2:09:02:d8:52:43:11:16:a3:19:7e: 54:04:b0:52:89:ba:93:c9:e4:ac:2f:55:16:ab:38: b6:71:0e:e8:44:3b:c8:68:fe:12:f7:b8:3b:c9:ec: f7:72:2f:96:96:c4:e4:02:73:bf:7f:7c:da:35:1f: 4e:53:44:de:a9:5f:89:d1:20:25:d1:f9:36:f4:19: c6:ec:81:8f:ed:6a:29:17:06:6e:6e:4a:f6:4a:40: 61:26:52:eb:bd:d6:7e:8f:4a:0b:f3:92:fb:5a:94: a1:40:db:f9:21:4a:d2:aa:ee:d9:92:bd:36:b9:87: c8:88:0d:34:aa:67:54:55:41:ab:df:cf:f1:c1:5f: 92:11:2b:a8:25:09:0f:02:3c:c5:92:45:ec:5a:fa: ab:45:23:c4:77:24:db:26:83:54:c2:47:3e:19:0c: 8f:81:6d:8d:d6:51:a5:79:73:b7:5b:29:fe:4d:ba: 2f:63:d9:a7:45:15:d6:1f:e8:86:3f:94:f7:66:c1: dc:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:7E:E4:48:05:AF:07:55:69:9A:64:C5:38:BF:98:77:20:E6:91:21 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/En7kSAWvB1VpmmTFOL-YdyDmkSE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.201.72.0/24 Signature Algorithm: sha256WithRSAEncryption ab:f2:1d:13:92:6a:ed:b1:d1:d6:8a:75:fe:2c:28:4b:da:53: f3:06:58:4e:fa:e8:5b:11:a7:71:de:82:24:31:7d:74:ee:c1: 13:4f:81:51:59:4c:c9:6d:71:69:b9:44:6c:9f:1b:e6:32:fd: 9d:22:5c:70:94:02:1a:89:60:7a:4f:00:0c:8a:d5:31:34:9f: 31:d9:7e:3a:b3:c7:4d:e9:5a:0c:f3:ab:a0:9b:ea:ca:e3:57: 59:a0:1f:9e:1c:b1:96:1a:db:1b:1c:d4:04:e1:3e:00:1f:97: 5d:40:5a:9c:e2:84:82:73:98:ce:31:c5:a5:e4:e1:d9:f0:09: 80:92:8a:fc:5e:56:48:17:1a:60:94:70:bb:9b:27:02:ab:5f: 2c:f0:50:0f:54:80:26:aa:65:c5:fb:84:5b:41:95:3d:6d:b2: 75:80:2e:a2:ef:c3:1c:6a:f5:e7:65:42:c2:70:55:1c:7f:17: 57:ca:c7:34:eb:60:98:af:42:16:cb:de:31:ef:db:9f:94:cf: 16:c8:32:b7:a7:9f:62:a7:4d:9b:e7:dd:11:cd:46:c5:76:2e: 77:eb:ed:f2:99:ba:d6:33:d4:60:ec:85:68:2b:95:bb:83:77: 08:42:f6:a8:51:4c:c6:7a:93:a4:ab:ac:ef:54:db:46:8b:b5: de:4b:11:fe -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3NTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDEyN0VFNDQ4MDVBRjA3 NTU2OTlBNjRDNTM4QkY5ODc3MjBFNjkxMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD5AK31Ma7RwEFrJzkQuE/sPnVXMEW09gXAt0+nAhjABfVR1UKb Vysgm9N15pLcLzEhFZuAtY0PQmyfDim2dsnCCQLYUkMRFqMZflQEsFKJupPJ5Kwv VRarOLZxDuhEO8ho/hL3uDvJ7PdyL5aWxOQCc79/fNo1H05TRN6pX4nRICXR+Tb0 GcbsgY/taikXBm5uSvZKQGEmUuu91n6PSgvzkvtalKFA2/khStKq7tmSvTa5h8iI DTSqZ1RVQavfz/HBX5IRK6glCQ8CPMWSRexa+qtFI8R3JNsmg1TCRz4ZDI+BbY3W UaV5c7dbKf5Nui9j2adFFdYf6IY/lPdmwdzdAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUEn7kSAWvB1VpmmTFOL+YdyDmkSEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0VuN2tTQVd2QjFWcG1tVEZPTC1ZZHlE bWtTRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSyUgwDQYJ KoZIhvcNAQELBQADggEBAKvyHROSau2x0daKdf4sKEvaU/MGWE766FsRp3HegiQx fXTuwRNPgVFZTMltcWm5RGyfG+Yy/Z0iXHCUAhqJYHpPAAyK1TE0nzHZfjqzx03p Wgzzq6Cb6srjV1mgH54csZYa2xsc1AThPgAfl11AWpzihIJzmM4xxaXk4dnwCYCS ivxeVkgXGmCUcLubJwKrXyzwUA9UgCaqZcX7hFtBlT1tsnWALqLvwxxq9edlQsJw VRx/F1fKxzTrYJivQhbL3jHv25+UzxbIMrenn2KnTZvn3RHNRsV2Lnfr7fKZutYz 1GDshWgrlbuDdwhC9qhRTMZ6k6SrrO9U20aLtd5LEf4= -----END CERTIFICATE-----Generated at Mon Apr 7 20:54:18 2025 by rpki-client