$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/KRFNzELmpc9Jfj-z-qy0GXyaqMI.roa File: KRFNzELmpc9Jfj-z-qy0GXyaqMI.roa (raw, json) Hash identifier: fquAVdVGjTyUGxeENr5Lgj0kz95m0PYGI516+UzZyTY= Subject key identifier: 29:11:4D:CC:42:E6:A5:CF:49:7E:3F:B3:FA:AC:B4:19:7C:9A:A8:C2 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 127E Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/KRFNzELmpc9Jfj-z-qy0GXyaqMI.roa Signing time: Mon 10 Feb 2025 14:28:28 +0000 ROA not before: Mon 10 Feb 2025 14:28:28 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 202.178.180.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4734 (0x127e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:28 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=29114DCC42E6A5CF497E3FB3FAACB4197C9AA8C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:7e:24:10:3d:cc:cc:68:fd:9e:0f:6a:ab:e2: c2:38:73:4c:1c:39:a1:8c:1a:19:f0:91:86:c5:fc: fd:d9:d1:04:45:40:29:0b:69:4b:2e:47:1f:2e:ad: a8:67:81:20:13:51:2e:cf:bb:29:20:b1:6f:6a:5d: c7:58:5e:47:be:11:77:38:c7:97:59:82:db:ff:b0: a6:a5:46:19:0a:20:fe:bf:e4:05:d9:3c:62:33:6f: 13:28:e0:db:9c:0a:e5:97:c9:58:71:a1:60:1f:f1: 8b:c6:63:3f:80:6e:09:c9:23:ff:c6:55:dd:c2:49: a9:b7:86:0b:3f:58:0a:00:5a:f5:0f:9b:0e:20:aa: 8a:27:44:94:2f:3d:f2:e2:35:0d:ab:e8:b5:06:1e: 0d:c3:23:0e:b1:4d:a6:a9:69:8b:fb:d3:76:ac:88: b1:44:7b:be:37:13:67:f3:05:f2:b6:66:b6:c3:15: 51:2e:96:09:d9:73:e6:3b:7c:4c:6b:83:30:12:c9: 6d:42:80:60:fd:53:7b:a9:f5:f4:bf:0a:15:de:8b: fa:3a:71:91:4f:8a:9b:10:8e:84:95:a3:d9:a3:54: 34:e2:38:46:ef:04:a6:68:ad:4e:fe:06:db:c7:f2: f0:c7:12:71:85:97:08:a2:b6:8b:d8:27:40:a5:11: 4a:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:11:4D:CC:42:E6:A5:CF:49:7E:3F:B3:FA:AC:B4:19:7C:9A:A8:C2 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/KRFNzELmpc9Jfj-z-qy0GXyaqMI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.178.180.0/22 Signature Algorithm: sha256WithRSAEncryption 52:c9:be:6c:b3:52:50:fe:38:27:fa:1a:a6:5c:7a:17:91:0b: 08:2e:da:f8:d2:a5:96:43:19:58:b3:a1:6b:54:eb:b3:2b:f0: c4:8f:ab:f2:5f:eb:c4:42:37:77:a6:5a:d3:4b:ea:9c:97:cf: 8c:4d:0c:8e:5d:c4:12:e6:de:b5:04:49:28:1a:ed:cd:ea:82: d0:fd:ef:68:67:97:82:fc:13:7c:d7:d2:2e:48:81:41:36:4e: 6f:09:e7:5b:ac:37:82:d3:d3:13:e8:8c:86:d3:ef:1a:d0:e7: 35:57:ae:fa:0a:33:3a:62:fc:ce:71:88:78:24:7b:ed:d9:19: 43:f3:c4:8e:19:26:2f:b6:0d:ff:78:9f:b1:8c:96:1a:cc:54: 57:2f:2b:ef:b7:4f:12:1e:a9:cd:be:98:5c:02:ab:b9:fc:d9: 10:66:bc:62:36:81:ce:2a:1b:b5:59:33:35:b8:8d:2e:23:2b: 8c:34:91:eb:f1:53:94:b8:6f:61:81:c9:87:73:3c:e1:90:c7: 58:c8:03:f5:1b:27:18:87:15:cc:1a:a5:09:a8:06:6b:68:a1: 1f:26:d4:0c:bd:40:3e:e0:17:93:7d:8d:76:19:5c:71:df:8d: 4a:c6:cb:c1:7a:02:d8:85:57:1f:93:1c:b4:00:24:e6:be:e5: b0:07:e5:0b -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5MTE0RENDNDJFNkE1 Q0Y0OTdFM0ZCM0ZBQUNCNDE5N0M5QUE4QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3fiQQPczMaP2eD2qr4sI4c0wcOaGMGhnwkYbF/P3Z0QRFQCkL aUsuRx8urahngSATUS7PuykgsW9qXcdYXke+EXc4x5dZgtv/sKalRhkKIP6/5AXZ PGIzbxMo4NucCuWXyVhxoWAf8YvGYz+AbgnJI//GVd3CSam3hgs/WAoAWvUPmw4g qoonRJQvPfLiNQ2r6LUGHg3DIw6xTaapaYv703asiLFEe743E2fzBfK2ZrbDFVEu lgnZc+Y7fExrgzASyW1CgGD9U3up9fS/ChXei/o6cZFPipsQjoSVo9mjVDTiOEbv BKZorU7+BtvH8vDHEnGFlwiitovYJ0ClEUoPAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUKRFNzELmpc9Jfj+z+qy0GXyaqMIwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0tSRk56RUxtcGM5SmZqLXotcXkwR1h5 YXFNSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALKsrQwDQYJ KoZIhvcNAQELBQADggEBAFLJvmyzUlD+OCf6GqZceheRCwgu2vjSpZZDGVizoWtU 67Mr8MSPq/Jf68RCN3emWtNL6pyXz4xNDI5dxBLm3rUESSga7c3qgtD972hnl4L8 E3zX0i5IgUE2Tm8J51usN4LT0xPojIbT7xrQ5zVXrvoKMzpi/M5xiHgke+3ZGUPz xI4ZJi+2Df94n7GMlhrMVFcvK++3TxIeqc2+mFwCq7n82RBmvGI2gc4qG7VZMzW4 jS4jK4w0kevxU5S4b2GByYdzPOGQx1jIA/UbJxiHFcwapQmoBmtooR8m1Ay9QD7g F5N9jXYZXHHfjUrGy8F6AtiFVx+THLQAJOa+5bAH5Qs= -----END CERTIFICATE-----Generated at Mon Apr 7 20:54:10 2025 by rpki-client