$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/MfKRyVqQVcgOocslq7NxjNgQRyE.roa File: MfKRyVqQVcgOocslq7NxjNgQRyE.roa (raw, json) Hash identifier: iwgNJymwl27fHrKbuq3xfaH7lUAljhbERlRZJn0+EhY= Subject key identifier: 31:F2:91:C9:5A:90:55:C8:0E:A1:CB:25:AB:B3:71:8C:D8:10:47:21 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 11EF Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/MfKRyVqQVcgOocslq7NxjNgQRyE.roa Signing time: Mon 10 Feb 2025 14:27:53 +0000 ROA not before: Mon 10 Feb 2025 14:27:53 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24154 IP address blocks: 210.202.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4591 (0x11ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:53 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=31F291C95A9055C80EA1CB25ABB3718CD8104721 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:21:f4:14:fc:93:15:51:f3:6f:82:a3:18:01: e3:b6:9c:a2:78:7d:e6:e2:85:8b:70:e0:34:00:55: 80:bc:66:d6:14:6a:6c:d3:06:4e:a7:d4:18:02:db: 16:8b:ff:b4:aa:54:1a:eb:97:28:72:c4:3a:f7:06: cb:01:a5:d4:03:54:51:d7:ec:3b:be:22:93:51:d4: c8:55:a1:25:28:e6:bb:4d:22:8a:10:35:5e:f6:1d: 3e:52:90:21:7c:d1:0b:33:83:4e:4d:89:91:3a:22: 7e:9c:ee:48:b1:b4:87:f5:48:e9:a3:47:63:1b:dc: 78:45:b8:30:2f:c9:2c:45:bf:14:3b:ba:e9:98:05: 73:dd:b9:3a:20:3d:a1:16:da:ae:44:7f:d9:4d:7b: 7d:eb:e0:33:4f:b7:1e:52:ab:dc:2d:8d:e5:d2:a6: b0:fe:08:2b:1b:80:1c:04:80:d1:b9:99:74:0c:4a: 9a:c4:4a:ed:47:15:4c:25:5e:8e:e0:a2:fa:d1:85: c8:b5:83:62:14:72:f3:6b:e4:20:d6:9f:10:68:21: 0f:1f:df:08:46:39:10:c9:ca:25:10:49:a7:1d:4b: e7:3c:0c:fe:b6:44:34:0f:7b:0f:f8:8d:df:66:e4: c0:56:5d:b3:ca:b3:69:69:5a:59:aa:f7:66:72:99: 20:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:F2:91:C9:5A:90:55:C8:0E:A1:CB:25:AB:B3:71:8C:D8:10:47:21 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/MfKRyVqQVcgOocslq7NxjNgQRyE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.202.192.0/18 Signature Algorithm: sha256WithRSAEncryption 22:fb:c3:d9:81:27:9d:40:4d:ec:ab:9b:25:94:73:c9:21:e8: 61:96:01:6b:76:1e:1f:6d:e4:01:2a:fd:eb:5c:c6:4a:69:4b: af:a8:f8:69:95:ca:b1:da:86:4f:9a:db:b1:96:53:c3:57:1a: 84:ae:c4:2e:c4:5f:05:02:7d:97:0b:0f:17:30:5b:0d:04:dc: 3d:c9:42:74:f1:2a:bc:b3:23:e4:81:2b:db:ae:e1:e1:a7:8d: ea:96:d4:3c:2e:1b:c3:55:21:c3:8b:6d:c7:8e:d4:88:d2:2e: db:da:5b:bf:36:e1:d6:fe:53:2d:e7:3d:fe:8c:1d:f1:47:8e: 58:84:2a:e8:6a:92:1a:06:37:61:f0:2c:ea:7b:f7:93:1a:8e: dc:c1:43:0e:0d:18:f0:e9:ae:93:b0:08:0a:d9:76:74:aa:b7: 77:9e:8a:ce:dd:94:93:2d:bf:5a:12:e6:60:5b:98:4a:d3:2b: 69:1f:75:e9:65:43:06:0b:87:b8:6c:4b:08:ac:b0:96:3a:95: 46:1c:88:89:72:70:bf:9a:4f:db:58:fe:26:66:39:de:01:6c: bb:fb:e0:e7:ba:89:58:4d:5e:d7:7b:3c:7a:b0:53:da:6a:44: b9:0f:e3:80:d4:d8:52:b6:a0:48:98:79:6a:13:b5:70:9d:60: ea:6a:41:bb -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3NTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMxRjI5MUM5NUE5MDU1 QzgwRUExQ0IyNUFCQjM3MThDRDgxMDQ3MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2IfQU/JMVUfNvgqMYAeO2nKJ4febihYtw4DQAVYC8ZtYUamzT Bk6n1BgC2xaL/7SqVBrrlyhyxDr3BssBpdQDVFHX7Du+IpNR1MhVoSUo5rtNIooQ NV72HT5SkCF80Qszg05NiZE6In6c7kixtIf1SOmjR2Mb3HhFuDAvySxFvxQ7uumY BXPduTogPaEW2q5Ef9lNe33r4DNPtx5Sq9wtjeXSprD+CCsbgBwEgNG5mXQMSprE Su1HFUwlXo7govrRhci1g2IUcvNr5CDWnxBoIQ8f3whGORDJyiUQSacdS+c8DP62 RDQPew/4jd9m5MBWXbPKs2lpWlmq92ZymSAtAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUMfKRyVqQVcgOocslq7NxjNgQRyEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL01mS1J5VnFRVmNnT29jc2xxN054ak5n UVJ5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbSysAwDQYJ KoZIhvcNAQELBQADggEBACL7w9mBJ51ATeyrmyWUc8kh6GGWAWt2Hh9t5AEq/etc xkppS6+o+GmVyrHahk+a27GWU8NXGoSuxC7EXwUCfZcLDxcwWw0E3D3JQnTxKryz I+SBK9uu4eGnjeqW1DwuG8NVIcOLbceO1IjSLtvaW7824db+Uy3nPf6MHfFHjliE KuhqkhoGN2HwLOp795MajtzBQw4NGPDprpOwCArZdnSqt3eeis7dlJMtv1oS5mBb mErTK2kfdellQwYLh7hsSwissJY6lUYciIlycL+aT9tY/iZmOd4BbLv74Oe6iVhN Xtd7PHqwU9pqRLkP44DU2FK2oEiYeWoTtXCdYOpqQbs= -----END CERTIFICATE-----Generated at Mon Apr 7 20:54:10 2025 by rpki-client