$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/SItK1yjZXGIwKHD-SxUNFMpAgiQ.roa File: SItK1yjZXGIwKHD-SxUNFMpAgiQ.roa (raw, json) Hash identifier: PpXN3HL1OLrmlL4kmd+nKJoH13J1q0eEZFUqLpR6FdI= Subject key identifier: 48:8B:4A:D7:28:D9:5C:62:30:28:70:FE:4B:15:0D:14:CA:40:82:24 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 11A4 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/SItK1yjZXGIwKHD-SxUNFMpAgiQ.roa Signing time: Mon 10 Feb 2025 14:27:35 +0000 ROA not before: Mon 10 Feb 2025 14:27:35 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 7482 IP address blocks: 210.200.0.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4516 (0x11a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:35 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=488B4AD728D95C62302870FE4B150D14CA408224 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:05:3d:6d:d2:bf:54:13:14:77:a9:3e:5d:44: 9c:a9:cc:d5:c3:21:26:81:53:7c:fc:40:66:0d:fa: bb:89:08:92:fe:10:1d:1e:5c:f9:55:79:5a:52:d3: dc:db:d6:4e:97:56:53:fc:64:1e:01:ba:3c:1e:6f: 06:64:9b:9d:f9:0c:a5:b9:4c:16:56:f7:74:8c:fc: 25:6a:aa:6f:90:22:e0:db:8c:aa:c8:53:fd:fc:6a: e7:c1:8d:b8:c0:3e:ca:e8:fa:04:b8:53:83:16:4b: 50:56:43:ba:46:b4:26:b5:71:5b:66:a3:be:0b:80: 45:ef:de:fa:e1:33:4f:1f:3f:0b:f8:db:4b:e8:6c: 5f:b9:5b:03:a8:11:01:90:0a:98:30:3a:7d:56:08: b9:22:d7:b1:ab:ba:99:db:59:f3:c8:6c:f7:87:f6: 6a:cd:92:45:17:cc:48:e4:5f:d9:f4:57:80:cf:a2: a8:7b:95:ca:45:bf:35:e9:03:82:d5:60:30:50:4b: d0:2a:2d:d8:03:34:2c:71:58:a5:60:de:9f:9b:9f: a0:e8:2c:4e:8c:03:64:59:e3:90:e7:24:4f:e3:04: 52:8a:2d:68:b3:59:e7:fd:4e:1f:f9:4a:28:37:58: a5:30:88:c6:06:6e:93:8e:a8:d4:5a:68:c6:ea:96: f9:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:8B:4A:D7:28:D9:5C:62:30:28:70:FE:4B:15:0D:14:CA:40:82:24 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/SItK1yjZXGIwKHD-SxUNFMpAgiQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.200.0.0/18 Signature Algorithm: sha256WithRSAEncryption 3e:32:80:01:83:54:a0:4e:28:cd:c4:b9:9e:a3:18:d1:62:28: 32:17:4c:6b:34:c5:ce:17:62:d9:13:6d:b2:18:f2:d6:ff:c4: 6b:e8:8d:75:16:d5:95:b3:f6:3a:3c:d2:57:5d:5b:38:3b:81: 31:9e:7e:e5:12:2b:49:eb:9a:1f:a7:e4:c2:23:4f:b0:fa:5e: ec:62:16:60:7f:09:b7:7c:e3:75:3b:7e:a2:d8:94:95:e9:bf: d2:67:64:a9:23:7f:f9:fa:86:c6:0c:b5:6a:09:3d:85:02:f2: c6:dd:96:76:46:d9:28:75:8e:82:13:9e:2a:98:be:56:9f:7d: 4f:e7:71:07:f2:b9:a9:42:e5:16:17:6f:bc:a5:98:27:6d:c3: 42:92:d3:a7:fb:fd:07:94:c7:35:18:53:73:52:c1:ca:bf:24: 1e:c7:c7:f1:7f:ba:56:44:83:29:53:c3:05:bf:55:70:14:e6: 88:07:e6:42:6c:f2:2b:56:7f:2c:9b:cd:dd:0a:0b:98:30:85: a2:f7:53:78:9e:31:fd:69:3b:d4:af:13:f3:d2:e2:5e:ee:bc: 37:e6:89:bc:50:9a:af:33:85:bd:b4:7c:48:d0:ce:fd:42:e9: c3:9d:e3:0a:a9:cb:75:2a:bf:bf:34:ff:65:6a:7c:de:e8:08: 7d:19:92:0a -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ4OEI0QUQ3MjhEOTVD NjIzMDI4NzBGRTRCMTUwRDE0Q0E0MDgyMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKBT1t0r9UExR3qT5dRJypzNXDISaBU3z8QGYN+ruJCJL+EB0e XPlVeVpS09zb1k6XVlP8ZB4BujwebwZkm535DKW5TBZW93SM/CVqqm+QIuDbjKrI U/38aufBjbjAPsro+gS4U4MWS1BWQ7pGtCa1cVtmo74LgEXv3vrhM08fPwv420vo bF+5WwOoEQGQCpgwOn1WCLki17GrupnbWfPIbPeH9mrNkkUXzEjkX9n0V4DPoqh7 lcpFvzXpA4LVYDBQS9AqLdgDNCxxWKVg3p+bn6DoLE6MA2RZ45DnJE/jBFKKLWiz Wef9Th/5Sig3WKUwiMYGbpOOqNRaaMbqlvnfAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUSItK1yjZXGIwKHD+SxUNFMpAgiQwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1NJdEsxeWpaWEdJd0tIRC1TeFVORk1w QWdpUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbSyAAwDQYJ KoZIhvcNAQELBQADggEBAD4ygAGDVKBOKM3EuZ6jGNFiKDIXTGs0xc4XYtkTbbIY 8tb/xGvojXUW1ZWz9jo80lddWzg7gTGefuUSK0nrmh+n5MIjT7D6XuxiFmB/Cbd8 43U7fqLYlJXpv9JnZKkjf/n6hsYMtWoJPYUC8sbdlnZG2Sh1joITniqYvlaffU/n cQfyualC5RYXb7ylmCdtw0KS06f7/QeUxzUYU3NSwcq/JB7Hx/F/ulZEgylTwwW/ VXAU5ogH5kJs8itWfyybzd0KC5gwhaL3U3ieMf1pO9SvE/PS4l7uvDfmibxQmq8z hb20fEjQzv1C6cOd4wqpy3Uqv780/2VqfN7oCH0Zkgo= -----END CERTIFICATE-----Generated at Mon Apr 7 20:56:41 2025 by rpki-client