$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/TYPq77vsBQw421icmGsyVABeW3k.roa File: TYPq77vsBQw421icmGsyVABeW3k.roa (raw, json) Hash identifier: ao58zG6O82/CAVriLsDoe8TXQSj1ao/gJH7DHuCtUag= Subject key identifier: 4D:83:EA:EF:BB:EC:05:0C:38:DB:58:9C:98:6B:32:54:00:5E:5B:79 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1281 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/TYPq77vsBQw421icmGsyVABeW3k.roa Signing time: Mon 10 Feb 2025 14:28:29 +0000 ROA not before: Mon 10 Feb 2025 14:28:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18049 IP address blocks: 218.34.112.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4737 (0x1281) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:29 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4D83EAEFBBEC050C38DB589C986B3254005E5B79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:8e:5c:b5:43:95:dd:bc:09:8d:a9:55:5a:f6: 9f:19:bf:e7:e5:a7:50:fb:0c:9b:8b:78:fe:c2:99: 86:31:1f:59:18:16:b6:03:87:39:ed:8f:4e:27:04: 57:84:73:1a:87:89:3e:d2:cc:75:da:d3:cd:fc:37: 37:28:de:b8:41:0e:35:2a:d5:34:d3:bf:06:cd:c0: e6:77:89:25:23:6e:db:0c:31:2a:ef:e3:f8:6f:74: fb:a9:a2:43:7c:26:67:be:20:2b:65:23:66:14:30: 26:ec:0d:cf:26:3c:15:6b:89:d9:44:78:40:0c:25: ed:02:ae:20:03:fd:f9:90:a1:ee:97:bd:0f:5d:f7: de:24:c0:0b:9f:21:d2:90:9d:66:4d:c2:08:a3:3b: 49:21:79:e2:cb:56:b2:12:5a:5e:0b:d3:ce:5f:0e: 48:2c:de:64:51:45:00:82:68:eb:8e:ec:49:0a:59: 8f:2b:5b:ae:fc:4e:fc:44:85:23:73:01:fd:89:ea: a9:94:17:7d:39:c9:fc:bf:16:14:2e:bc:16:54:f2: b0:8a:55:07:3e:dc:a3:77:83:e4:91:46:67:26:03: 37:d5:02:89:dd:b7:5d:85:f3:21:71:6e:2d:74:29: cb:ae:18:f9:a5:86:a2:92:dc:28:07:7a:95:fa:7e: ba:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:83:EA:EF:BB:EC:05:0C:38:DB:58:9C:98:6B:32:54:00:5E:5B:79 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/TYPq77vsBQw421icmGsyVABeW3k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.34.112.0/20 Signature Algorithm: sha256WithRSAEncryption 5c:db:94:30:8c:65:da:28:0f:3b:97:51:c5:0a:90:ab:ac:17: 21:94:b4:f1:9b:23:45:43:89:84:4f:ee:dc:fd:19:04:2c:f1: 82:e4:44:48:25:99:aa:4a:9f:e6:98:ea:1f:86:4c:67:97:8b: fa:c9:3c:c0:d2:87:4a:3f:1e:8a:45:3e:45:1e:20:90:cf:a7: 9e:30:29:f5:23:a5:aa:b3:6f:0e:c9:26:ac:99:d0:db:71:6b: 01:61:98:ab:91:fd:d4:d3:4d:e2:4a:a7:e9:8c:d4:c9:ac:2e: 04:e3:90:d8:f2:09:4f:ba:e9:7c:49:99:36:f2:3e:1f:56:57: f6:e7:0b:22:07:d1:d1:c3:cc:14:df:de:8a:99:6c:89:26:e8: d1:10:13:3e:3c:25:ce:46:3f:07:ff:e4:35:e4:59:9b:55:b1: f6:11:24:04:74:c3:25:16:16:d4:86:0b:81:fa:f5:d2:52:c4: 69:3b:ea:7a:9c:18:a1:18:1a:45:85:a3:b4:69:c1:4e:d1:62: 4a:46:77:18:b3:86:6b:fd:a9:54:6a:5f:3c:2d:08:ab:c7:f7: 81:65:ec:d5:67:f5:b1:72:79:f0:9c:5d:e1:4c:30:3b:c2:03: d5:41:eb:cd:14:c2:6d:65:46:2d:7c:da:75:44:09:0c:48:05: 83:51:07:ff -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEoEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDREODNFQUVGQkJFQzA1 MEMzOERCNTg5Qzk4NkIzMjU0MDA1RTVCNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLjly1Q5XdvAmNqVVa9p8Zv+flp1D7DJuLeP7CmYYxH1kYFrYD hzntj04nBFeEcxqHiT7SzHXa0838Nzco3rhBDjUq1TTTvwbNwOZ3iSUjbtsMMSrv 4/hvdPupokN8Jme+ICtlI2YUMCbsDc8mPBVridlEeEAMJe0CriAD/fmQoe6XvQ9d 994kwAufIdKQnWZNwgijO0kheeLLVrISWl4L085fDkgs3mRRRQCCaOuO7EkKWY8r W678TvxEhSNzAf2J6qmUF305yfy/FhQuvBZU8rCKVQc+3KN3g+SRRmcmAzfVAond t12F8yFxbi10KcuuGPmlhqKS3CgHepX6frq9AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUTYPq77vsBQw421icmGsyVABeW3kwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1RZUHE3N3ZzQlF3NDIxaWNtR3N5VkFC ZVczay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATaInAwDQYJ KoZIhvcNAQELBQADggEBAFzblDCMZdooDzuXUcUKkKusFyGUtPGbI0VDiYRP7tz9 GQQs8YLkREglmapKn+aY6h+GTGeXi/rJPMDSh0o/HopFPkUeIJDPp54wKfUjpaqz bw7JJqyZ0NtxawFhmKuR/dTTTeJKp+mM1MmsLgTjkNjyCU+66XxJmTbyPh9WV/bn CyIH0dHDzBTf3oqZbIkm6NEQEz48Jc5GPwf/5DXkWZtVsfYRJAR0wyUWFtSGC4H6 9dJSxGk76nqcGKEYGkWFo7RpwU7RYkpGdxizhmv9qVRqXzwtCKvH94Fl7NVn9bFy efCcXeFMMDvCA9VB680Uwm1lRi182nVECQxIBYNRB/8= -----END CERTIFICATE-----Generated at Mon Apr 7 20:49:24 2025 by rpki-client