$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/TcrQRzqi3sp33sBFAdzQo4DHQnI.roa File: TcrQRzqi3sp33sBFAdzQo4DHQnI.roa (raw, json) Hash identifier: vaXcI+aZ2NtxKXhPFjah0B1dUNOcEFXYVgW/UOoabm0= Subject key identifier: 4D:CA:D0:47:3A:A2:DE:CA:77:DE:C0:45:01:DC:D0:A3:80:C7:42:72 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 127B Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/TcrQRzqi3sp33sBFAdzQo4DHQnI.roa Signing time: Mon 10 Feb 2025 14:28:27 +0000 ROA not before: Mon 10 Feb 2025 14:28:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 210.203.20.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4731 (0x127b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:27 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4DCAD0473AA2DECA77DEC04501DCD0A380C74272 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:9d:24:23:94:a7:e5:78:a7:27:ec:12:5d:d4: 26:2b:64:b4:b0:68:7f:0e:cc:34:0c:7e:25:c3:49: fc:46:6a:37:0b:25:c6:d4:b3:4b:d9:a5:00:b2:e9: 61:b8:61:cc:7d:00:e6:70:62:a7:f7:f1:f7:a1:ff: e4:88:23:7e:7d:ab:e7:40:4f:63:2d:ae:ee:8a:9b: 46:83:23:1c:a7:85:2c:07:1f:78:84:7f:eb:ec:c4: 29:37:81:2a:9f:cb:04:75:e3:90:76:de:1c:33:88: 8e:91:a4:a9:ef:a0:1c:0c:6f:36:2c:8f:df:7f:b6: df:80:d0:20:20:4b:98:b3:65:81:0f:44:2e:d8:2a: 3d:a5:03:50:21:07:b1:c6:f0:a1:45:a5:6c:c2:30: 9f:37:99:32:74:3e:dd:4b:2c:9a:1f:e0:e9:b9:cc: 51:76:d6:7f:dc:a3:8e:8a:85:59:46:4a:a5:ed:8a: 7b:00:05:fb:ab:21:44:ae:0c:98:bd:92:b5:79:34: ae:e4:f0:44:ac:bd:98:7c:28:1b:89:01:b7:02:b9: a0:8c:28:14:6d:2c:03:d8:3b:b0:e6:6b:49:6c:9e: 97:15:d4:bf:55:96:62:74:cc:45:8f:a6:8d:d5:d8: e0:eb:70:fc:12:35:a2:29:ac:76:79:b5:ae:91:f7: b1:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:CA:D0:47:3A:A2:DE:CA:77:DE:C0:45:01:DC:D0:A3:80:C7:42:72 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/TcrQRzqi3sp33sBFAdzQo4DHQnI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.203.20.0/22 Signature Algorithm: sha256WithRSAEncryption 8b:69:bd:26:de:51:5d:0e:c4:ad:63:2e:90:86:dc:40:a3:db: eb:0e:79:58:7d:81:6b:86:7d:a3:e6:11:85:50:c6:b3:91:9f: 0a:c8:5f:eb:ff:f4:3c:3a:d7:b5:6c:88:0c:e2:e6:b8:55:67: 12:f4:3f:ce:21:0a:12:bf:b6:2e:7b:66:29:ba:ba:b0:fb:69: d9:ed:3d:33:5a:1a:a6:d7:e7:da:c2:32:f6:75:74:d2:07:5e: fb:2c:e0:89:e7:ff:29:b0:51:d0:32:eb:dd:ac:b3:e1:19:a8: 49:df:d8:29:67:f4:e8:87:d6:a5:b4:0f:04:7e:b2:94:77:bc: d4:fa:3d:d4:fe:8b:ab:a6:82:b7:d0:61:ff:d4:c6:ef:09:88: 90:f6:e9:10:1a:e7:61:82:9a:b1:03:0c:ca:49:ed:c5:ce:dd: e5:55:fc:34:eb:a7:b1:0d:39:0f:8b:fc:26:59:57:02:4d:d8: 31:69:53:77:6f:72:b9:43:bb:58:5d:c0:3c:0e:31:2f:ea:32: 93:57:12:06:bb:c1:6f:4d:9a:5b:bd:ef:32:1f:e1:a7:9b:1b: 31:42:7e:af:8f:1c:72:71:54:87:54:98:18:68:04:51:d1:50: b0:0f:11:fc:e9:c0:b4:9e:6e:75:7a:eb:20:c7:86:af:bb:a0: dc:1b:b6:3e -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDREQ0FEMDQ3M0FBMkRF Q0E3N0RFQzA0NTAxRENEMEEzODBDNzQyNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCnSQjlKfleKcn7BJd1CYrZLSwaH8OzDQMfiXDSfxGajcLJcbU s0vZpQCy6WG4Ycx9AOZwYqf38feh/+SII359q+dAT2Mtru6Km0aDIxynhSwHH3iE f+vsxCk3gSqfywR145B23hwziI6RpKnvoBwMbzYsj99/tt+A0CAgS5izZYEPRC7Y Kj2lA1AhB7HG8KFFpWzCMJ83mTJ0Pt1LLJof4Om5zFF21n/co46KhVlGSqXtinsA BfurIUSuDJi9krV5NK7k8ESsvZh8KBuJAbcCuaCMKBRtLAPYO7Dma0lsnpcV1L9V lmJ0zEWPpo3V2ODrcPwSNaIprHZ5ta6R97G7AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUTcrQRzqi3sp33sBFAdzQo4DHQnIwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1RjclFSenFpM3NwMzNzQkZBZHpRbzRE SFFuSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSyxQwDQYJ KoZIhvcNAQELBQADggEBAItpvSbeUV0OxK1jLpCG3ECj2+sOeVh9gWuGfaPmEYVQ xrORnwrIX+v/9Dw617VsiAzi5rhVZxL0P84hChK/ti57Zim6urD7adntPTNaGqbX 59rCMvZ1dNIHXvss4Inn/ymwUdAy692ss+EZqEnf2Cln9OiH1qW0DwR+spR3vNT6 PdT+i6umgrfQYf/Uxu8JiJD26RAa52GCmrEDDMpJ7cXO3eVV/DTrp7ENOQ+L/CZZ VwJN2DFpU3dvcrlDu1hdwDwOMS/qMpNXEga7wW9Nmlu97zIf4aebGzFCfq+PHHJx VIdUmBhoBFHRULAPEfzpwLSebnV66yDHhq+7oNwbtj4= -----END CERTIFICATE-----Generated at Mon Apr 7 17:42:05 2025 by rpki-client