$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Z7WfgSAHG161TrClZROtuoa9Vpc.roa File: Z7WfgSAHG161TrClZROtuoa9Vpc.roa (raw, json) Hash identifier: lrxt3e3ogWoKf6/2tKc1wpwDWGsjXi7hqew+vMmOVDg= Subject key identifier: 67:B5:9F:81:20:07:1B:5E:B5:4E:B0:A5:65:13:AD:BA:86:BD:56:97 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 118B Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Z7WfgSAHG161TrClZROtuoa9Vpc.roa Signing time: Mon 10 Feb 2025 14:27:28 +0000 ROA not before: Mon 10 Feb 2025 14:27:28 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 43.240.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4491 (0x118b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:28 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=67B59F8120071B5EB54EB0A56513ADBA86BD5697 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:97:62:b1:1a:c4:00:98:99:bc:8e:64:66:bf: 48:bd:4d:72:c7:16:24:24:8f:e3:61:34:7b:2f:f1: 28:2f:c0:77:54:c2:93:68:e9:7c:cc:fd:b9:46:82: a2:9b:d8:30:bf:f2:2a:b2:09:76:43:d3:06:79:f1: 62:f9:2a:5c:8b:ce:cd:54:cf:d1:45:f7:7a:9e:90: ea:d8:37:22:4a:5c:f2:be:a5:41:6d:b3:58:76:bb: 6e:90:bf:6c:a3:4b:47:9f:38:8b:2a:c4:26:1e:b4: bd:4d:0e:b8:75:c2:f4:b8:1d:a6:b1:03:2f:47:84: c9:fa:19:a0:06:d3:b7:d9:17:66:01:31:85:97:83: f5:64:a2:69:64:c6:66:a5:c2:35:fb:b9:b0:ee:c7: 2a:24:24:dd:30:e0:77:a3:0c:4a:bd:22:7a:40:eb: 66:50:cc:f5:c8:98:9b:16:22:65:38:e7:0b:ac:6c: a7:80:7b:8d:e6:d0:db:0c:1f:78:45:08:73:df:23: 58:28:80:78:c4:9f:9f:86:e8:80:23:85:e0:e9:fb: 93:b1:5b:9a:3e:cb:af:cf:cd:20:54:21:ed:cb:f9: 59:2f:74:98:48:fe:fe:c6:18:0a:24:b7:28:46:8e: 14:38:f7:20:fe:10:59:9c:73:0f:10:a7:d8:e3:74: ca:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:B5:9F:81:20:07:1B:5E:B5:4E:B0:A5:65:13:AD:BA:86:BD:56:97 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Z7WfgSAHG161TrClZROtuoa9Vpc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.240.104.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:c4:37:06:6e:44:8c:c7:5b:ee:36:b7:90:a4:c2:43:7c:cc: 35:74:72:a4:96:65:14:7f:85:01:08:fb:11:2d:f6:66:fc:70: bf:d1:aa:27:ed:f3:fb:87:51:d2:1c:3c:a7:06:97:3c:de:d4: 2a:26:ff:e6:52:38:b8:c2:32:70:75:34:53:d6:2d:5a:d1:de: 5f:0c:85:88:f0:ca:cd:83:9d:d0:b4:19:c4:8f:87:b2:e2:24: a0:05:91:ae:a3:55:6c:16:c3:7e:d6:39:db:5c:66:2e:41:10: 12:6d:e9:b2:a5:13:a2:eb:0e:e5:a0:3b:fd:99:24:dc:ca:09: 61:8a:27:8c:33:ab:1a:1f:c9:16:d2:5b:56:07:da:9a:a2:74: 11:64:60:45:91:f7:4a:67:aa:66:87:7e:37:96:fa:fd:be:51: 62:b2:27:41:59:cf:88:0e:ed:71:00:6f:0c:5f:5a:1b:29:a1: 24:8d:fc:bd:8f:86:83:a8:93:66:54:c7:2c:6e:14:dc:74:3c: 52:78:9e:0c:32:23:e4:ea:a6:83:2c:db:b2:76:68:02:0c:9d: c0:ed:54:b9:14:af:0f:85:b8:35:7d:20:6f:79:39:32:4c:9d: 95:0a:f6:a1:c3:e6:01:7a:cc:8d:2a:0f:03:bb:5c:e2:15:3f: 4a:c3:37:e6 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEYswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY3QjU5RjgxMjAwNzFC NUVCNTRFQjBBNTY1MTNBREJBODZCRDU2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7l2KxGsQAmJm8jmRmv0i9TXLHFiQkj+NhNHsv8SgvwHdUwpNo 6XzM/blGgqKb2DC/8iqyCXZD0wZ58WL5KlyLzs1Uz9FF93qekOrYNyJKXPK+pUFt s1h2u26Qv2yjS0efOIsqxCYetL1NDrh1wvS4HaaxAy9HhMn6GaAG07fZF2YBMYWX g/VkomlkxmalwjX7ubDuxyokJN0w4HejDEq9InpA62ZQzPXImJsWImU45wusbKeA e43m0NsMH3hFCHPfI1gogHjEn5+G6IAjheDp+5OxW5o+y6/PzSBUIe3L+VkvdJhI /v7GGAoktyhGjhQ49yD+EFmccw8Qp9jjdMozAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUZ7WfgSAHG161TrClZROtuoa9VpcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1o3V2ZnU0FIRzE2MVRyQ2xaUk90dW9h OVZwYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr8GgwDQYJ KoZIhvcNAQELBQADggEBAC/ENwZuRIzHW+42t5CkwkN8zDV0cqSWZRR/hQEI+xEt 9mb8cL/Rqift8/uHUdIcPKcGlzze1Com/+ZSOLjCMnB1NFPWLVrR3l8MhYjwys2D ndC0GcSPh7LiJKAFka6jVWwWw37WOdtcZi5BEBJt6bKlE6LrDuWgO/2ZJNzKCWGK J4wzqxofyRbSW1YH2pqidBFkYEWR90pnqmaHfjeW+v2+UWKyJ0FZz4gO7XEAbwxf WhspoSSN/L2PhoOok2ZUxyxuFNx0PFJ4ngwyI+TqpoMs27J2aAIMncDtVLkUrw+F uDV9IG95OTJMnZUK9qHD5gF6zI0qDwO7XOIVP0rDN+Y= -----END CERTIFICATE-----Generated at Mon Apr 7 20:44:02 2025 by rpki-client