$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/aVqOhxVdyTJatRS6Dsr6hsIhJAg.roa File: aVqOhxVdyTJatRS6Dsr6hsIhJAg.roa (raw, json) Hash identifier: WJbQkieb1Xjw2qtIdlBXLjx0McNJ4+oGPReD3TsDYN0= Subject key identifier: 69:5A:8E:87:15:5D:C9:32:5A:B5:14:BA:0E:CA:FA:86:C2:21:24:08 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 119B Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/aVqOhxVdyTJatRS6Dsr6hsIhJAg.roa Signing time: Mon 10 Feb 2025 14:27:31 +0000 ROA not before: Mon 10 Feb 2025 14:27:31 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9922 IP address blocks: 124.218.173.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4507 (0x119b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:31 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=695A8E87155DC9325AB514BA0ECAFA86C2212408 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:a6:ab:95:da:ef:c7:50:51:62:2d:db:1c:c2: 8b:1a:27:b7:a3:b2:dc:8e:98:7c:a2:6c:bb:e7:6d: 60:56:63:b8:c2:1e:ca:df:7d:5a:b5:f6:3f:b2:be: 4b:ff:b2:8c:2b:ac:4e:3e:b1:01:67:d1:19:e7:5f: 56:70:9f:ba:f7:7c:eb:48:5a:d6:de:39:ca:ce:0b: 54:36:4d:a6:e9:54:63:5d:4c:68:81:22:be:ba:a4: de:bf:65:3a:e6:8e:6a:aa:f4:34:bd:da:27:28:4c: b2:17:03:98:50:26:8c:0b:71:7e:3a:af:b3:5b:c0: a1:bd:8a:6f:54:68:7c:df:6f:02:ea:3d:b3:52:bb: 70:b9:5c:df:8a:50:d3:3b:76:bf:6d:0f:eb:a2:d1: 1b:19:d9:0c:be:79:b9:5e:5c:e5:60:85:fe:36:28: 7d:d6:5e:d5:d6:c1:52:ff:00:1b:05:a8:72:4f:aa: 22:36:ce:9d:82:b9:03:15:32:20:38:8e:88:e4:75: ed:ac:08:02:b1:40:61:1a:ac:15:b9:cf:f9:88:2e: fe:c5:46:6b:bd:bf:f7:60:66:7d:56:ba:be:3b:0e: bb:c1:8a:e9:66:73:b1:46:91:f7:75:d2:ba:28:1d: 48:74:66:ad:ba:9d:fa:08:53:1d:18:aa:f4:c9:d9: 70:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:5A:8E:87:15:5D:C9:32:5A:B5:14:BA:0E:CA:FA:86:C2:21:24:08 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/aVqOhxVdyTJatRS6Dsr6hsIhJAg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.173.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:56:fa:51:75:2d:d1:9d:1f:11:e5:ac:bd:b3:69:2c:dd:8a: 55:c8:f1:cd:c8:41:f2:ac:ce:af:4b:8f:ca:b7:d3:43:f8:8e: 85:85:12:6d:95:78:dd:a9:8f:e4:15:ff:5c:7c:1a:be:30:2a: 07:c3:1d:af:fb:9f:e3:13:1d:e6:4c:35:c3:1d:8f:a6:26:2a: 91:20:b4:90:dc:c1:f4:38:9c:2a:87:ad:76:e1:82:12:7e:17: 1d:a2:a3:06:f6:5f:b0:bd:9d:fe:84:aa:2d:6e:2f:32:ff:f8: c5:b9:3e:96:e1:e5:d2:ce:f9:89:4a:fd:64:57:0e:94:d5:7f: f0:b0:6a:25:e5:fc:d5:80:11:39:c4:4c:1d:b2:7b:68:8d:41: 09:1e:3f:f4:e8:2f:d8:1f:bb:b2:66:65:65:50:d6:b3:de:bc: 54:1c:43:74:cb:19:f6:09:02:25:17:1c:8d:e6:9c:95:6b:13: 4e:f7:93:2e:bb:54:5b:bc:a2:41:19:d9:e9:21:b7:cc:a3:7a: 42:8d:f4:4f:84:26:3c:6a:02:3d:66:ab:cf:60:f3:d5:d5:5a: b5:fb:49:74:90:a6:39:9d:02:67:48:b6:d4:6f:37:18:92:be: 8f:f5:5a:03:10:15:39:6c:96:e5:13:64:23:d3:1e:d3:c1:12: 8f:ab:91:38 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEZswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3MzFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY5NUE4RTg3MTU1REM5 MzI1QUI1MTRCQTBFQ0FGQTg2QzIyMTI0MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvpquV2u/HUFFiLdscwosaJ7ejstyOmHyibLvnbWBWY7jCHsrf fVq19j+yvkv/sowrrE4+sQFn0RnnX1Zwn7r3fOtIWtbeOcrOC1Q2TabpVGNdTGiB Ir66pN6/ZTrmjmqq9DS92icoTLIXA5hQJowLcX46r7NbwKG9im9UaHzfbwLqPbNS u3C5XN+KUNM7dr9tD+ui0RsZ2Qy+ebleXOVghf42KH3WXtXWwVL/ABsFqHJPqiI2 zp2CuQMVMiA4jojkde2sCAKxQGEarBW5z/mILv7FRmu9v/dgZn1Wur47DrvBiulm c7FGkfd10rooHUh0Zq26nfoIUx0YqvTJ2XB5AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUaVqOhxVdyTJatRS6Dsr6hsIhJAgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2FWcU9oeFZkeVRKYXRSUzZEc3I2aHNJ aEpBZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB82q0wDQYJ KoZIhvcNAQELBQADggEBAEtW+lF1LdGdHxHlrL2zaSzdilXI8c3IQfKszq9Lj8q3 00P4joWFEm2VeN2pj+QV/1x8Gr4wKgfDHa/7n+MTHeZMNcMdj6YmKpEgtJDcwfQ4 nCqHrXbhghJ+Fx2iowb2X7C9nf6Eqi1uLzL/+MW5Ppbh5dLO+YlK/WRXDpTVf/Cw aiXl/NWAETnETB2ye2iNQQkeP/ToL9gfu7JmZWVQ1rPevFQcQ3TLGfYJAiUXHI3m nJVrE073ky67VFu8okEZ2ekht8yjekKN9E+EJjxqAj1mq89g89XVWrX7SXSQpjmd AmdIttRvNxiSvo/1WgMQFTlsluUTZCPTHtPBEo+rkTg= -----END CERTIFICATE-----Generated at Mon Apr 7 20:54:20 2025 by rpki-client