$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/jaiHo1Tl0SomltvjqG0Wj5siOHo.roa File: jaiHo1Tl0SomltvjqG0Wj5siOHo.roa (raw, json) Hash identifier: lsQRw68D0ZTTk1D64lg96tTHAHWb+OHnJrfJvgEZkVI= Subject key identifier: 8D:A8:87:A3:54:E5:D1:2A:26:96:DB:E3:A8:6D:16:8F:9B:22:38:7A Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1259 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/jaiHo1Tl0SomltvjqG0Wj5siOHo.roa Signing time: Mon 10 Feb 2025 14:28:19 +0000 ROA not before: Mon 10 Feb 2025 14:28:19 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 218.187.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4697 (0x1259) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:19 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8DA887A354E5D12A2696DBE3A86D168F9B22387A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:39:ab:85:8a:f3:0c:78:46:2c:53:15:de:c7: 7c:c2:b3:2d:b4:80:af:15:68:10:0e:9a:06:66:36: f8:f9:fe:af:cf:45:20:4d:db:8f:43:df:d8:96:65: 93:0f:17:50:ac:df:6a:2d:77:f3:cc:b4:fd:cb:19: d5:32:43:61:43:c2:ab:10:b2:b9:54:b0:73:f3:64: 24:c6:73:7f:53:c6:3b:99:73:b9:2b:15:72:b8:fe: ce:2a:5d:35:e9:ca:65:91:de:c2:1d:45:0a:a6:80: 12:19:4a:23:2f:c8:4f:5e:62:e7:7d:49:5a:ce:0d: c6:50:a1:14:73:69:6b:f5:98:f4:a4:ee:3e:1c:7c: fc:82:64:89:c4:84:65:bc:a1:4f:20:04:04:47:c9: cc:90:0a:1f:41:d3:38:9c:05:1e:a2:45:ee:c7:90: 27:38:b9:07:37:3c:9e:35:82:86:8f:ea:7e:3f:57: 32:a9:23:5f:14:de:be:73:fd:79:8c:9c:53:24:ff: 18:89:b1:bc:d6:b9:c5:b7:4a:83:b9:25:b8:3e:e2: 8f:3e:c9:d4:cc:97:bc:bc:df:c2:f8:44:b6:cc:1a: 8b:c3:ea:c2:94:a2:3e:69:b8:77:17:f0:5f:1c:60: ca:81:fd:f2:fa:ff:c7:65:42:f9:56:c7:f2:39:14: 7e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:A8:87:A3:54:E5:D1:2A:26:96:DB:E3:A8:6D:16:8F:9B:22:38:7A X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/jaiHo1Tl0SomltvjqG0Wj5siOHo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.187.0.0/16 Signature Algorithm: sha256WithRSAEncryption 33:25:ac:81:c3:40:d8:ae:c6:89:48:d3:57:4d:f4:87:60:0e: db:53:ba:71:be:b8:9d:b1:ea:d5:cc:fc:d2:94:33:bf:93:5d: 79:31:46:10:70:b8:30:ba:1f:e7:39:db:64:44:13:58:75:97: c1:49:6b:51:39:d5:82:28:58:d8:77:0b:29:8f:2b:00:4c:ab: 3d:68:8a:f6:38:f1:93:fb:4d:f0:53:9a:f9:ec:57:f5:27:b4: 30:e6:b6:63:74:a7:ba:fa:32:95:c3:98:0b:4e:94:f9:72:9b: e9:89:76:85:c8:0a:2b:68:61:3d:6f:80:b5:0d:3b:20:c1:6c: 0e:e3:45:22:0e:c9:88:0d:67:d2:e5:b7:21:63:08:ca:5c:d7: 4e:70:65:7a:ba:6e:ed:d3:dc:95:14:40:3f:61:b2:69:03:df: a1:e7:da:34:22:d6:63:86:b5:b1:17:1b:81:48:90:09:b5:48: a3:97:58:08:4f:84:c7:a9:a9:60:cc:30:32:39:ff:34:71:ed: fe:e8:95:4d:06:41:9b:8d:a1:27:8b:56:88:6a:53:19:d6:bf: 1a:02:4c:a9:e6:8c:1e:40:5e:f4:7a:94:ae:db:97:ba:1d:56: e7:85:06:3f:66:59:2a:08:8c:aa:9a:f6:9b:3a:3d:f4:b5:b3: 0d:26:e8:c0 -----BEGIN CERTIFICATE----- MIIEyzCCA7OgAwIBAgICElkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhEQTg4N0EzNTRFNUQx MkEyNjk2REJFM0E4NkQxNjhGOUIyMjM4N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQOauFivMMeEYsUxXex3zCsy20gK8VaBAOmgZmNvj5/q/PRSBN 249D39iWZZMPF1Cs32otd/PMtP3LGdUyQ2FDwqsQsrlUsHPzZCTGc39TxjuZc7kr FXK4/s4qXTXpymWR3sIdRQqmgBIZSiMvyE9eYud9SVrODcZQoRRzaWv1mPSk7j4c fPyCZInEhGW8oU8gBARHycyQCh9B0zicBR6iRe7HkCc4uQc3PJ41goaP6n4/VzKp I18U3r5z/XmMnFMk/xiJsbzWucW3SoO5Jbg+4o8+ydTMl7y838L4RLbMGovD6sKU oj5puHcX8F8cYMqB/fL6/8dlQvlWx/I5FH6TAgMBAAGjggHnMIIB4zAdBgNVHQ4E FgQUjaiHo1Tl0SomltvjqG0Wj5siOHowHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2phaUhvMVRsMFNvbWx0dmpxRzBXajVz aU9Iby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDauzANBgkq hkiG9w0BAQsFAAOCAQEAMyWsgcNA2K7GiUjTV030h2AO21O6cb64nbHq1cz80pQz v5NdeTFGEHC4MLof5znbZEQTWHWXwUlrUTnVgihY2HcLKY8rAEyrPWiK9jjxk/tN 8FOa+exX9Se0MOa2Y3SnuvoylcOYC06U+XKb6Yl2hcgKK2hhPW+AtQ07IMFsDuNF Ig7JiA1n0uW3IWMIylzXTnBlerpu7dPclRRAP2GyaQPfoefaNCLWY4a1sRcbgUiQ CbVIo5dYCE+Ex6mpYMwwMjn/NHHt/uiVTQZBm42hJ4tWiGpTGda/GgJMqeaMHkBe 9HqUrtuXuh1W54UGP2ZZKgiMqpr2mzo99LWzDSbowA== -----END CERTIFICATE-----Generated at Mon Apr 7 20:56:32 2025 by rpki-client