$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/jvfUJB9EXgmeWGyStr3UsCct9AY.roa File: jvfUJB9EXgmeWGyStr3UsCct9AY.roa (raw, json) Hash identifier: 1WrN+q+Dgevu1k8LH65Kpl16UUAbPmVGEqDF/n+h+wo= Subject key identifier: 8E:F7:D4:24:1F:44:5E:09:9E:58:6C:92:B6:BD:D4:B0:27:2D:F4:06 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 124C Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/jvfUJB9EXgmeWGyStr3UsCct9AY.roa Signing time: Mon 10 Feb 2025 14:28:15 +0000 ROA not before: Mon 10 Feb 2025 14:28:15 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9922 IP address blocks: 124.218.80.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4684 (0x124c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:15 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8EF7D4241F445E099E586C92B6BDD4B0272DF406 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:92:81:57:cf:e4:a0:19:4b:2e:45:5e:57:16: 0e:3a:f6:f1:8b:1f:10:11:ca:bd:4a:ad:ab:a0:b9: 65:b7:b5:52:eb:bb:28:d7:8c:2d:8c:44:41:2a:35: 2a:69:bd:59:91:9c:ba:34:c6:69:77:91:0b:c9:b0: 5d:f1:8c:18:91:3a:7f:30:77:27:c3:43:7d:9e:9d: 59:fb:99:e6:59:2a:6d:b8:43:63:74:d3:53:28:81: 53:6b:68:f6:ca:e1:77:b8:a7:ba:61:47:68:88:fb: 8d:43:a0:7b:59:39:ec:8c:62:0a:3c:b9:c5:52:23: 76:29:37:e7:8e:b9:55:71:85:16:1b:19:1f:72:e4: 3f:bb:55:29:f2:e8:41:ff:3e:db:b5:68:9d:63:49: 4f:c6:af:ff:10:eb:4a:c5:8a:09:60:d3:7b:53:15: c6:2d:5a:68:eb:a1:98:7b:80:2d:92:12:c6:67:a9: 67:d2:81:ad:59:f5:b7:2c:e8:3d:41:50:0d:46:a5: 53:d8:49:df:17:a9:7a:28:5c:75:dc:91:12:93:de: 32:ad:10:bd:95:4a:ef:95:7b:b1:12:56:9b:4c:f7: 1a:29:f7:57:ed:2b:78:1d:dc:5c:6f:0f:fb:e6:22: a4:61:20:c8:2e:ce:a8:97:13:91:f7:ee:39:5a:f6: 9d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:F7:D4:24:1F:44:5E:09:9E:58:6C:92:B6:BD:D4:B0:27:2D:F4:06 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/jvfUJB9EXgmeWGyStr3UsCct9AY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.80.0/20 Signature Algorithm: sha256WithRSAEncryption 4e:a7:3b:56:28:7f:0c:53:37:ff:57:37:a0:64:ab:45:5c:ef: 1f:43:fe:7c:71:65:40:30:75:f8:6e:ef:fe:a1:25:b3:26:50: bb:c8:fb:2c:92:cd:7b:fc:6a:5d:9a:77:80:fb:20:1d:73:4e: bf:82:25:1e:1e:4a:dc:81:15:81:62:21:d3:7a:3d:0f:2a:5c: ee:61:e4:af:ff:51:b9:d3:a7:34:b1:91:85:55:45:35:b8:a4: 75:c1:fc:85:f7:3b:15:70:4c:1c:03:f1:0e:34:0a:7e:dc:78: 1f:ff:81:b5:25:e9:d9:46:92:d6:e5:7a:55:a2:7d:78:19:1a: b9:a8:86:fd:7b:17:32:54:9a:4c:bb:e8:28:b3:6f:f7:ce:6e: fb:bb:b4:93:75:b3:d8:f8:f2:41:0b:11:2d:1f:bd:9c:b8:7c: f3:b5:07:45:28:90:5f:87:cb:9a:0a:b4:a1:a1:4d:44:3a:36: cd:c0:b0:db:1f:04:35:c9:fc:7c:dc:74:79:81:60:f4:ad:dc: ee:c9:bb:15:c8:5c:6c:6c:f9:bd:76:fe:d7:63:41:ed:ae:11: 1a:c2:3b:f7:9b:56:82:16:31:15:f2:3d:13:60:dc:14:2f:a6: 1f:b5:3b:d3:e3:a5:0f:00:f3:e1:a6:56:c3:d9:fa:e4:38:cd: 1f:89:02:46 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhFRjdENDI0MUY0NDVF MDk5RTU4NkM5MkI2QkRENEIwMjcyREY0MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbkoFXz+SgGUsuRV5XFg469vGLHxARyr1KrauguWW3tVLruyjX jC2MREEqNSppvVmRnLo0xml3kQvJsF3xjBiROn8wdyfDQ32enVn7meZZKm24Q2N0 01MogVNraPbK4Xe4p7phR2iI+41DoHtZOeyMYgo8ucVSI3YpN+eOuVVxhRYbGR9y 5D+7VSny6EH/Ptu1aJ1jSU/Gr/8Q60rFiglg03tTFcYtWmjroZh7gC2SEsZnqWfS ga1Z9bcs6D1BUA1GpVPYSd8XqXooXHXckRKT3jKtEL2VSu+Ve7ESVptM9xop91ft K3gd3FxvD/vmIqRhIMguzqiXE5H37jla9p17AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUjvfUJB9EXgmeWGyStr3UsCct9AYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2p2ZlVKQjlFWGdtZVdHeVN0cjNVc0Nj dDlBWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR82lAwDQYJ KoZIhvcNAQELBQADggEBAE6nO1YofwxTN/9XN6Bkq0Vc7x9D/nxxZUAwdfhu7/6h JbMmULvI+yySzXv8al2ad4D7IB1zTr+CJR4eStyBFYFiIdN6PQ8qXO5h5K//UbnT pzSxkYVVRTW4pHXB/IX3OxVwTBwD8Q40Cn7ceB//gbUl6dlGktblelWifXgZGrmo hv17FzJUmky76Cizb/fObvu7tJN1s9j48kELES0fvZy4fPO1B0UokF+Hy5oKtKGh TUQ6Ns3AsNsfBDXJ/HzcdHmBYPSt3O7JuxXIXGxs+b12/tdjQe2uERrCO/ebVoIW MRXyPRNg3BQvph+1O9PjpQ8A8+GmVsPZ+uQ4zR+JAkY= -----END CERTIFICATE-----Generated at Mon Apr 7 20:44:35 2025 by rpki-client