$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/lCyiuNk5I1ozJvic3vxmy8HA8as.roa File: lCyiuNk5I1ozJvic3vxmy8HA8as.roa (raw, json) Hash identifier: UeaekkP/LbFd83PJYNtQiYUlBJ59mTARuVXRPnbXnpM= Subject key identifier: 94:2C:A2:B8:D9:39:23:5A:33:26:F8:9C:DE:FC:66:CB:C1:C0:F1:AB Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1193 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/lCyiuNk5I1ozJvic3vxmy8HA8as.roa Signing time: Mon 10 Feb 2025 14:27:30 +0000 ROA not before: Mon 10 Feb 2025 14:27:30 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9922 IP address blocks: 124.218.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4499 (0x1193) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:30 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=942CA2B8D939235A3326F89CDEFC66CBC1C0F1AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ff:fa:00:be:2f:2f:3f:5b:a5:e7:22:d9:9e: c0:dd:8e:31:51:93:2c:c7:c4:ca:fd:7f:4e:39:5d: 92:c4:82:16:ec:00:0e:66:21:cf:ba:77:cb:97:ea: 82:79:f4:fe:36:06:ef:a3:15:a1:7c:02:28:b4:b1: 3b:0a:fd:b5:88:f8:09:0d:f2:89:53:9b:b0:f7:ea: f7:82:ab:92:49:7f:25:19:64:52:46:23:7d:88:3a: 81:47:d6:22:29:c3:bf:40:73:96:d2:fe:5c:7f:7a: 12:d8:20:8b:35:fe:df:8d:40:2c:fa:85:b4:db:c2: dd:a9:c0:c2:e7:e6:d0:0a:b6:bb:b7:10:26:82:13: 32:2c:69:55:bc:b4:5b:8b:b6:71:47:65:40:ba:2c: 63:c7:3a:9b:a4:9d:ac:f9:28:1f:37:b9:ff:c1:f0: df:f9:85:75:4c:1c:71:06:26:9c:be:59:52:4b:2e: 05:a1:eb:ab:30:7e:1a:af:92:1b:da:d3:9f:04:22: eb:97:16:44:f0:33:3d:63:ae:f0:93:0e:6d:bd:f3: 24:d5:06:50:a2:07:0d:b0:44:b3:d8:23:87:8d:80: 7a:48:36:67:b6:5d:f4:80:83:67:fc:17:f9:98:a9: a5:87:4d:67:ad:51:04:1b:4b:b4:0e:68:7a:48:9f: 0e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:2C:A2:B8:D9:39:23:5A:33:26:F8:9C:DE:FC:66:CB:C1:C0:F1:AB X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/lCyiuNk5I1ozJvic3vxmy8HA8as.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.128.0/18 Signature Algorithm: sha256WithRSAEncryption 27:5b:c7:3e:82:2a:54:9d:c6:fc:7b:a0:58:1b:20:20:ac:45: 11:bb:50:8e:24:1b:79:b4:28:0e:67:15:0f:fa:86:24:2b:b9: e8:42:1b:49:53:0f:35:d1:82:fd:42:9e:e0:f4:c0:4e:8d:22: a9:ba:3d:25:a7:fd:d6:dc:5c:f1:e9:ab:72:f7:dc:0b:f5:71: b0:32:a0:c8:89:f7:88:c5:9f:28:6f:8e:80:37:3c:61:40:57: fe:85:6c:f7:3c:5c:0f:95:53:24:b2:1f:45:c6:8b:6c:00:47: a0:2b:07:b3:3d:4a:38:d2:ce:9e:ea:18:58:33:49:90:16:b6: 51:c9:e8:e6:50:73:37:ea:8b:4a:ad:6c:25:26:cb:17:0d:b1: 15:29:00:cf:20:e2:c0:95:a5:1c:8e:ff:10:6f:b5:3b:b3:dd: 7d:9e:21:49:d9:05:42:c1:b8:82:45:dd:21:83:15:f8:e2:84: 53:1f:cd:2d:61:af:5e:bd:7c:05:67:fd:25:82:a3:e0:d4:ca: 27:6e:53:f9:34:31:47:07:47:e7:9e:9e:5c:3e:2a:34:06:80: 9c:74:5b:98:9b:ab:26:b7:2d:f2:3f:70:2b:b2:5e:ba:8e:11: b8:5a:6b:4f:38:a6:fc:e0:db:1a:38:b7:de:29:62:5b:ad:1c: ab:b5:bb:7d -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEZMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk0MkNBMkI4RDkzOTIz NUEzMzI2Rjg5Q0RFRkM2NkNCQzFDMEYxQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDE//oAvi8vP1ul5yLZnsDdjjFRkyzHxMr9f045XZLEghbsAA5m Ic+6d8uX6oJ59P42Bu+jFaF8Aii0sTsK/bWI+AkN8olTm7D36veCq5JJfyUZZFJG I32IOoFH1iIpw79Ac5bS/lx/ehLYIIs1/t+NQCz6hbTbwt2pwMLn5tAKtru3ECaC EzIsaVW8tFuLtnFHZUC6LGPHOpuknaz5KB83uf/B8N/5hXVMHHEGJpy+WVJLLgWh 66swfhqvkhva058EIuuXFkTwMz1jrvCTDm298yTVBlCiBw2wRLPYI4eNgHpINme2 XfSAg2f8F/mYqaWHTWetUQQbS7QOaHpInw7xAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUlCyiuNk5I1ozJvic3vxmy8HA8aswHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2xDeWl1Tms1STFvekp2aWMzdnhteThI QThhcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ82oAwDQYJ KoZIhvcNAQELBQADggEBACdbxz6CKlSdxvx7oFgbICCsRRG7UI4kG3m0KA5nFQ/6 hiQruehCG0lTDzXRgv1CnuD0wE6NIqm6PSWn/dbcXPHpq3L33Av1cbAyoMiJ94jF nyhvjoA3PGFAV/6FbPc8XA+VUySyH0XGi2wAR6ArB7M9SjjSzp7qGFgzSZAWtlHJ 6OZQczfqi0qtbCUmyxcNsRUpAM8g4sCVpRyO/xBvtTuz3X2eIUnZBULBuIJF3SGD FfjihFMfzS1hr169fAVn/SWCo+DUyiduU/k0MUcHR+eenlw+KjQGgJx0W5ibqya3 LfI/cCuyXrqOEbhaa084pvzg2xo4t94pYlutHKu1u30= -----END CERTIFICATE-----Generated at Mon Apr 7 17:43:27 2025 by rpki-client