$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/mHKLaJUu5fP_elsl-G5gAp2rfXk.roa File: mHKLaJUu5fP_elsl-G5gAp2rfXk.roa (raw, json) Hash identifier: QB03YnuSFCeAN1Ac2kq4YgmmY/WJZkL8zUL/lfuohbM= Subject key identifier: 98:72:8B:68:95:2E:E5:F3:FF:7A:5B:25:F8:6E:60:02:9D:AB:7D:79 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1221 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/mHKLaJUu5fP_elsl-G5gAp2rfXk.roa Signing time: Mon 10 Feb 2025 14:28:06 +0000 ROA not before: Mon 10 Feb 2025 14:28:06 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 219.91.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4641 (0x1221) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:06 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=98728B68952EE5F3FF7A5B25F86E60029DAB7D79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:80:5b:2b:d7:32:95:da:b7:05:b2:23:38:13: bb:0c:0e:9a:01:2b:84:46:bc:9f:0d:0b:29:e6:58: 92:65:3c:e7:a7:0d:81:b5:81:3a:1e:dd:53:c6:c2: 39:cb:c9:d0:6d:5a:74:a4:d0:de:48:88:6c:e4:02: f9:c4:e9:f9:6c:9e:4b:4e:9c:21:1b:76:5b:92:a0: c0:70:54:51:67:52:1c:a7:2a:ab:4f:04:c7:c3:a2: ca:ce:1f:a4:79:d6:1c:6a:6f:60:f5:1b:cb:9f:b2: 50:b1:28:a2:03:2a:20:38:b9:c4:24:5a:f2:a9:6d: 43:9d:c7:e6:ab:e1:23:f8:ea:ad:d0:2a:8a:e9:d6: 4e:0e:02:3a:cf:f5:d1:34:dd:49:69:bb:6b:95:28: 7a:97:3d:f3:8b:13:d2:ac:10:18:ab:85:4d:65:2f: cc:a7:6c:4c:10:5a:ac:f3:76:45:20:71:bc:aa:a4: 31:27:7c:c1:08:aa:c0:3d:d3:e3:04:66:ee:8e:49: 7f:90:ff:16:9a:99:c2:0a:45:cb:4c:5f:4e:49:fb: 45:a1:e6:39:77:53:82:ba:49:f8:bd:7a:51:7c:57: f8:f7:dd:70:a9:30:b0:97:31:1a:c2:17:68:c4:ad: 4d:8e:49:fc:fa:90:a1:0b:4b:f9:a1:f3:2e:b1:f3: 0b:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:72:8B:68:95:2E:E5:F3:FF:7A:5B:25:F8:6E:60:02:9D:AB:7D:79 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/mHKLaJUu5fP_elsl-G5gAp2rfXk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.91.64.0/22 Signature Algorithm: sha256WithRSAEncryption 95:b5:37:35:88:b1:ee:84:34:4d:73:ba:7d:ea:ba:95:a9:af: 0e:09:75:e7:86:93:f5:21:8c:df:5e:45:3e:b3:69:b0:96:e6: ee:2a:09:4b:ca:94:b1:af:aa:6b:a9:6b:54:31:4a:13:35:5a: fc:1a:d9:d5:a7:75:3a:09:21:0a:88:64:f8:31:5c:2e:12:d9: 53:1e:a2:c5:31:0b:47:04:a5:f7:db:75:28:95:2f:ff:f5:89: 2d:17:8b:16:17:af:d4:b5:6b:fb:9e:8f:aa:99:22:8c:8c:dd: 1a:e1:1d:35:4c:a5:40:f5:b7:dc:c2:49:00:f3:6b:79:12:b6: bf:15:ab:d1:6c:b7:ea:03:ce:6b:5a:74:69:d8:d5:d9:68:32: 53:48:55:57:93:09:de:31:bb:2b:2b:fc:9d:b3:54:fa:16:0c: 81:ba:fa:48:9c:75:06:c2:98:81:22:2d:30:7b:0d:0f:9b:ab: ea:9a:39:7a:17:c6:47:83:4c:0e:31:3c:ca:cd:61:20:5f:6c: 6b:52:c6:96:c4:c9:d9:23:ef:6c:73:8d:ec:b4:f6:be:f4:88: f0:ed:b3:21:46:75:5e:8a:1a:f5:aa:b6:af:03:41:7d:61:bc: a4:0c:3d:74:82:96:17:7f:fc:82:b1:78:d3:54:a0:b9:e7:f2: f6:0d:fd:69 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk4NzI4QjY4OTUyRUU1 RjNGRjdBNUIyNUY4NkU2MDAyOURBQjdENzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJgFsr1zKV2rcFsiM4E7sMDpoBK4RGvJ8NCynmWJJlPOenDYG1 gToe3VPGwjnLydBtWnSk0N5IiGzkAvnE6flsnktOnCEbdluSoMBwVFFnUhynKqtP BMfDosrOH6R51hxqb2D1G8ufslCxKKIDKiA4ucQkWvKpbUOdx+ar4SP46q3QKorp 1k4OAjrP9dE03Ulpu2uVKHqXPfOLE9KsEBirhU1lL8ynbEwQWqzzdkUgcbyqpDEn fMEIqsA90+MEZu6OSX+Q/xaamcIKRctMX05J+0Wh5jl3U4K6Sfi9elF8V/j33XCp MLCXMRrCF2jErU2OSfz6kKELS/mh8y6x8wsFAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUmHKLaJUu5fP/elsl+G5gAp2rfXkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL21IS0xhSlV1NWZQX2Vsc2wtRzVnQXAy cmZYay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALbW0AwDQYJ KoZIhvcNAQELBQADggEBAJW1NzWIse6ENE1zun3qupWprw4JdeeGk/UhjN9eRT6z abCW5u4qCUvKlLGvqmupa1QxShM1Wvwa2dWndToJIQqIZPgxXC4S2VMeosUxC0cE pffbdSiVL//1iS0XixYXr9S1a/uej6qZIoyM3RrhHTVMpUD1t9zCSQDza3kStr8V q9Fst+oDzmtadGnY1dloMlNIVVeTCd4xuysr/J2zVPoWDIG6+kicdQbCmIEiLTB7 DQ+bq+qaOXoXxkeDTA4xPMrNYSBfbGtSxpbEydkj72xzjey09r70iPDtsyFGdV6K GvWqtq8DQX1hvKQMPXSClhd//IKxeNNUoLnn8vYN/Wk= -----END CERTIFICATE-----Generated at Sat Apr 5 16:36:20 2025 by rpki-client