$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/nC8BajmlSDse_7UWZMWSCS12CFg.roa File: nC8BajmlSDse_7UWZMWSCS12CFg.roa (raw, json) Hash identifier: x5bG6WGwo0088sJVrFlRg3jMK3tOXve2evzfpK2DkKQ= Subject key identifier: 9C:2F:01:6A:39:A5:48:3B:1E:FF:B5:16:64:C5:92:09:2D:76:08:58 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1271 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nC8BajmlSDse_7UWZMWSCS12CFg.roa Signing time: Mon 10 Feb 2025 14:28:24 +0000 ROA not before: Mon 10 Feb 2025 14:28:24 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18419 IP address blocks: 124.218.108.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4721 (0x1271) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:24 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9C2F016A39A5483B1EFFB51664C592092D760858 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:45:80:e0:dd:44:a2:3e:9a:9d:ef:42:60:3b: 7a:1f:c7:f8:be:0f:6f:8e:2a:f1:8d:07:b5:00:e9: 11:8a:8f:e6:60:20:a2:1a:0a:77:7e:59:d1:c9:48: 70:13:2d:a4:75:9d:1a:93:77:2a:a6:4c:14:6c:84: 47:e0:13:9a:8f:dd:3d:e5:49:8f:3f:dc:8a:e2:dd: b4:78:de:74:43:3a:fb:7e:e6:af:78:30:85:b4:b7: dd:0e:e9:63:0b:bd:3a:e7:1b:97:56:64:65:c8:32: 54:1a:98:d7:ce:dc:69:37:1d:a8:5e:5e:f4:3e:f9: c1:1a:9c:2b:a6:f9:12:63:b4:07:de:11:48:f2:91: c1:9a:73:14:33:b3:75:be:2c:5d:6f:5f:d5:32:26: 01:c6:dc:1a:cf:37:18:27:57:ec:d0:91:4d:46:74: 82:7f:a0:bb:4c:6e:81:25:c8:8d:f1:d7:4a:3c:2c: 5a:de:20:e8:30:db:1f:14:1e:2e:d9:f5:f6:1b:55: de:a6:e9:ff:13:d5:04:f2:ed:f4:ed:e4:96:a3:02: 46:86:fa:11:b7:16:36:34:0d:40:5a:5a:00:3c:62: b1:24:c5:28:44:c8:21:04:61:63:19:dc:a0:9b:ed: 24:dc:42:c8:5c:2b:9b:c2:39:ab:c1:10:a3:79:5f: 3f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:2F:01:6A:39:A5:48:3B:1E:FF:B5:16:64:C5:92:09:2D:76:08:58 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nC8BajmlSDse_7UWZMWSCS12CFg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.108.0/22 Signature Algorithm: sha256WithRSAEncryption 6b:b6:4f:2c:50:d1:35:ca:a2:58:a4:a1:e7:be:a7:93:b8:91: 19:16:6c:a4:74:3c:7c:bb:ad:13:f2:4c:d0:6e:cd:ee:2a:6b: b4:45:a7:ff:bb:b8:bf:b3:c1:69:af:43:a8:a5:fd:22:6e:cc: b0:e2:eb:0d:1a:65:f9:bd:26:60:35:13:d0:ec:20:71:b4:fd: 16:68:fe:73:5f:1e:67:54:70:9e:7b:a4:7b:09:36:55:d2:68: 5c:92:26:68:4d:07:e7:e7:9a:13:f8:03:6b:db:3c:58:2a:60: b9:aa:a9:f9:b8:46:c8:c7:53:29:0f:db:9b:f7:81:74:ee:a8: ab:12:d9:20:64:ea:a2:0b:71:ab:cb:ca:57:16:2a:9f:94:30: 23:d5:cb:5c:c6:63:89:a6:69:ec:41:48:39:4c:a1:95:d6:94: c1:55:34:15:de:ab:a9:b6:4c:a7:c3:0c:a9:ca:4e:88:c8:cc: 67:c4:f5:92:41:48:da:84:0b:9f:55:5a:f0:e2:7a:e3:5d:10: 8e:01:86:d5:c2:c9:8a:21:83:99:c4:e0:71:89:50:67:af:62: e7:23:f3:14:f7:be:74:52:7f:01:1f:2d:f2:79:5e:f5:a3:d6: 23:a8:07:84:25:a1:84:f4:1e:d6:ec:ff:97:9f:43:b6:cc:9e: 4b:6d:30:69 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEnEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlDMkYwMTZBMzlBNTQ4 M0IxRUZGQjUxNjY0QzU5MjA5MkQ3NjA4NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDORYDg3USiPpqd70JgO3ofx/i+D2+OKvGNB7UA6RGKj+ZgIKIa Cnd+WdHJSHATLaR1nRqTdyqmTBRshEfgE5qP3T3lSY8/3Iri3bR43nRDOvt+5q94 MIW0t90O6WMLvTrnG5dWZGXIMlQamNfO3Gk3HaheXvQ++cEanCum+RJjtAfeEUjy kcGacxQzs3W+LF1vX9UyJgHG3BrPNxgnV+zQkU1GdIJ/oLtMboElyI3x10o8LFre IOgw2x8UHi7Z9fYbVd6m6f8T1QTy7fTt5JajAkaG+hG3FjY0DUBaWgA8YrEkxShE yCEEYWMZ3KCb7STcQshcK5vCOavBEKN5Xz8pAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUnC8BajmlSDse/7UWZMWSCS12CFgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL25DOEJham1sU0RzZV83VVdaTVdTQ1Mx MkNGZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82mwwDQYJ KoZIhvcNAQELBQADggEBAGu2TyxQ0TXKolikoee+p5O4kRkWbKR0PHy7rRPyTNBu ze4qa7RFp/+7uL+zwWmvQ6il/SJuzLDi6w0aZfm9JmA1E9DsIHG0/RZo/nNfHmdU cJ57pHsJNlXSaFySJmhNB+fnmhP4A2vbPFgqYLmqqfm4RsjHUykP25v3gXTuqKsS 2SBk6qILcavLylcWKp+UMCPVy1zGY4mmaexBSDlMoZXWlMFVNBXeq6m2TKfDDKnK TojIzGfE9ZJBSNqEC59VWvDieuNdEI4BhtXCyYohg5nE4HGJUGevYucj8xT3vnRS fwEfLfJ5XvWj1iOoB4QloYT0Htbs/5efQ7bMnkttMGk= -----END CERTIFICATE-----Generated at Mon Apr 7 17:42:17 2025 by rpki-client