$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/nt2Zw2EwFEpza9Rg7cQVNSVV05c.roa File: nt2Zw2EwFEpza9Rg7cQVNSVV05c.roa (raw, json) Hash identifier: 3X3bSUtzKsfMAC9VyH1gUG3Wt8MC2MhwVb2ezUVLuzo= Subject key identifier: 9E:DD:99:C3:61:30:14:4A:73:6B:D4:60:ED:C4:15:35:25:55:D3:97 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 11A8 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nt2Zw2EwFEpza9Rg7cQVNSVV05c.roa Signing time: Mon 10 Feb 2025 14:27:36 +0000 ROA not before: Mon 10 Feb 2025 14:27:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 7482 IP address blocks: 210.202.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 07:08:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4520 (0x11a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:36 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9EDD99C36130144A736BD460EDC415352555D397 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:e7:23:67:c0:12:24:13:b6:2f:b2:2e:a9:b1: d0:f2:70:97:7a:75:6e:da:68:40:99:a8:f5:35:c0: 7d:88:a9:6a:4e:91:5f:6f:3c:fb:1b:f2:91:14:da: 67:3e:79:51:c4:26:23:a9:0f:ae:ff:c6:5b:1c:f4: 1d:ec:42:43:51:65:c7:21:19:23:46:63:d0:26:e7: d6:63:da:0d:3e:96:0a:fe:e8:4d:7e:35:00:9e:48: 78:87:bb:99:c2:db:41:3b:5a:f0:51:b4:d7:98:17: fe:e5:91:95:30:35:a1:74:d9:03:9f:6b:8f:a1:de: 19:68:a8:f7:82:f3:e5:51:54:6c:4a:22:2c:9b:d0: bb:a4:9e:28:76:26:20:6d:50:3c:01:16:18:b7:50: 22:75:a0:06:e2:31:9e:2b:7a:44:31:c5:76:04:92: c9:04:19:10:3d:c5:9f:28:56:fe:e8:de:3c:87:da: b5:ae:39:ab:b0:e1:f2:7a:2a:3b:5b:ab:9e:b1:62: 57:c2:42:9e:d9:61:a9:08:6b:83:07:1c:a1:6b:20: 1f:40:18:84:94:c1:13:8d:85:ce:75:63:8f:83:94: ca:37:09:b9:6c:75:b4:93:f4:25:73:82:84:18:65: 32:45:62:56:98:cf:34:d8:97:6f:53:81:c1:ff:86: de:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:DD:99:C3:61:30:14:4A:73:6B:D4:60:ED:C4:15:35:25:55:D3:97 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nt2Zw2EwFEpza9Rg7cQVNSVV05c.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.202.192.0/18 Signature Algorithm: sha256WithRSAEncryption cb:46:2b:e2:d7:8c:64:ea:ac:2b:2b:fa:ca:d3:62:66:9d:0b: 3f:02:5b:64:e7:8a:35:3d:cb:df:f6:41:6e:93:e0:40:c5:4e: 74:8e:b5:b7:22:0a:59:89:fd:47:9b:1e:cb:ac:78:97:b0:dd: 31:15:a2:e3:a3:20:17:12:ca:04:1e:43:cd:15:8b:14:12:7b: 71:9b:46:6b:e1:4e:10:22:e0:af:fd:86:af:7f:10:2c:1d:3a: 4d:f5:2d:db:22:7d:0b:bc:71:12:81:7d:ac:3f:1b:c5:35:47: 7a:16:1d:44:2a:f8:fc:a0:d5:f2:39:0c:fc:54:6f:90:36:8a: 40:91:aa:f1:74:22:90:62:e0:59:c4:8b:0c:20:bb:dd:bd:c1: de:e5:49:13:9b:e9:59:64:17:0d:be:a4:b9:f1:f6:4c:3d:c8: 3c:16:34:dc:f2:7b:c3:eb:b0:a3:82:69:63:50:bb:80:70:d7: 18:9a:5a:86:93:48:31:06:3d:3b:44:b7:82:12:8f:c2:b9:09: 11:c0:aa:36:48:1c:9d:61:88:36:a7:7d:cc:18:d8:ba:62:59: 44:7a:39:5d:4d:37:82:c8:fc:99:8f:5e:e5:0f:88:5f:9e:95: 11:93:da:43:7c:8d:e7:82:e8:f6:f6:5e:e0:c0:22:04:eb:7a: 92:e7:89:b8 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlFREQ5OUMzNjEzMDE0 NEE3MzZCRDQ2MEVEQzQxNTM1MjU1NUQzOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDv5yNnwBIkE7Yvsi6psdDycJd6dW7aaECZqPU1wH2IqWpOkV9v PPsb8pEU2mc+eVHEJiOpD67/xlsc9B3sQkNRZcchGSNGY9Am59Zj2g0+lgr+6E1+ NQCeSHiHu5nC20E7WvBRtNeYF/7lkZUwNaF02QOfa4+h3hloqPeC8+VRVGxKIiyb 0Luknih2JiBtUDwBFhi3UCJ1oAbiMZ4rekQxxXYEkskEGRA9xZ8oVv7o3jyH2rWu Oauw4fJ6Kjtbq56xYlfCQp7ZYakIa4MHHKFrIB9AGISUwRONhc51Y4+DlMo3Cbls dbST9CVzgoQYZTJFYlaYzzTYl29TgcH/ht61AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUnt2Zw2EwFEpza9Rg7cQVNSVV05cwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL250Mlp3MkV3RkVwemE5Umc3Y1FWTlNW VjA1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbSysAwDQYJ KoZIhvcNAQELBQADggEBAMtGK+LXjGTqrCsr+srTYmadCz8CW2TnijU9y9/2QW6T 4EDFTnSOtbciClmJ/UebHsuseJew3TEVouOjIBcSygQeQ80VixQSe3GbRmvhThAi 4K/9hq9/ECwdOk31LdsifQu8cRKBfaw/G8U1R3oWHUQq+Pyg1fI5DPxUb5A2ikCR qvF0IpBi4FnEiwwgu929wd7lSROb6VlkFw2+pLnx9kw9yDwWNNzye8PrsKOCaWNQ u4Bw1xiaWoaTSDEGPTtEt4ISj8K5CRHAqjZIHJ1hiDanfcwY2LpiWUR6OV1NN4LI /JmPXuUPiF+elRGT2kN8jeeC6Pb2XuDAIgTrepLnibg= -----END CERTIFICATE-----Generated at Mon Apr 14 04:29:31 2025 by rpki-client