$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/oXbOS-fAxKpRxadujs48xOhXdPY.roa File: oXbOS-fAxKpRxadujs48xOhXdPY.roa (raw, json) Hash identifier: 2/crT25U9N9kox96isQhRwMk4YMEhPHfmgjj80kAeFI= Subject key identifier: A1:76:CE:4B:E7:C0:C4:AA:51:C5:A7:6E:8E:CE:3C:C4:E8:57:74:F6 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1263 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/oXbOS-fAxKpRxadujs48xOhXdPY.roa Signing time: Mon 10 Feb 2025 14:28:22 +0000 ROA not before: Mon 10 Feb 2025 14:28:22 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18419 IP address blocks: 124.218.224.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4707 (0x1263) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:22 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A176CE4BE7C0C4AA51C5A76E8ECE3CC4E85774F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ee:62:4d:d9:33:35:03:88:62:f1:18:95:d6: 93:f0:8a:e1:0f:0a:b8:b5:9e:05:1d:b2:ef:6f:fe: f1:7f:4b:36:32:1f:9c:f6:8c:4e:3c:2d:54:25:89: 83:f0:a2:79:f0:d2:c8:45:5a:83:24:aa:2f:1d:3a: c0:e7:0b:1c:f0:01:2e:bf:07:05:52:01:a2:82:4f: 48:73:d9:55:29:3e:ba:a7:47:a4:c8:a9:58:1e:b0: 01:31:78:5f:90:1d:56:64:85:2a:e6:a8:98:23:91: 66:5d:05:b2:1d:8d:a7:92:f9:7f:86:2f:99:2c:f3: 10:53:b5:71:74:e9:b7:0d:28:52:cf:37:68:a1:bc: 1b:14:a3:94:60:d9:78:86:4f:7b:46:67:70:6c:eb: a0:31:b9:1b:9d:39:c5:d5:4a:6f:94:ea:f3:7a:d7: 0f:85:d3:55:40:b0:a9:e8:e1:1b:21:01:70:b9:a4: bd:b2:f8:4f:69:89:e2:4a:11:25:58:cf:78:99:42: 63:f1:f7:56:9a:8a:f9:6d:92:d7:08:bd:6a:d8:1a: 9a:36:e5:d9:52:57:83:32:1f:0e:b0:ac:93:25:1d: 3a:34:68:e6:cd:64:08:58:92:b8:3f:de:2c:23:dc: 65:4f:2a:e0:b5:94:b0:70:09:98:30:e4:53:4e:2f: ae:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:76:CE:4B:E7:C0:C4:AA:51:C5:A7:6E:8E:CE:3C:C4:E8:57:74:F6 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/oXbOS-fAxKpRxadujs48xOhXdPY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.224.0/21 Signature Algorithm: sha256WithRSAEncryption 9d:e2:17:7d:0f:88:e5:ef:57:b1:33:1e:3c:39:9a:14:16:8b: 45:35:e9:99:86:dd:de:59:b3:fc:36:26:b4:df:e8:88:dd:f6: ce:c3:6e:29:bb:40:10:eb:bc:9d:a6:09:c4:94:aa:20:55:db: 67:b9:71:84:a6:e3:72:3e:1e:df:9b:29:32:54:ad:74:56:d5: 75:ed:b1:6a:cb:fc:58:a5:8a:9c:92:57:05:c6:4e:31:9a:d1: 30:7c:49:af:d0:8d:92:35:ed:7e:9c:91:87:70:61:c2:15:4a: c8:5e:b6:e0:46:6c:bf:db:fa:3a:9a:60:fe:72:58:60:6e:3f: 70:c0:35:e7:ec:6f:68:6d:49:9e:d3:87:68:ad:0a:5c:39:51: a9:f6:d0:d8:c7:f0:f1:25:50:ec:b5:54:1d:f3:e8:e8:2d:b3: a1:eb:09:26:16:c5:f8:a0:fd:48:23:ca:79:7a:de:f4:6f:68: 7c:a5:a7:2a:99:95:13:51:2d:04:c6:b4:88:f9:ed:e7:5e:c4: 79:41:00:4e:9c:b8:2c:72:f4:15:82:03:22:55:09:24:f1:7b: 16:c3:91:5b:da:42:2a:70:1a:9d:59:93:e8:fb:e5:0a:70:09: fe:b6:e8:05:da:72:09:2c:5e:10:aa:14:4a:71:5f:22:74:9a: f3:3a:67:68 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEmMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEExNzZDRTRCRTdDMEM0 QUE1MUM1QTc2RThFQ0UzQ0M0RTg1Nzc0RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDG7mJN2TM1A4hi8RiV1pPwiuEPCri1ngUdsu9v/vF/SzYyH5z2 jE48LVQliYPwonnw0shFWoMkqi8dOsDnCxzwAS6/BwVSAaKCT0hz2VUpPrqnR6TI qVgesAExeF+QHVZkhSrmqJgjkWZdBbIdjaeS+X+GL5ks8xBTtXF06bcNKFLPN2ih vBsUo5Rg2XiGT3tGZ3Bs66AxuRudOcXVSm+U6vN61w+F01VAsKno4RshAXC5pL2y +E9pieJKESVYz3iZQmPx91aaivltktcIvWrYGpo25dlSV4MyHw6wrJMlHTo0aObN ZAhYkrg/3iwj3GVPKuC1lLBwCZgw5FNOL67nAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUoXbOS+fAxKpRxadujs48xOhXdPYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL29YYk9TLWZBeEtwUnhhZHVqczQ4eE9o WGRQWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN82uAwDQYJ KoZIhvcNAQELBQADggEBAJ3iF30PiOXvV7EzHjw5mhQWi0U16ZmG3d5Zs/w2JrTf 6Ijd9s7Dbim7QBDrvJ2mCcSUqiBV22e5cYSm43I+Ht+bKTJUrXRW1XXtsWrL/Fil ipySVwXGTjGa0TB8Sa/QjZI17X6ckYdwYcIVSshetuBGbL/b+jqaYP5yWGBuP3DA Nefsb2htSZ7Th2itClw5Uan20NjH8PElUOy1VB3z6Ogts6HrCSYWxfig/Ugjynl6 3vRvaHylpyqZlRNRLQTGtIj57edexHlBAE6cuCxy9BWCAyJVCSTxexbDkVvaQipw Gp1Zk+j75QpwCf626AXacgksXhCqFEpxXyJ0mvM6Z2g= -----END CERTIFICATE-----Generated at Mon Apr 7 17:42:03 2025 by rpki-client