$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/uomQBKYi6XyOdmBhlsOLr1aTeqM.roa File: uomQBKYi6XyOdmBhlsOLr1aTeqM.roa (raw, json) Hash identifier: Nx/rklVKz9h4tE+lBY+2UMWJUVKAfwbSMmSe86J+ca0= Subject key identifier: BA:89:90:04:A6:22:E9:7C:8E:76:60:61:96:C3:8B:AF:56:93:7A:A3 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1242 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/uomQBKYi6XyOdmBhlsOLr1aTeqM.roa Signing time: Mon 10 Feb 2025 14:28:14 +0000 ROA not before: Mon 10 Feb 2025 14:28:14 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131591 IP address blocks: 223.23.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4674 (0x1242) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:14 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=BA899004A622E97C8E76606196C38BAF56937AA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:59:88:58:28:bc:d3:89:29:f9:38:15:ed:18: ea:ad:39:5f:a1:51:83:13:95:92:73:93:08:26:59: 98:03:8e:2b:a6:bd:11:9f:b0:a5:97:b7:e1:91:f7: 66:b7:35:ef:41:51:2e:70:88:ef:38:16:a9:3f:d9: ad:58:a8:e6:52:42:17:bd:70:1b:e8:d9:4d:8e:85: a5:15:4c:d6:89:b1:22:d1:68:03:8a:19:4e:e9:f4: ca:0c:e6:da:cf:1a:bd:12:b1:d5:1c:db:c5:f5:ac: 30:a0:53:17:75:19:0a:95:fb:93:15:5a:56:83:a5: b9:14:25:65:6e:1c:e1:97:d9:db:f9:7b:24:5b:0a: 34:1b:81:5f:e1:c5:28:5a:00:4e:58:2c:85:d5:a1: f2:73:a3:bd:1d:f3:12:a4:51:21:7d:ee:53:18:90: a4:97:76:c1:05:23:ec:d9:3c:27:c1:4f:87:59:5b: a7:62:72:45:73:a0:a1:f6:e9:ee:39:d2:77:c9:8b: 33:4d:4c:99:24:fe:fb:43:00:1d:2a:03:e4:d5:9d: 79:a6:0a:2e:1b:95:f7:81:b8:d8:dd:a5:34:50:f6: 4f:a5:2c:43:f0:f9:87:61:28:5e:23:d9:fe:27:db: 79:0f:81:51:70:b5:65:14:1b:df:97:5a:d8:82:dc: ef:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:89:90:04:A6:22:E9:7C:8E:76:60:61:96:C3:8B:AF:56:93:7A:A3 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/uomQBKYi6XyOdmBhlsOLr1aTeqM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.23.0.0/16 Signature Algorithm: sha256WithRSAEncryption 4e:0a:9a:51:5f:e6:ac:e9:03:1b:08:20:bf:f6:19:ac:12:f4: 9d:a0:a2:e9:f8:50:ef:e0:ee:c6:b9:73:16:e5:8c:a2:f8:0b: 71:24:c3:21:e2:33:a1:90:f7:d5:2b:82:e3:21:84:ad:d7:31: 53:3d:f9:45:50:fc:2a:1e:1f:f5:70:23:39:b2:89:e8:38:96: d1:e2:24:0f:e2:c6:6c:1d:5e:7b:c5:d7:dd:c4:f0:d7:03:51: de:2f:fa:52:fe:2f:05:67:a2:c7:78:c1:6a:59:60:17:e4:1d: 2c:22:07:32:1f:1a:76:fc:26:a0:71:31:d1:af:b8:a6:92:fd: 3e:aa:67:c3:8c:46:24:4b:1d:d5:c8:90:07:d6:54:e0:a6:6f: f4:6a:7b:9d:b2:58:a4:3d:bb:27:3a:5e:73:df:9b:bb:c4:3c: e6:80:2f:b4:31:e8:83:4e:ae:c0:3b:dc:85:11:53:08:b7:da: d3:1c:24:18:fc:4a:6c:3a:06:4c:83:02:9c:50:48:f1:fb:af: f6:ba:ce:3f:f9:0a:98:00:d3:dc:eb:3b:51:d2:c4:00:4d:8c: 39:51:2c:3f:ae:ff:45:6e:de:fd:36:7c:6e:29:17:23:5d:b4: 44:f8:2b:2b:66:53:40:08:17:3e:7e:3f:f1:3e:27:ba:58:7d: 3f:17:57:fb -----BEGIN CERTIFICATE----- MIIEyzCCA7OgAwIBAgICEkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJBODk5MDA0QTYyMkU5 N0M4RTc2NjA2MTk2QzM4QkFGNTY5MzdBQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnWYhYKLzTiSn5OBXtGOqtOV+hUYMTlZJzkwgmWZgDjiumvRGf sKWXt+GR92a3Ne9BUS5wiO84Fqk/2a1YqOZSQhe9cBvo2U2OhaUVTNaJsSLRaAOK GU7p9MoM5trPGr0SsdUc28X1rDCgUxd1GQqV+5MVWlaDpbkUJWVuHOGX2dv5eyRb CjQbgV/hxShaAE5YLIXVofJzo70d8xKkUSF97lMYkKSXdsEFI+zZPCfBT4dZW6di ckVzoKH26e450nfJizNNTJkk/vtDAB0qA+TVnXmmCi4blfeBuNjdpTRQ9k+lLEPw +YdhKF4j2f4n23kPgVFwtWUUG9+XWtiC3O/jAgMBAAGjggHnMIIB4zAdBgNVHQ4E FgQUuomQBKYi6XyOdmBhlsOLr1aTeqMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3VvbVFCS1lpNlh5T2RtQmhsc09McjFh VGVxTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDfFzANBgkq hkiG9w0BAQsFAAOCAQEATgqaUV/mrOkDGwggv/YZrBL0naCi6fhQ7+DuxrlzFuWM ovgLcSTDIeIzoZD31SuC4yGErdcxUz35RVD8Kh4f9XAjObKJ6DiW0eIkD+LGbB1e e8XX3cTw1wNR3i/6Uv4vBWeix3jBallgF+QdLCIHMh8advwmoHEx0a+4ppL9Pqpn w4xGJEsd1ciQB9ZU4KZv9Gp7nbJYpD27Jzpec9+bu8Q85oAvtDHog06uwDvchRFT CLfa0xwkGPxKbDoGTIMCnFBI8fuv9rrOP/kKmADT3Os7UdLEAE2MOVEsP67/RW7e /TZ8bikXI120RPgrK2ZTQAgXPn4/8T4nulh9PxdX+w== -----END CERTIFICATE-----Generated at Mon Apr 7 20:51:46 2025 by rpki-client