$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/zOeDCuejyyeeg2p7KNCafrbSPZg.roa File: zOeDCuejyyeeg2p7KNCafrbSPZg.roa (raw, json) Hash identifier: IKMlI2WEu9MZ7XV1TMPvMF7XO4qmNTOmIqO55LtLyPE= Subject key identifier: CC:E7:83:0A:E7:A3:CB:27:9E:83:6A:7B:28:D0:9A:7E:B6:D2:3D:98 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1218 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/zOeDCuejyyeeg2p7KNCafrbSPZg.roa Signing time: Mon 10 Feb 2025 14:28:03 +0000 ROA not before: Mon 10 Feb 2025 14:28:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24154 IP address blocks: 211.76.104.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4632 (0x1218) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:03 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CCE7830AE7A3CB279E836A7B28D09A7EB6D23D98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:da:ba:11:bc:a1:08:0d:73:7e:4e:bc:6c:00: e4:77:05:80:9b:da:d4:4b:23:85:cc:e6:70:b1:73: 96:47:f8:b3:1b:76:3a:78:1d:47:25:aa:81:26:0d: d6:92:da:e9:fa:ea:e3:0e:59:10:c4:96:e6:df:19: bb:18:c9:7b:1d:41:26:dd:d6:38:d7:87:68:47:4d: 50:75:3f:88:b2:b2:62:d0:03:13:f2:5c:0e:67:59: d8:39:28:65:8d:3c:77:b2:0d:59:70:77:9c:ea:3e: 4d:03:f8:93:30:1a:bf:6f:74:37:b4:67:35:24:30: 5b:61:c1:11:60:17:a2:39:41:cd:c6:8a:bd:66:75: 49:28:a3:a0:79:14:ab:a5:94:26:4b:0a:42:71:5c: ba:c6:9e:97:d0:75:65:e5:9f:fc:f0:cc:3b:91:76: 06:b9:98:3d:67:b6:a2:9f:15:6f:70:17:15:24:9e: 9e:5e:68:9c:58:b1:84:64:27:b6:e3:1e:f4:34:57: be:b1:46:5a:8a:fd:fb:6a:15:77:c2:c5:f1:1e:61: 4d:b8:5b:57:de:f0:10:d6:5a:46:d9:97:0d:c3:e1: 59:d4:cb:5b:88:fa:e7:20:fb:5d:61:79:8a:ec:ab: 49:8d:f2:be:de:af:54:d5:f9:0e:48:0a:f3:41:81: 0c:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:E7:83:0A:E7:A3:CB:27:9E:83:6A:7B:28:D0:9A:7E:B6:D2:3D:98 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/zOeDCuejyyeeg2p7KNCafrbSPZg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.76.104.0/23 Signature Algorithm: sha256WithRSAEncryption 19:b0:50:81:3c:a2:20:bc:a3:fd:11:9d:12:4c:b4:08:58:ed: e7:9d:cd:8e:c4:a4:bc:8d:01:b3:fa:91:b6:ff:bd:f8:ff:12: 16:78:e9:ae:7b:f0:b7:f2:a4:d9:64:84:bc:24:13:b9:97:3e: 9b:ef:86:a6:58:58:8c:36:f7:11:1b:d2:e5:06:76:17:70:6c: 44:f6:20:4a:48:ba:e6:76:13:12:40:d5:73:34:71:68:39:44: 53:1d:a3:3d:fa:e3:b0:ef:98:5d:1a:59:ed:7c:e0:5f:4a:1f: e3:94:2c:c7:a1:a2:da:fa:7c:a6:0c:d3:cc:51:c1:61:21:4c: 6c:6b:af:a4:5e:b5:3c:64:6a:5e:e0:d2:9f:15:fd:14:01:37: 34:f2:f0:79:d6:84:aa:4b:71:84:8e:43:7a:2e:fc:a4:6c:9e: 7b:39:6d:86:45:02:e3:45:8d:ac:e5:a4:a7:78:e2:74:ec:48: 2c:57:a4:18:1f:f4:c2:cb:ac:39:f0:07:f6:66:52:96:e2:1f: e3:4f:4b:bc:a7:7c:25:78:b5:0d:df:28:2a:a8:30:98:98:6d: b5:4e:5d:40:fc:30:e2:6b:34:ba:c5:c5:c7:8c:2b:46:26:6b: 47:e0:fb:2a:f6:41:79:f9:97:87:f7:9b:54:55:d2:44:7b:9d: 82:38:da:01 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEhgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENDRTc4MzBBRTdBM0NC Mjc5RTgzNkE3QjI4RDA5QTdFQjZEMjNEOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDa2roRvKEIDXN+TrxsAOR3BYCb2tRLI4XM5nCxc5ZH+LMbdjp4 HUclqoEmDdaS2un66uMOWRDElubfGbsYyXsdQSbd1jjXh2hHTVB1P4iysmLQAxPy XA5nWdg5KGWNPHeyDVlwd5zqPk0D+JMwGr9vdDe0ZzUkMFthwRFgF6I5Qc3Gir1m dUkoo6B5FKullCZLCkJxXLrGnpfQdWXln/zwzDuRdga5mD1ntqKfFW9wFxUknp5e aJxYsYRkJ7bjHvQ0V76xRlqK/ftqFXfCxfEeYU24W1fe8BDWWkbZlw3D4VnUy1uI +ucg+11heYrsq0mN8r7er1TV+Q5ICvNBgQyXAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUzOeDCuejyyeeg2p7KNCafrbSPZgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3pPZURDdWVqeXllZWcycDdLTkNhZnJi U1BaZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHTTGgwDQYJ KoZIhvcNAQELBQADggEBABmwUIE8oiC8o/0RnRJMtAhY7eedzY7EpLyNAbP6kbb/ vfj/EhZ46a578LfypNlkhLwkE7mXPpvvhqZYWIw29xEb0uUGdhdwbET2IEpIuuZ2 ExJA1XM0cWg5RFMdoz3647DvmF0aWe184F9KH+OULMehotr6fKYM08xRwWEhTGxr r6RetTxkal7g0p8V/RQBNzTy8HnWhKpLcYSOQ3ou/KRsnns5bYZFAuNFjazlpKd4 4nTsSCxXpBgf9MLLrDnwB/ZmUpbiH+NPS7ynfCV4tQ3fKCqoMJiYbbVOXUD8MOJr NLrFxceMK0Yma0fg+yr2QXn5l4f3m1RV0kR7nYI42gE= -----END CERTIFICATE-----Generated at Mon Apr 7 20:49:28 2025 by rpki-client