$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HEALTHNET/1U1k0Hlx6ZW6IFa4nN3lR_y-d9c.roa File: 1U1k0Hlx6ZW6IFa4nN3lR_y-d9c.roa (raw, json) Hash identifier: e0jdeeLkDyWic3BOVBIZA4NnL/5ALEfukPtZdf4Bz7M= Subject key identifier: D5:4D:64:D0:79:71:E9:95:BA:20:56:B8:9C:DD:E5:47:FC:BE:77:D7 Certificate issuer: /CN=43FF5C92CC4950A457A7327D168FBC465B218322 Certificate serial: 0C96 Authority key identifier: 43:FF:5C:92:CC:49:50:A4:57:A7:32:7D:16:8F:BC:46:5B:21:83:22 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Q_9cksxJUKRXpzJ9Fo-8RlshgyI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HEALTHNET/1U1k0Hlx6ZW6IFa4nN3lR_y-d9c.roa Signing time: Mon 10 Feb 2025 14:11:11 +0000 ROA not before: Mon 10 Feb 2025 14:11:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4782 IP address blocks: 203.65.128.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HEALTHNET/Q_9cksxJUKRXpzJ9Fo-8RlshgyI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HEALTHNET/Q_9cksxJUKRXpzJ9Fo-8RlshgyI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Q_9cksxJUKRXpzJ9Fo-8RlshgyI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 03:18:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3222 (0xc96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43FF5C92CC4950A457A7327D168FBC465B218322 Validity Not Before: Feb 10 14:11:11 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D54D64D07971E995BA2056B89CDDE547FCBE77D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:00:a5:a1:02:22:2b:3e:87:eb:59:23:a6:d6: 11:42:9f:4f:31:73:c9:77:de:7b:36:33:b3:8b:85: ef:a1:0a:54:a2:54:5d:e7:ad:3f:7a:76:0a:00:65: 0a:66:66:b0:11:99:f6:67:00:4d:7a:07:8c:43:67: 9a:1a:64:ff:73:1f:45:f4:0b:ef:64:36:3a:6e:46: 40:39:99:01:71:d2:01:9f:86:4d:80:2d:6e:df:33: f4:f2:1a:1b:f1:4a:4a:37:3d:b0:46:b4:fa:ab:98: 69:3c:83:a0:b3:11:66:cd:4e:fa:38:fc:bd:94:4e: f0:34:1f:55:c0:58:92:47:bb:ce:d7:d6:5f:2b:b2: 03:8f:5e:97:2c:c2:49:37:7b:5e:7d:64:4f:02:f9: d6:fa:ad:45:59:28:0e:7c:5f:ea:2b:d9:eb:fd:11: 04:7a:8a:0b:ad:46:40:7f:60:85:ed:69:57:1d:27: a6:06:8f:8a:c7:07:b9:3e:a2:4d:b6:a9:ee:25:f1: 2c:d0:5d:28:8b:e9:6a:a6:6f:55:3e:06:8a:44:b3: 27:a5:ed:41:ec:21:62:13:4f:54:12:9d:7b:bc:e8: 27:e3:9f:01:11:47:f5:69:34:be:05:25:21:cf:18: 2d:ad:55:16:a5:83:3f:e7:62:7f:be:13:59:c7:15: d2:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:4D:64:D0:79:71:E9:95:BA:20:56:B8:9C:DD:E5:47:FC:BE:77:D7 X509v3 Authority Key Identifier: keyid:43:FF:5C:92:CC:49:50:A4:57:A7:32:7D:16:8F:BC:46:5B:21:83:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HEALTHNET/Q_9cksxJUKRXpzJ9Fo-8RlshgyI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Q_9cksxJUKRXpzJ9Fo-8RlshgyI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HEALTHNET/1U1k0Hlx6ZW6IFa4nN3lR_y-d9c.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.65.128.0/19 Signature Algorithm: sha256WithRSAEncryption 08:fc:3b:d9:de:f1:a8:a0:ab:cd:7b:c1:dc:4c:6a:37:fb:64: 07:32:55:a1:8c:26:4d:fd:46:c0:71:28:ec:29:ab:50:ea:f1: 11:98:a3:df:a5:64:e1:23:b2:fb:4d:6b:d3:e9:91:85:0f:d8: f2:1e:e2:1e:4a:64:06:c5:50:eb:e4:5e:0e:d0:0b:b1:2f:f8: 21:ea:01:3a:04:1b:12:07:c5:de:19:ef:b2:ae:9c:1e:2b:e4: 38:47:79:c5:e0:ef:89:40:25:85:11:a5:04:4d:79:3c:86:46: 22:d5:d2:0f:8a:ac:36:70:80:27:9f:41:01:9f:3b:15:8c:51: e9:c6:5d:db:ce:26:d8:56:d1:35:04:23:52:7e:bb:d5:ef:bd: 19:10:43:09:96:e7:29:44:a9:06:bc:71:a4:01:a7:2a:0b:16: fb:7a:2a:27:ea:20:82:90:e5:54:ed:21:50:e3:72:0a:2c:a8: 47:be:b4:5e:e9:72:e6:13:17:c1:c6:bf:e7:c7:ff:8d:e0:e0: 64:d3:92:13:26:3a:5a:a5:e3:42:54:7c:33:ff:d9:8d:9c:18: 60:7c:ac:6f:94:b9:18:70:63:dd:f4:13:f8:55:37:2b:0e:af: 09:f9:aa:35:c5:17:63:ce:c3:94:5f:8e:65:b0:ae:7e:2b:8e: ae:1e:bf:cc -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDNG RjVDOTJDQzQ5NTBBNDU3QTczMjdEMTY4RkJDNDY1QjIxODMyMjAeFw0yNTAyMTAx NDExMTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ1NEQ2NEQwNzk3MUU5 OTVCQTIwNTZCODlDRERFNTQ3RkNCRTc3RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnAKWhAiIrPofrWSOm1hFCn08xc8l33ns2M7OLhe+hClSiVF3n rT96dgoAZQpmZrARmfZnAE16B4xDZ5oaZP9zH0X0C+9kNjpuRkA5mQFx0gGfhk2A LW7fM/TyGhvxSko3PbBGtPqrmGk8g6CzEWbNTvo4/L2UTvA0H1XAWJJHu87X1l8r sgOPXpcswkk3e159ZE8C+db6rUVZKA58X+or2ev9EQR6igutRkB/YIXtaVcdJ6YG j4rHB7k+ok22qe4l8SzQXSiL6Wqmb1U+BopEsyel7UHsIWITT1QSnXu86CfjnwER R/VpNL4FJSHPGC2tVRalgz/nYn++E1nHFdIHAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU1U1k0Hlx6ZW6IFa4nN3lR/y+d9cwHwYDVR0jBBgwFoAUQ/9cksxJUKRXpzJ9 Fo+8RlshgyIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEVBTFRI TkVUL1FfOWNrc3hKVUtSWHB6SjlGby04UmxzaGd5SS5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvUV85Y2tzeEpVS1JYcHpKOUZvLThSbHNoZ3lJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEVBTFRITkVULzFVMWswSGx4NlpX NklGYTRuTjNsUl95LWQ5Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAXLQYAwDQYJKoZIhvcNAQELBQADggEBAAj8O9ne8aigq817wdxMajf7ZAcy VaGMJk39RsBxKOwpq1Dq8RGYo9+lZOEjsvtNa9PpkYUP2PIe4h5KZAbFUOvkXg7Q C7Ev+CHqAToEGxIHxd4Z77KunB4r5DhHecXg74lAJYURpQRNeTyGRiLV0g+KrDZw gCefQQGfOxWMUenGXdvOJthW0TUEI1J+u9XvvRkQQwmW5ylEqQa8caQBpyoLFvt6 KifqIIKQ5VTtIVDjcgosqEe+tF7pcuYTF8HGv+fH/43g4GTTkhMmOlql40JUfDP/ 2Y2cGGB8rG+UuRhwY930E/hVNysOrwn5qjXFF2POw5RfjmWwrn4rjq4ev8w= -----END CERTIFICATE-----Generated at Tue Apr 22 00:27:33 2025 by rpki-client