$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/itIZSwMsfSM_wDzRNviF8c2Tnk0.roa File: itIZSwMsfSM_wDzRNviF8c2Tnk0.roa (raw, json) Hash identifier: VCTHZJnuiO4k/aQ+IBYoXBIzA4RIrVI4vVs0F7+8Qr4= Subject key identifier: 8A:D2:19:4B:03:2C:7D:23:3F:C0:3C:D1:36:F8:85:F1:CD:93:9E:4D Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0DB1 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/itIZSwMsfSM_wDzRNviF8c2Tnk0.roa Signing time: Mon 10 Feb 2025 14:06:12 +0000 ROA not before: Mon 10 Feb 2025 14:06:12 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9416 IP address blocks: 202.151.48.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 03:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3505 (0xdb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Feb 10 14:06:12 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8AD2194B032C7D233FC03CD136F885F1CD939E4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:0c:c8:04:91:ab:68:2b:77:4e:cd:32:66:b4: e2:84:40:b8:f7:03:c1:cf:43:a7:31:13:5c:26:41: 6d:af:bc:e2:a9:d8:1c:c4:fb:2c:e2:b3:ca:11:ad: 7e:a6:e5:a0:de:94:f9:37:5f:47:7a:12:c0:64:f0: 2d:17:c6:e0:94:79:31:ed:68:00:cf:68:e1:31:94: e9:bc:0b:05:f1:97:31:04:18:ed:b5:77:59:d8:ea: b0:fc:bf:23:5b:71:60:82:61:91:00:be:f9:14:01: ec:26:5b:c5:d7:13:e7:1c:b3:b6:c3:7c:d8:73:8f: 7d:e8:3e:58:ed:04:8a:e5:f8:41:4c:0a:4c:5d:08: 20:2a:5b:7b:da:76:51:f3:ef:49:19:ab:56:0e:5a: 09:a1:7a:ec:60:e3:6c:90:c1:be:6e:09:a3:1f:99: 6b:bf:5f:2c:49:86:57:6e:ef:9b:9b:6c:a1:16:bf: c5:21:57:3f:c6:7b:ed:78:3d:c0:9f:0b:74:8d:8c: eb:28:54:a3:46:6a:a6:2a:ae:86:97:99:91:f2:2c: cd:a1:72:f0:01:36:f7:0b:4b:95:e2:3c:ae:06:e7: fa:87:04:f7:e7:b5:a1:83:6e:b3:5e:0d:10:89:cc: da:2a:e7:55:a2:00:0a:7a:47:54:27:0f:72:a5:62: a9:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:D2:19:4B:03:2C:7D:23:3F:C0:3C:D1:36:F8:85:F1:CD:93:9E:4D X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/itIZSwMsfSM_wDzRNviF8c2Tnk0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.151.48.0/20 Signature Algorithm: sha256WithRSAEncryption 09:a5:c1:77:e3:33:af:59:7c:e7:7b:9a:d9:19:86:2d:d9:67: 80:42:7d:84:5c:c0:55:25:8b:ab:42:d0:30:bc:1e:32:21:73: 0f:a7:32:ba:5a:65:7b:2a:f6:ec:fe:43:97:23:56:8d:58:3a: 6e:a8:77:56:a2:dc:a0:8d:5a:3f:7b:54:3d:22:71:9d:5f:dd: 9d:7c:78:81:65:28:cf:ee:b6:2c:fd:eb:44:52:5c:42:b4:4f: bb:b6:40:e6:20:87:8b:f6:18:24:99:41:67:c6:e3:69:e9:28: 7f:63:0e:9a:88:ce:c0:37:d6:6a:0d:2c:16:bc:30:e9:60:cc: 65:0a:69:58:16:8f:f8:b6:e6:57:c6:e3:67:71:57:ee:a0:f7: a7:ec:2a:6d:33:cb:d9:c5:25:de:b8:59:d9:8a:0c:7f:ec:68: c0:32:08:d2:ad:72:0c:71:dc:d7:91:8a:ad:76:84:89:b0:59: e1:4f:49:87:15:c7:af:c5:02:fb:56:cd:06:17:f1:fe:c7:cc: 16:49:43:a0:9a:49:50:5e:b9:e4:75:71:8e:2b:16:a5:a8:25: 5f:54:9f:6f:dd:93:13:00:01:81:ad:ca:ff:74:d2:1e:67:9c: 7e:67:82:21:c3:51:72:cd:88:88:4c:1c:34:f3:cd:7b:20:ff: 88:d2:c2:10 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDbEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTAyMTAx NDA2MTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhBRDIxOTRCMDMyQzdE MjMzRkMwM0NEMTM2Rjg4NUYxQ0Q5MzlFNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkDMgEkatoK3dOzTJmtOKEQLj3A8HPQ6cxE1wmQW2vvOKp2BzE +yzis8oRrX6m5aDelPk3X0d6EsBk8C0XxuCUeTHtaADPaOExlOm8CwXxlzEEGO21 d1nY6rD8vyNbcWCCYZEAvvkUAewmW8XXE+ccs7bDfNhzj33oPljtBIrl+EFMCkxd CCAqW3vadlHz70kZq1YOWgmheuxg42yQwb5uCaMfmWu/XyxJhldu75ubbKEWv8Uh Vz/Ge+14PcCfC3SNjOsoVKNGaqYqroaXmZHyLM2hcvABNvcLS5XiPK4G5/qHBPfn taGDbrNeDRCJzNoq51WiAAp6R1QnD3KlYql/AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUitIZSwMsfSM/wDzRNviF8c2Tnk0wHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2l0SVpTd01zZlNNX3dEelJO dmlGOGMyVG5rMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATK lzAwDQYJKoZIhvcNAQELBQADggEBAAmlwXfjM69ZfOd7mtkZhi3ZZ4BCfYRcwFUl i6tC0DC8HjIhcw+nMrpaZXsq9uz+Q5cjVo1YOm6od1ai3KCNWj97VD0icZ1f3Z18 eIFlKM/utiz960RSXEK0T7u2QOYgh4v2GCSZQWfG42npKH9jDpqIzsA31moNLBa8 MOlgzGUKaVgWj/i25lfG42dxV+6g96fsKm0zy9nFJd64WdmKDH/saMAyCNKtcgxx 3NeRiq12hImwWeFPSYcVx6/FAvtWzQYX8f7HzBZJQ6CaSVBeueR1cY4rFqWoJV9U n2/dkxMAAYGtyv900h5nnH5ngiHDUXLNiIhMHDTzzXsg/4jSwhA= -----END CERTIFICATE-----Generated at Fri Apr 18 02:26:06 2025 by rpki-client