$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LEEMON/HTwIbTzQYV5LgXHYQpWpRc3vxvY.roa File: HTwIbTzQYV5LgXHYQpWpRc3vxvY.roa (raw, json) Hash identifier: HRumr5sF6S/ZkgMzDqZzIgAGidgleAAnyzcM4xrPpBM= Subject key identifier: 1D:3C:08:6D:3C:D0:61:5E:4B:81:71:D8:42:95:A9:45:CD:EF:C6:F6 Certificate issuer: /CN=0486F1D511D2C22EC95994B123B3A24962C1E327 Certificate serial: 0209 Authority key identifier: 04:86:F1:D5:11:D2:C2:2E:C9:59:94:B1:23:B3:A2:49:62:C1:E3:27 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/BIbx1RHSwi7JWZSxI7OiSWLB4yc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LEEMON/HTwIbTzQYV5LgXHYQpWpRc3vxvY.roa Signing time: Mon 10 Feb 2025 14:02:21 +0000 ROA not before: Mon 10 Feb 2025 14:02:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9915 IP address blocks: 103.67.161.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/LEEMON/BIbx1RHSwi7JWZSxI7OiSWLB4yc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/LEEMON/BIbx1RHSwi7JWZSxI7OiSWLB4yc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/BIbx1RHSwi7JWZSxI7OiSWLB4yc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 521 (0x209) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0486F1D511D2C22EC95994B123B3A24962C1E327 Validity Not Before: Feb 10 14:02:21 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1D3C086D3CD0615E4B8171D84295A945CDEFC6F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:23:07:33:36:a1:23:62:17:3f:6c:74:5f:f8: f1:ed:f4:eb:99:1b:65:dd:52:5a:9a:12:11:ac:04: 1b:e5:a4:39:2e:c2:ae:bd:51:e9:28:96:6c:de:33: 88:55:4b:c7:c8:bb:aa:db:87:6a:23:e1:55:1c:13: 4c:d2:d2:06:51:a5:50:7e:19:bf:dd:34:af:74:23: 61:1d:8b:f3:86:01:f8:c3:cd:a1:ee:67:dd:97:c3: d1:9c:dd:32:9e:6f:92:66:b7:0f:8d:2e:32:7b:d7: e1:50:5c:c4:c9:2b:f1:82:c2:af:3e:c1:f6:8b:ff: bd:dd:73:48:cc:11:6a:e0:28:a7:54:e6:81:0f:69: 5b:cf:4a:1f:c7:98:0b:3d:1f:aa:3a:a2:2b:5f:d6: af:4c:39:65:63:6c:4c:09:93:27:e5:6c:dc:3e:20: b5:c7:6c:97:48:49:93:8c:2e:2d:7e:5d:11:d7:45: 90:0a:be:9a:85:df:1f:e5:1a:93:68:b3:b0:e9:77: 9e:15:58:8d:ce:a1:b8:19:8e:46:dc:e4:76:1c:60: 15:a5:d5:fc:58:07:6a:03:f2:4f:13:4f:d1:ca:18: 25:34:b5:d1:42:32:d0:08:2e:d8:08:09:1c:7b:30: ce:7f:96:17:fa:2c:09:77:2f:1a:c6:17:79:6f:c7: c6:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:3C:08:6D:3C:D0:61:5E:4B:81:71:D8:42:95:A9:45:CD:EF:C6:F6 X509v3 Authority Key Identifier: keyid:04:86:F1:D5:11:D2:C2:2E:C9:59:94:B1:23:B3:A2:49:62:C1:E3:27 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LEEMON/BIbx1RHSwi7JWZSxI7OiSWLB4yc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BIbx1RHSwi7JWZSxI7OiSWLB4yc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LEEMON/HTwIbTzQYV5LgXHYQpWpRc3vxvY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.67.161.0/24 Signature Algorithm: sha256WithRSAEncryption 38:be:88:ba:c7:0e:1c:d3:73:b6:17:28:15:0d:b4:b2:0d:5f: 47:f9:9e:d4:ca:a6:74:b8:8d:ce:b0:a3:ef:b9:48:fd:5f:ce: 03:bb:8c:bf:26:0d:53:8c:a1:4a:d0:ae:84:63:04:e5:2b:54: 39:18:2d:51:55:d5:0e:5c:74:ef:cb:80:85:5a:f0:4c:ee:40: b9:e3:d4:73:d5:5f:0f:aa:dc:21:67:42:58:0c:ee:61:a2:a0: 98:c6:a1:cb:d9:1f:f1:fa:3c:55:c7:c0:11:97:c2:31:9f:20: 02:62:52:7d:9a:44:5d:ba:99:57:f0:a6:63:22:31:17:db:cb: d8:51:de:63:b3:41:9a:d7:50:ac:dd:15:32:1c:98:01:41:c6: 84:59:46:fd:c8:ea:9c:27:e0:4e:7d:49:d5:61:6b:3c:a2:17: e5:2c:34:b2:62:30:49:89:e2:4e:3e:dd:b2:53:37:ee:8c:9b: 9f:7d:8c:20:02:e9:60:c7:df:12:c4:d2:a6:c5:98:1d:bc:7a: 78:a7:85:2b:6a:48:89:d6:79:98:88:01:63:66:64:70:97:7e: d9:5c:6f:47:b5:6e:16:5b:03:d0:c0:22:7b:6d:68:3b:e3:5f: 7f:85:a5:27:bf:8e:87:46:ad:09:0b:d9:1b:93:32:d0:a3:30: 5c:9e:3f:08 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICAgkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDQ4 NkYxRDUxMUQyQzIyRUM5NTk5NEIxMjNCM0EyNDk2MkMxRTMyNzAeFw0yNTAyMTAx NDAyMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFEM0MwODZEM0NEMDYx NUU0QjgxNzFEODQyOTVBOTQ1Q0RFRkM2RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0IwczNqEjYhc/bHRf+PHt9OuZG2XdUlqaEhGsBBvlpDkuwq69 UekolmzeM4hVS8fIu6rbh2oj4VUcE0zS0gZRpVB+Gb/dNK90I2Edi/OGAfjDzaHu Z92Xw9Gc3TKeb5Jmtw+NLjJ71+FQXMTJK/GCwq8+wfaL/73dc0jMEWrgKKdU5oEP aVvPSh/HmAs9H6o6oitf1q9MOWVjbEwJkyflbNw+ILXHbJdISZOMLi1+XRHXRZAK vpqF3x/lGpNos7Dpd54VWI3OobgZjkbc5HYcYBWl1fxYB2oD8k8TT9HKGCU0tdFC MtAILtgICRx7MM5/lhf6LAl3LxrGF3lvx8aRAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUHTwIbTzQYV5LgXHYQpWpRc3vxvYwHwYDVR0jBBgwFoAUBIbx1RHSwi7JWZSx I7OiSWLB4ycwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVFTU9O L0JJYngxUkhTd2k3SldaU3hJN09pU1dMQjR5Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQklieDFSSFN3aTdKV1pTeEk3T2lTV0xCNHljLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVFTU9OL0hUd0liVHpRWVY1TGdYSFlR cFdwUmMzdnh2WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn Q6EwDQYJKoZIhvcNAQELBQADggEBADi+iLrHDhzTc7YXKBUNtLINX0f5ntTKpnS4 jc6wo++5SP1fzgO7jL8mDVOMoUrQroRjBOUrVDkYLVFV1Q5cdO/LgIVa8EzuQLnj 1HPVXw+q3CFnQlgM7mGioJjGocvZH/H6PFXHwBGXwjGfIAJiUn2aRF26mVfwpmMi MRfby9hR3mOzQZrXUKzdFTIcmAFBxoRZRv3I6pwn4E59SdVhazyiF+UsNLJiMEmJ 4k4+3bJTN+6Mm599jCAC6WDH3xLE0qbFmB28eninhStqSInWeZiIAWNmZHCXftlc b0e1bhZbA9DAInttaDvjX3+FpSe/jodGrQkL2RuTMtCjMFyePwg= -----END CERTIFICATE-----Generated at Fri Apr 18 23:52:57 2025 by rpki-client