$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/M2NIM/du4lgNZNcU-9k1UU7JcsqBof2jM.roa File: du4lgNZNcU-9k1UU7JcsqBof2jM.roa (raw, json) Hash identifier: hpFpvs5Rx6NoESD8s4evZu6YhXJotHyoLqjRcpkK7rQ= Subject key identifier: 76:EE:25:80:D6:4D:71:4F:BD:93:55:14:EC:97:2C:A8:1A:1F:DA:33 Certificate issuer: /CN=07D3E73EC5EB3D704863889E221845B7695D409C Certificate serial: F1 Authority key identifier: 07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/du4lgNZNcU-9k1UU7JcsqBof2jM.roa Signing time: Mon 10 Feb 2025 13:45:55 +0000 ROA not before: Mon 10 Feb 2025 13:45:55 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 139358 IP address blocks: 157.20.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 02:06:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 241 (0xf1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=07D3E73EC5EB3D704863889E221845B7695D409C Validity Not Before: Feb 10 13:45:55 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=76EE2580D64D714FBD935514EC972CA81A1FDA33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:42:13:66:2c:bd:53:c2:30:6f:0c:02:ab:eb: 78:5b:c2:88:c9:6a:22:36:81:06:fc:43:49:7f:44: e1:af:4f:2b:90:88:01:be:3e:5c:65:99:93:96:8e: 73:f2:54:bd:e3:0b:4d:84:32:1f:91:8f:04:c3:bf: c3:48:29:b5:ff:73:ce:2f:ab:36:68:a2:db:3a:c4: ce:2a:73:1b:50:9f:27:96:ed:ce:1a:55:71:61:51: 7f:3f:bc:8e:05:d9:55:4d:0b:e8:e4:37:9c:13:87: 56:ec:55:33:f5:6f:bb:c3:19:cc:e1:f5:2b:9c:8e: 43:d3:f1:e3:c4:01:c3:97:a3:41:64:5b:8b:45:57: fd:b4:c4:a5:ce:34:55:91:85:a4:d4:c8:9b:cd:55: 8d:f7:f5:18:28:43:d0:4e:fb:9f:6e:d2:61:ab:32: 9e:3d:33:53:0f:81:9e:60:8b:af:2b:af:38:4e:8e: 03:c0:75:3f:62:fb:e1:31:33:d3:10:3d:4e:20:52: f1:f8:ee:f6:1e:c0:52:03:27:ee:8f:1e:60:66:fc: b0:23:35:66:0b:ba:69:f6:1c:f9:f2:8e:83:8e:36: 1d:14:e8:27:d1:ba:bf:0c:35:1b:1a:f7:ec:e4:02: ae:07:db:4f:cd:3a:97:58:54:52:59:e1:ff:dd:52: 91:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:EE:25:80:D6:4D:71:4F:BD:93:55:14:EC:97:2C:A8:1A:1F:DA:33 X509v3 Authority Key Identifier: keyid:07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/du4lgNZNcU-9k1UU7JcsqBof2jM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.135.0/24 Signature Algorithm: sha256WithRSAEncryption 01:ad:60:af:dd:26:8d:da:c5:30:3a:42:68:26:e0:24:38:e9: 79:9e:f5:82:1f:16:2e:90:5f:b1:f1:08:4e:12:64:69:65:8e: af:b0:6c:45:92:c8:60:d2:f3:cf:5f:96:a3:49:bf:7f:be:af: 0b:b2:ed:80:e5:bd:91:ab:6c:28:b5:4e:7c:26:91:22:d2:2a: d1:5c:a4:28:d3:f9:d7:91:58:98:02:cb:b2:e4:68:38:4f:52: 1b:2b:5b:dc:d7:77:07:f7:2a:96:99:d0:58:bc:e1:c3:c0:5a: 42:84:ec:8f:4a:44:0c:f0:17:75:f0:b6:a7:86:49:a5:a8:fc: cd:40:9e:0f:22:71:eb:13:83:e5:1e:12:56:7a:b5:2f:4f:db: 67:39:ac:7f:c6:5b:fc:8a:ee:31:ad:28:6c:ef:3f:ec:31:7e: 13:10:de:50:3b:9c:ba:0d:9c:dd:71:5a:61:d9:2c:60:cb:11: b4:9d:bf:88:b8:31:53:08:57:f7:c2:1a:32:bf:6c:57:94:8f: 9e:ef:b2:24:10:ab:0d:33:cb:55:b7:8e:24:bd:f3:7d:0b:ae: 62:4d:6d:eb:b1:c0:bf:7e:8d:6e:be:00:99:36:90:1e:9f:33: 1b:09:f2:c0:66:4e:aa:1c:6c:bc:fe:fc:92:ae:d9:43:41:df: 9f:70:4f:5a -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdE M0U3M0VDNUVCM0Q3MDQ4NjM4ODlFMjIxODQ1Qjc2OTVENDA5QzAeFw0yNTAyMTAx MzQ1NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc2RUUyNTgwRDY0RDcx NEZCRDkzNTUxNEVDOTcyQ0E4MUExRkRBMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdQhNmLL1TwjBvDAKr63hbwojJaiI2gQb8Q0l/ROGvTyuQiAG+ PlxlmZOWjnPyVL3jC02EMh+RjwTDv8NIKbX/c84vqzZoots6xM4qcxtQnyeW7c4a VXFhUX8/vI4F2VVNC+jkN5wTh1bsVTP1b7vDGczh9SucjkPT8ePEAcOXo0FkW4tF V/20xKXONFWRhaTUyJvNVY339RgoQ9BO+59u0mGrMp49M1MPgZ5gi68rrzhOjgPA dT9i++ExM9MQPU4gUvH47vYewFIDJ+6PHmBm/LAjNWYLumn2HPnyjoOONh0U6CfR ur8MNRsa9+zkAq4H20/NOpdYVFJZ4f/dUpHdAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUdu4lgNZNcU+9k1UU7JcsqBof2jMwHwYDVR0jBBgwFoAUB9PnPsXrPXBIY4ie IhhFt2ldQJwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTTJOSU0v QjlQblBzWHJQWEJJWTRpZUloaEZ0MmxkUUp3LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9COVBuUHNYclBYQklZNGllSWhoRnQybGRRSncuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NMk5JTS9kdTRsZ05aTmNVLTlrMVVVN0pj c3FCb2Yyak0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRSH MA0GCSqGSIb3DQEBCwUAA4IBAQABrWCv3SaN2sUwOkJoJuAkOOl5nvWCHxYukF+x 8QhOEmRpZY6vsGxFkshg0vPPX5ajSb9/vq8Lsu2A5b2Rq2wotU58JpEi0irRXKQo 0/nXkViYAsuy5Gg4T1IbK1vc13cH9yqWmdBYvOHDwFpChOyPSkQM8Bd18Lanhkml qPzNQJ4PInHrE4PlHhJWerUvT9tnOax/xlv8iu4xrShs7z/sMX4TEN5QO5y6DZzd cVph2SxgyxG0nb+IuDFTCFf3whoyv2xXlI+e77IkEKsNM8tVt44kvfN9C65iTW3r scC/fo1uvgCZNpAenzMbCfLAZk6qHGy8/vySrtlDQd+fcE9a -----END CERTIFICATE-----Generated at Sat Apr 5 22:24:46 2025 by rpki-client