$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/flzLDX0XTBwV1EDDQlivvODYLW0.roa File: flzLDX0XTBwV1EDDQlivvODYLW0.roa (raw, json) Hash identifier: qMYYCb6jkjkxcl1R+jxMJAExVzMCCf0ZX65wsYAxMB0= Subject key identifier: 7E:5C:CB:0D:7D:17:4C:1C:15:D4:40:C3:42:58:AF:BC:E0:D8:2D:6D Certificate issuer: /CN=602CBCE32DD76D0BB39F5A706324248869119435 Certificate serial: 0C97 Authority key identifier: 60:2C:BC:E3:2D:D7:6D:0B:B3:9F:5A:70:63:24:24:88:69:11:94:35 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YCy84y3XbQuzn1pwYyQkiGkRlDU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/flzLDX0XTBwV1EDDQlivvODYLW0.roa Signing time: Mon 10 Feb 2025 14:16:37 +0000 ROA not before: Mon 10 Feb 2025 14:16:37 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131587 IP address blocks: 2400:d580::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/YCy84y3XbQuzn1pwYyQkiGkRlDU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3223 (0xc97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=602CBCE32DD76D0BB39F5A706324248869119435 Validity Not Before: Feb 10 14:16:37 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=7E5CCB0D7D174C1C15D440C34258AFBCE0D82D6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:11:a6:f5:e3:dc:9c:07:0e:e0:fa:84:6e:ad: 19:fc:9b:53:87:0f:e2:a9:4a:5c:84:a4:a2:a7:d2: a0:86:9d:16:35:72:cc:8d:9e:76:f6:39:42:af:57: 6d:58:76:75:a7:1a:2e:01:19:7c:71:cd:b5:b7:68: bb:4a:a5:e4:2a:53:95:da:b5:c1:0a:3f:4c:6a:52: 77:d5:46:1e:0c:6d:8e:0b:8a:8b:ed:db:ff:57:a0: 86:e0:d4:27:86:47:7b:bd:0c:59:a3:ee:62:a4:29: 38:74:8c:62:6c:34:27:f9:73:04:6c:63:66:17:43: ec:55:6c:34:cc:3d:2f:88:38:60:22:fd:91:26:8d: 77:b5:5c:eb:10:fc:58:d3:bf:ea:84:5f:ab:d3:9e: 4d:0d:f7:48:d7:63:f3:16:92:02:66:ad:9f:ec:45: cd:15:22:dd:90:15:62:f7:73:a1:17:82:2b:94:be: 07:e9:2f:fa:8d:5e:4e:5f:ba:14:13:0e:3a:a6:fe: 32:cc:6e:9f:71:e1:bc:49:4d:af:3d:a1:62:1a:d5: dc:46:26:9d:ad:f9:39:fb:0d:b9:3e:89:c9:d9:5a: 7e:ef:24:89:c1:6e:4f:65:e8:34:9e:8d:68:79:49: a9:69:00:40:f0:ca:02:10:5e:1f:e4:ea:90:92:23: ca:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:5C:CB:0D:7D:17:4C:1C:15:D4:40:C3:42:58:AF:BC:E0:D8:2D:6D X509v3 Authority Key Identifier: keyid:60:2C:BC:E3:2D:D7:6D:0B:B3:9F:5A:70:63:24:24:88:69:11:94:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YCy84y3XbQuzn1pwYyQkiGkRlDU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/flzLDX0XTBwV1EDDQlivvODYLW0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:d580::/32 Signature Algorithm: sha256WithRSAEncryption 38:a7:26:a3:e8:b0:31:56:77:9a:37:10:6f:51:db:5d:a3:4f: 1b:04:48:be:9c:7d:92:c3:bf:41:17:49:45:f7:57:64:68:21: 31:5c:78:7f:e0:cb:19:57:ac:83:32:7f:4e:ad:98:8c:09:92: e1:76:0d:98:33:f9:28:39:63:3e:91:07:09:e3:f6:08:4b:d3: 1c:78:ea:70:c4:48:92:dd:3f:e7:ce:8f:21:3f:45:db:4d:7e: 9e:84:a5:40:a3:a8:95:67:b5:25:40:96:6a:6e:c5:17:82:b3: 40:79:d4:99:c1:7b:63:e5:0e:94:b3:fd:a8:a6:04:a3:3c:13: 07:d4:82:a5:1a:cc:f1:21:f6:2c:de:a8:c3:97:39:b7:89:10: b5:e0:35:9e:d2:6e:0a:f9:ed:1d:46:8e:22:27:74:a6:93:fd: 1a:dc:4b:89:d5:d7:d3:8e:4b:7d:58:b8:04:fd:e7:48:c5:42: 6a:30:99:05:2e:f2:4f:9b:25:16:8b:0f:37:96:52:34:e9:f8: 30:2c:90:2d:83:7f:b3:6c:e1:64:98:5a:1d:f1:71:c3:40:b8: 5a:75:9a:72:29:15:d1:ba:c9:b8:44:37:20:12:59:de:57:78: 93:16:f6:a3:84:68:2c:e8:6c:87:f6:09:85:67:4e:61:c2:6f: 87:b1:bd:c2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDJcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjAy Q0JDRTMyREQ3NkQwQkIzOUY1QTcwNjMyNDI0ODg2OTExOTQzNTAeFw0yNTAyMTAx NDE2MzdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdFNUNDQjBEN0QxNzRD MUMxNUQ0NDBDMzQyNThBRkJDRTBEODJENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlEab149ycBw7g+oRurRn8m1OHD+KpSlyEpKKn0qCGnRY1csyN nnb2OUKvV21YdnWnGi4BGXxxzbW3aLtKpeQqU5XatcEKP0xqUnfVRh4MbY4Liovt 2/9XoIbg1CeGR3u9DFmj7mKkKTh0jGJsNCf5cwRsY2YXQ+xVbDTMPS+IOGAi/ZEm jXe1XOsQ/FjTv+qEX6vTnk0N90jXY/MWkgJmrZ/sRc0VIt2QFWL3c6EXgiuUvgfp L/qNXk5fuhQTDjqm/jLMbp9x4bxJTa89oWIa1dxGJp2t+Tn7Dbk+icnZWn7vJInB bk9l6DSejWh5SalpAEDwygIQXh/k6pCSI8rrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUflzLDX0XTBwV1EDDQlivvODYLW0wHwYDVR0jBBgwFoAUYCy84y3XbQuzn1pw YyQkiGkRlDUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVHQUlD QkMvWUN5ODR5M1hiUXV6bjFwd1l5UWtpR2tSbERVLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ZQ3k4NHkzWGJRdXpuMXB3WXlRa2lHa1JsRFUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRUdBSUNCQy9mbHpMRFgwWFRCd1Yx RUREUWxpdnZPRFlMVzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUAJADVgDANBgkqhkiG9w0BAQsFAAOCAQEAOKcmo+iwMVZ3mjcQb1HbXaNPGwRI vpx9ksO/QRdJRfdXZGghMVx4f+DLGVesgzJ/Tq2YjAmS4XYNmDP5KDljPpEHCeP2 CEvTHHjqcMRIkt0/586PIT9F201+noSlQKOolWe1JUCWam7FF4KzQHnUmcF7Y+UO lLP9qKYEozwTB9SCpRrM8SH2LN6ow5c5t4kQteA1ntJuCvntHUaOIid0ppP9GtxL idXX045LfVi4BP3nSMVCajCZBS7yT5slFosPN5ZSNOn4MCyQLYN/s2zhZJhaHfFx w0C4WnWacikV0brJuEQ3IBJZ3ld4kxb2o4RoLOhsh/YJhWdOYcJvh7G9wg== -----END CERTIFICATE-----Generated at Fri Apr 18 23:52:41 2025 by rpki-client