$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MITACMDC/1tT2-7nO8mOJl5DFIB6nlGswaw0.roa File: 1tT2-7nO8mOJl5DFIB6nlGswaw0.roa (raw, json) Hash identifier: 8SfzRSDz/iRdx1pt7NYlWeiCBRUVDq6KS8N62PJsMGk= Subject key identifier: D6:D4:F6:FB:B9:CE:F2:63:89:97:90:C5:20:1E:A7:94:6B:30:6B:0D Certificate issuer: /CN=6D6C5CBFCECBA7987951112DAA187FFCB6204E26 Certificate serial: 0CA0 Authority key identifier: 6D:6C:5C:BF:CE:CB:A7:98:79:51:11:2D:AA:18:7F:FC:B6:20:4E:26 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/bWxcv87Lp5h5UREtqhh__LYgTiY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MITACMDC/1tT2-7nO8mOJl5DFIB6nlGswaw0.roa Signing time: Mon 10 Feb 2025 13:50:34 +0000 ROA not before: Mon 10 Feb 2025 13:50:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18179 IP address blocks: 211.78.240.0/20 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/MITACMDC/bWxcv87Lp5h5UREtqhh__LYgTiY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/MITACMDC/bWxcv87Lp5h5UREtqhh__LYgTiY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/bWxcv87Lp5h5UREtqhh__LYgTiY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 21:18:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3232 (0xca0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6D6C5CBFCECBA7987951112DAA187FFCB6204E26 Validity Not Before: Feb 10 13:50:34 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D6D4F6FBB9CEF263899790C5201EA7946B306B0D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:17:9c:b6:fc:a0:c7:f0:7e:af:18:51:7f:11: 05:6d:36:3e:94:8f:30:2d:66:52:93:a9:2d:c2:1f: 34:32:dd:93:60:02:7c:4e:f1:91:71:f5:66:cd:d1: f8:4a:9a:4b:7e:7a:1a:f8:28:43:08:e5:35:c8:c9: 61:b5:ef:4a:2d:44:e5:82:e1:ec:71:96:9b:74:b2: 6c:69:0b:6d:99:32:94:62:69:34:f8:2b:da:62:25: b3:b3:b7:86:40:59:6a:f9:8d:6d:3a:5a:a1:57:98: d7:d5:fc:2f:ba:c9:f6:2f:1f:03:82:14:46:08:e3: d4:88:2b:c0:05:93:7a:19:ab:fc:b3:ea:f3:97:21: 26:47:3d:59:5a:92:98:31:98:5a:9b:45:d3:a0:77: 25:2e:10:4d:c7:07:38:19:d0:f1:9a:20:37:ab:ad: 2a:ca:4b:fb:cb:63:25:6b:64:aa:b9:19:1e:1c:f7: 75:39:cd:ec:fd:2b:f5:da:14:22:94:5c:b9:1c:b8: 99:d2:13:46:5d:b1:2b:a8:38:e0:a6:d7:55:05:70: 8d:b0:2d:4c:c6:09:dd:46:4f:aa:e2:14:ca:c0:22: db:d6:03:2f:98:59:d6:53:d0:4e:49:9d:d7:25:2c: d3:dd:b5:f5:76:97:da:b6:8c:20:f4:9e:8a:97:69: 75:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:D4:F6:FB:B9:CE:F2:63:89:97:90:C5:20:1E:A7:94:6B:30:6B:0D X509v3 Authority Key Identifier: keyid:6D:6C:5C:BF:CE:CB:A7:98:79:51:11:2D:AA:18:7F:FC:B6:20:4E:26 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MITACMDC/bWxcv87Lp5h5UREtqhh__LYgTiY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/bWxcv87Lp5h5UREtqhh__LYgTiY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MITACMDC/1tT2-7nO8mOJl5DFIB6nlGswaw0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.78.240.0/20 Signature Algorithm: sha256WithRSAEncryption 95:77:74:61:be:3f:35:10:71:ff:01:0d:5c:ec:28:3d:1d:72: 3d:7f:8e:2d:a2:26:85:6e:bf:cd:9f:80:dd:0e:17:4a:8b:ea: 70:87:18:17:6f:14:fd:a4:98:b6:b5:e2:19:3a:06:8c:45:24: 3f:4c:d0:47:f3:27:da:85:9c:eb:49:4f:f9:99:f4:04:5a:ae: 79:1b:c1:b8:48:30:0e:5d:a0:9c:20:c9:52:d0:a8:88:c2:2a: c7:25:6b:d9:4e:e5:d5:98:d3:81:20:b6:59:7f:b3:a2:90:df: 80:db:af:16:1a:3a:ed:8c:19:08:c8:cc:eb:32:04:38:bf:fb: 11:e1:73:93:e1:0b:f9:47:ad:f6:17:ae:15:f6:2a:52:01:73: 9d:f7:ff:02:82:01:c0:af:46:aa:96:0c:46:9b:4b:62:37:bb: d1:9b:97:a5:ea:8b:e3:a2:61:53:24:c7:b2:4d:6e:86:6a:eb: e8:aa:2f:4e:8b:5b:e9:47:de:cc:6e:a9:db:55:e8:b2:09:7d: fd:c1:10:49:94:94:e0:c9:a2:86:2f:0a:32:2b:36:db:f5:19: 7a:b7:8c:ab:0b:21:81:94:2f:10:9a:4f:07:e1:5a:a2:6d:d8: 2a:96:73:ae:37:af:27:79:d4:db:2b:c1:42:3d:df:30:f6:10: ed:53:33:d8 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkQ2 QzVDQkZDRUNCQTc5ODc5NTExMTJEQUExODdGRkNCNjIwNEUyNjAeFw0yNTAyMTAx MzUwMzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ2RDRGNkZCQjlDRUYy NjM4OTk3OTBDNTIwMUVBNzk0NkIzMDZCMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBF5y2/KDH8H6vGFF/EQVtNj6UjzAtZlKTqS3CHzQy3ZNgAnxO 8ZFx9WbN0fhKmkt+ehr4KEMI5TXIyWG170otROWC4exxlpt0smxpC22ZMpRiaTT4 K9piJbOzt4ZAWWr5jW06WqFXmNfV/C+6yfYvHwOCFEYI49SIK8AFk3oZq/yz6vOX ISZHPVlakpgxmFqbRdOgdyUuEE3HBzgZ0PGaIDerrSrKS/vLYyVrZKq5GR4c93U5 zez9K/XaFCKUXLkcuJnSE0ZdsSuoOOCm11UFcI2wLUzGCd1GT6riFMrAItvWAy+Y WdZT0E5JndclLNPdtfV2l9q2jCD0noqXaXUZAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU1tT2+7nO8mOJl5DFIB6nlGswaw0wHwYDVR0jBBgwFoAUbWxcv87Lp5h5UREt qhh//LYgTiYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUlUQUNN REMvYld4Y3Y4N0xwNWg1VVJFdHFoaF9fTFlnVGlZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9iV3hjdjg3THA1aDVVUkV0cWhoX19MWWdUaVkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NSVRBQ01EQy8xdFQyLTduTzhtT0ps NURGSUI2bmxHc3dhdzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQE007wMA0GCSqGSIb3DQEBCwUAA4IBAQCVd3Rhvj81EHH/AQ1c7Cg9HXI9f44t oiaFbr/Nn4DdDhdKi+pwhxgXbxT9pJi2teIZOgaMRSQ/TNBH8yfahZzrSU/5mfQE Wq55G8G4SDAOXaCcIMlS0KiIwirHJWvZTuXVmNOBILZZf7OikN+A268WGjrtjBkI yMzrMgQ4v/sR4XOT4Qv5R632F64V9ipSAXOd9/8CggHAr0aqlgxGm0tiN7vRm5el 6ovjomFTJMeyTW6Gauvoqi9Oi1vpR97MbqnbVeiyCX39wRBJlJTgyaKGLwoyKzbb 9Rl6t4yrCyGBlC8Qmk8H4VqibdgqlnOuN68nedTbK8FCPd8w9hDtUzPY -----END CERTIFICATE-----Generated at Tue Apr 22 19:04:04 2025 by rpki-client