$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MKY/cZwPsvsBOhoZ3vRw3oOT63W9scQ.roa File: cZwPsvsBOhoZ3vRw3oOT63W9scQ.roa (raw, json) Hash identifier: Y9+6lCFc8y5bEpdJLmwnAL2UbwaBYebca3z/nVm4bO8= Subject key identifier: 71:9C:0F:B2:FB:01:3A:1A:19:DE:F4:70:DE:83:93:EB:75:BD:B1:C4 Certificate issuer: /CN=9D9E97B00D2E15C41AE7071732018C2B137E53A1 Certificate serial: 0CA0 Authority key identifier: 9D:9E:97:B0:0D:2E:15:C4:1A:E7:07:17:32:01:8C:2B:13:7E:53:A1 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/cZwPsvsBOhoZ3vRw3oOT63W9scQ.roa Signing time: Mon 10 Feb 2025 13:49:15 +0000 ROA not before: Mon 10 Feb 2025 13:49:15 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 7478 IP address blocks: 211.76.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3232 (0xca0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9D9E97B00D2E15C41AE7071732018C2B137E53A1 Validity Not Before: Feb 10 13:49:15 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=719C0FB2FB013A1A19DEF470DE8393EB75BDB1C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b8:81:bc:bf:75:f9:58:5e:6d:75:aa:f6:2c: 0e:86:3e:36:1a:03:58:9e:61:99:83:53:2c:04:9a: 89:31:b7:a8:72:56:1f:a0:e5:66:8e:7d:af:13:bc: 47:10:3a:bc:bc:b6:12:62:f7:8d:cf:46:13:cc:12: ef:19:7a:49:db:a4:31:b3:f8:1e:d3:82:9a:d6:1a: a7:69:74:f6:cc:76:4b:5c:08:74:e3:c7:15:51:7f: 61:16:37:2c:98:c1:b0:a4:e5:36:96:2d:83:1c:81: a3:80:60:3e:af:2b:e7:cb:e0:20:40:a8:34:a3:8f: 4d:b2:11:9c:84:30:68:e6:ee:9b:46:cb:a3:2a:58: 27:cb:d3:27:d2:15:13:45:24:a8:65:9a:50:24:b3: e2:c6:f4:2c:fb:85:8f:5d:05:9a:fc:2d:6e:be:3a: 5b:33:86:1e:bd:37:61:ea:39:6a:1f:e7:e1:20:68: 5a:94:3d:af:67:f6:4a:6c:46:a9:45:32:08:1f:37: 6a:f5:37:be:42:01:63:bc:46:c4:75:17:8b:cc:cd: c6:58:78:a7:c7:e1:4b:28:62:33:21:77:d3:d9:d9: 0c:24:b0:17:1e:0c:17:6e:2f:d5:fc:ec:84:95:bc: 81:96:97:13:67:16:99:74:07:97:bf:0b:ef:7f:c0: 52:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:9C:0F:B2:FB:01:3A:1A:19:DE:F4:70:DE:83:93:EB:75:BD:B1:C4 X509v3 Authority Key Identifier: keyid:9D:9E:97:B0:0D:2E:15:C4:1A:E7:07:17:32:01:8C:2B:13:7E:53:A1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/cZwPsvsBOhoZ3vRw3oOT63W9scQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.76.0.0/19 Signature Algorithm: sha256WithRSAEncryption 4e:b9:0f:a4:16:94:ce:4a:27:fe:7f:7c:a4:91:92:a0:c4:66: 20:0a:f6:c0:56:b7:4b:21:56:7b:44:11:77:56:4f:16:c4:eb: ce:ef:61:b0:d6:ce:9c:21:88:4b:c5:79:1d:67:5b:97:3c:f9: 3a:29:e9:be:c1:a6:fb:7b:b3:4a:95:2d:2b:ad:bb:6d:ea:fc: d8:04:20:d3:2d:55:ab:8c:25:81:1c:05:cc:a8:fc:ec:bd:ef: 1a:5e:14:3d:0b:41:15:95:e9:e6:76:1d:e9:79:81:80:22:00: b4:a1:cd:01:a7:dc:8b:6c:1c:16:bf:4f:08:bb:ee:7e:fa:2e: 5e:a1:1a:e3:41:11:57:0e:10:dd:78:ea:3f:e4:59:e5:5d:eb: 77:e2:a7:c6:a8:5f:bb:ee:34:68:41:42:61:e5:b3:fc:1e:0b: 2a:15:66:51:5a:dc:f7:bb:9c:b9:c9:b5:f5:92:56:c4:cb:94: a2:bd:67:0c:4c:04:eb:5a:57:2e:9d:d5:eb:89:2b:2e:39:f8: f5:cb:d9:5d:d2:6d:4c:ff:5e:08:92:f7:89:74:33:d2:82:22: 5f:07:e0:df:cd:99:95:56:26:a8:f2:66:cf:2a:a9:20:bf:66: 0b:bc:0e:ce:26:ac:8a:0c:12:91:6b:21:5c:71:69:65:92:05: e5:3e:57:55 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUQ5 RTk3QjAwRDJFMTVDNDFBRTcwNzE3MzIwMThDMkIxMzdFNTNBMTAeFw0yNTAyMTAx MzQ5MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcxOUMwRkIyRkIwMTNB MUExOURFRjQ3MERFODM5M0VCNzVCREIxQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiuIG8v3X5WF5tdar2LA6GPjYaA1ieYZmDUywEmokxt6hyVh+g 5WaOfa8TvEcQOry8thJi943PRhPMEu8ZeknbpDGz+B7TgprWGqdpdPbMdktcCHTj xxVRf2EWNyyYwbCk5TaWLYMcgaOAYD6vK+fL4CBAqDSjj02yEZyEMGjm7ptGy6Mq WCfL0yfSFRNFJKhlmlAks+LG9Cz7hY9dBZr8LW6+Olszhh69N2HqOWof5+EgaFqU Pa9n9kpsRqlFMggfN2r1N75CAWO8RsR1F4vMzcZYeKfH4UsoYjMhd9PZ2QwksBce DBduL9X87ISVvIGWlxNnFpl0B5e/C+9/wFKVAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUcZwPsvsBOhoZ3vRw3oOT63W9scQwHwYDVR0jBBgwFoAUnZ6XsA0uFcQa5wcX MgGMKxN+U6EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUtZL25a NlhzQTB1RmNRYTV3Y1hNZ0dNS3hOLVU2RS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev blo2WHNBMHVGY1FhNXdjWE1nR01LeE4tVTZFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvTUtZL2Nad1BzdnNCT2hvWjN2Unczb09UNjNX OXNjUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXTTAAwDQYJ KoZIhvcNAQELBQADggEBAE65D6QWlM5KJ/5/fKSRkqDEZiAK9sBWt0shVntEEXdW TxbE687vYbDWzpwhiEvFeR1nW5c8+Top6b7Bpvt7s0qVLSutu23q/NgEINMtVauM JYEcBcyo/Oy97xpeFD0LQRWV6eZ2Hel5gYAiALShzQGn3ItsHBa/Twi77n76Ll6h GuNBEVcOEN146j/kWeVd63fip8aoX7vuNGhBQmHls/weCyoVZlFa3Pe7nLnJtfWS VsTLlKK9ZwxMBOtaVy6d1euJKy45+PXL2V3SbUz/XgiS94l0M9KCIl8H4N/NmZVW JqjyZs8qqSC/Zgu8Ds4mrIoMEpFrIVxxaWWSBeU+V1U= -----END CERTIFICATE-----Generated at Fri Apr 18 23:46:53 2025 by rpki-client