$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/AOv69UsHHgpCV9hQxZ8DYFvW8N0.roa File: AOv69UsHHgpCV9hQxZ8DYFvW8N0.roa (raw, json) Hash identifier: ws92WPMzpFMn0rNkx9rAwD3umuOdkEOAF80TYgJWXZE= Subject key identifier: 00:EB:FA:F5:4B:07:1E:0A:42:57:D8:50:C5:9F:03:60:5B:D6:F0:DD Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 0F75 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/AOv69UsHHgpCV9hQxZ8DYFvW8N0.roa Signing time: Mon 10 Feb 2025 14:08:06 +0000 ROA not before: Mon 10 Feb 2025 14:08:06 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9919 IP address blocks: 192.72.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 02:06:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3957 (0xf75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Feb 10 14:08:06 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=00EBFAF54B071E0A4257D850C59F03605BD6F0DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:be:ce:ca:5b:96:95:cf:6a:81:e5:61:9b:dd: 12:8e:3a:3e:e3:be:e2:43:ea:0d:69:8b:78:9c:7d: 6b:ea:75:a9:d1:d4:c6:7d:89:70:63:53:b9:dd:b2: 28:1f:aa:13:f9:19:f4:9a:78:b1:1e:03:a8:39:5f: 40:0c:9c:05:3b:b4:6f:e1:38:9d:74:ec:e0:02:61: 7d:28:35:ad:11:be:2c:e6:f7:75:a1:ef:ab:9d:7d: eb:61:31:6f:fe:e2:9e:8e:fb:ef:71:11:f5:12:83: 2e:71:54:9f:ea:62:9d:54:5c:44:73:63:1a:8f:34: b6:1e:bf:e9:7a:3a:69:fd:10:19:a3:1c:c6:ab:e1: 0b:d2:b9:65:1a:14:e9:1e:ad:48:15:1f:19:cc:78: 0a:50:65:c7:af:81:af:42:3d:14:44:8e:c4:3b:dd: 5e:f3:83:be:9a:9f:f7:9c:d2:d7:94:22:51:29:f6: b8:47:2a:79:22:fb:52:b4:40:1e:7a:2d:f2:5b:03: 8b:7c:ab:d6:1f:53:16:1f:4c:66:5c:a5:b3:81:a1: 46:3d:6c:d1:6a:26:17:29:be:f1:1b:e3:1d:cf:f0: 9b:f8:1f:97:d1:68:aa:08:b7:b1:c2:c3:f0:06:9d: 75:43:68:64:c4:c5:b6:d2:7c:c5:f3:80:e0:fc:1c: 07:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:EB:FA:F5:4B:07:1E:0A:42:57:D8:50:C5:9F:03:60:5B:D6:F0:DD X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/AOv69UsHHgpCV9hQxZ8DYFvW8N0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.8.0/21 Signature Algorithm: sha256WithRSAEncryption 9b:85:6d:f4:d7:36:5c:c4:03:f7:7d:0e:78:c7:1f:cb:1c:a3: dc:82:7c:3e:2a:62:ba:c9:f7:07:01:46:2f:85:b4:d6:44:2a: bf:b2:8d:1b:58:9c:ef:d3:24:c7:13:20:c2:a8:d6:43:cd:ef: c4:fd:de:ab:87:b5:9c:f1:a0:01:5f:b4:7f:70:ad:79:b8:f9: 30:72:83:04:70:41:9f:0e:46:5d:84:0f:c2:38:03:e0:e8:87: 8b:21:fe:50:2a:a2:e0:b6:8c:7f:67:05:ed:e7:85:5d:0e:4e: c5:2c:42:de:fb:3f:d9:a5:6b:1f:11:fb:23:35:ab:ef:57:21: 23:05:7d:05:f7:3b:e5:a1:69:b0:ec:d7:8a:c4:fd:09:76:39: 94:49:3f:f2:97:82:e2:39:0a:5a:fc:15:10:8f:42:7d:0c:da: ac:e8:2c:2c:fd:91:ce:f2:ca:be:05:63:3d:97:2e:db:7e:62: 65:37:40:75:d3:66:f6:5a:a7:c5:6e:d0:3e:b2:76:64:4f:a6: 78:04:e5:3f:a6:0e:4c:cf:1a:6a:93:fd:a4:a3:9b:cf:80:64: 6a:1d:f4:b8:b0:32:1f:98:8d:4e:8d:c8:7d:32:e9:f7:37:18: 8e:fb:05:6d:29:1e:80:fe:a0:5b:2b:a3:e9:a1:88:5a:ca:80: ac:19:62:bc -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD3UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx NDA4MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDAwRUJGQUY1NEIwNzFF MEE0MjU3RDg1MEM1OUYwMzYwNUJENkYwREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZvs7KW5aVz2qB5WGb3RKOOj7jvuJD6g1pi3icfWvqdanR1MZ9 iXBjU7ndsigfqhP5GfSaeLEeA6g5X0AMnAU7tG/hOJ107OACYX0oNa0Rvizm93Wh 76udfethMW/+4p6O++9xEfUSgy5xVJ/qYp1UXERzYxqPNLYev+l6Omn9EBmjHMar 4QvSuWUaFOkerUgVHxnMeApQZcevga9CPRREjsQ73V7zg76an/ec0teUIlEp9rhH Knki+1K0QB56LfJbA4t8q9YfUxYfTGZcpbOBoUY9bNFqJhcpvvEb4x3P8Jv4H5fR aKoIt7HCw/AGnXVDaGTExbbSfMXzgOD8HAdZAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUAOv69UsHHgpCV9hQxZ8DYFvW8N0wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQU92NjlVc0hIZ3BDVjloUXhaOERZ RnZXOE4wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BICDAN BgkqhkiG9w0BAQsFAAOCAQEAm4Vt9Nc2XMQD930OeMcfyxyj3IJ8Pipiusn3BwFG L4W01kQqv7KNG1ic79MkxxMgwqjWQ83vxP3eq4e1nPGgAV+0f3Ctebj5MHKDBHBB nw5GXYQPwjgD4OiHiyH+UCqi4LaMf2cF7eeFXQ5OxSxC3vs/2aVrHxH7IzWr71ch IwV9Bfc75aFpsOzXisT9CXY5lEk/8peC4jkKWvwVEI9CfQzarOgsLP2RzvLKvgVj PZcu235iZTdAddNm9lqnxW7QPrJ2ZE+meATlP6YOTM8aapP9pKObz4Bkah30uLAy H5iNTo3IfTLp9zcYjvsFbSkegP6gWyuj6aGIWsqArBlivA== -----END CERTIFICATE-----Generated at Sat Apr 5 23:14:30 2025 by rpki-client