$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/BpBRF7MIRdkKry7FPKjdRc8IFos.roa File: BpBRF7MIRdkKry7FPKjdRc8IFos.roa (raw, json) Hash identifier: sjAsGfE6Y1QOVpHd0G5lz99C9cHJKLbTrnQ1Kn6Uxgg= Subject key identifier: 06:90:51:17:B3:08:45:D9:0A:AF:2E:C5:3C:A8:DD:45:CF:08:16:8B Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 17D3 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/BpBRF7MIRdkKry7FPKjdRc8IFos.roa Signing time: Mon 10 Feb 2025 14:07:17 +0000 ROA not before: Mon 10 Feb 2025 14:07:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131602 IP address blocks: 123.205.128.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 08:37:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6099 (0x17d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Feb 10 14:07:17 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=06905117B30845D90AAF2EC53CA8DD45CF08168B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b7:2d:31:ec:3a:d5:11:3d:86:8b:72:46:4f: bf:61:ef:82:d7:69:64:e5:57:1b:8f:48:e7:29:b1: 09:51:44:e3:2c:fc:91:03:03:32:00:4f:99:9e:a7: 0f:e0:5c:23:22:f4:4d:bb:c8:f6:a6:84:97:dc:f5: ef:34:b6:4b:a9:35:56:f1:3c:41:52:5c:5b:2b:67: 6a:1f:59:75:b6:05:e8:a0:cf:04:ec:fe:a5:78:3f: bd:20:8b:2d:bc:db:55:68:9d:45:48:46:e6:e6:82: 03:fb:b0:b5:78:b4:e6:95:3d:a8:45:4e:64:02:12: 76:8b:e6:59:cb:f6:ed:ac:79:63:d7:98:cc:bb:f8: 83:ff:fd:f3:74:b4:b9:be:de:bb:44:0c:3f:7a:1e: 96:fe:a5:03:0e:18:96:e8:53:ee:cc:9c:f1:37:b8: 58:de:33:b2:53:aa:a7:44:ea:83:1e:ec:16:ca:78: 01:a9:8e:7f:3e:b8:4a:81:fd:67:97:a1:c7:ec:dd: d3:c2:f3:14:d0:18:65:1a:d0:a4:3c:ac:9c:f0:df: e8:b8:2a:b8:9f:a2:91:90:b0:46:05:02:f3:20:97: 5b:06:cc:17:c6:80:38:c6:38:99:71:dd:36:bd:f8: 46:5a:22:d8:48:ed:73:d2:5d:3b:96:bc:b2:f1:a3: 52:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:90:51:17:B3:08:45:D9:0A:AF:2E:C5:3C:A8:DD:45:CF:08:16:8B X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/BpBRF7MIRdkKry7FPKjdRc8IFos.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.205.128.0/20 Signature Algorithm: sha256WithRSAEncryption 42:05:97:68:06:4b:24:8b:65:ba:21:72:2b:53:8b:16:9d:fb: 59:df:57:26:8c:0a:cb:79:ff:b4:5c:7b:cd:b0:8e:63:01:72: c8:d2:23:63:e8:a5:30:7b:8e:fb:4d:a5:d5:cc:1f:d9:6c:10: 3d:1d:8b:bb:be:0d:5b:7d:69:77:ad:14:ee:39:f7:27:04:3a: 38:f8:a9:d8:a8:5b:cc:70:bd:65:47:6d:93:33:14:14:a7:d7: e0:96:18:95:b9:b8:bd:76:68:20:29:7f:dd:2e:25:a3:ed:48: 9f:54:4a:3b:ae:89:ef:49:9a:49:6a:6f:9d:17:9c:ed:fc:c7: 38:5d:7a:80:04:1c:39:81:b7:fd:f2:9d:77:79:d5:68:8e:42: d5:d5:8d:01:fd:6f:f5:2c:68:aa:87:3c:25:ee:78:1d:93:63: 72:3b:3c:3a:ec:a7:8a:db:d5:fb:61:2d:e0:70:dc:94:56:68: 3a:dc:aa:79:74:be:93:d6:b2:07:4f:42:3f:d0:40:f8:5a:34: 15:01:c3:82:49:63:6f:7e:5f:e6:fc:a3:42:b7:09:46:01:24: d5:e0:0a:bc:49:04:c7:c2:52:f8:f8:20:17:94:a7:93:78:5a: dd:b7:78:39:1b:45:04:c7:b3:f3:57:14:c5:c1:6d:e6:6e:e1: 43:26:0d:d9 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICF9MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx NDA3MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA2OTA1MTE3QjMwODQ1 RDkwQUFGMkVDNTNDQThERDQ1Q0YwODE2OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/ty0x7DrVET2Gi3JGT79h74LXaWTlVxuPSOcpsQlRROMs/JED AzIAT5mepw/gXCMi9E27yPamhJfc9e80tkupNVbxPEFSXFsrZ2ofWXW2BeigzwTs /qV4P70giy2821VonUVIRubmggP7sLV4tOaVPahFTmQCEnaL5lnL9u2seWPXmMy7 +IP//fN0tLm+3rtEDD96Hpb+pQMOGJboU+7MnPE3uFjeM7JTqqdE6oMe7BbKeAGp jn8+uEqB/WeXocfs3dPC8xTQGGUa0KQ8rJzw3+i4KrifopGQsEYFAvMgl1sGzBfG gDjGOJlx3Ta9+EZaIthI7XPSXTuWvLLxo1InAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUBpBRF7MIRdkKry7FPKjdRc8IFoswHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQnBCUkY3TUlSZGtLcnk3RlBLamRS YzhJRm9zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHvNgDAN BgkqhkiG9w0BAQsFAAOCAQEAQgWXaAZLJItluiFyK1OLFp37Wd9XJowKy3n/tFx7 zbCOYwFyyNIjY+ilMHuO+02l1cwf2WwQPR2Lu74NW31pd60U7jn3JwQ6OPip2Khb zHC9ZUdtkzMUFKfX4JYYlbm4vXZoICl/3S4lo+1In1RKO66J70maSWpvnRec7fzH OF16gAQcOYG3/fKdd3nVaI5C1dWNAf1v9Sxoqoc8Je54HZNjcjs8OuynitvV+2Et 4HDclFZoOtyqeXS+k9ayB09CP9BA+Fo0FQHDgkljb35f5vyjQrcJRgEk1eAKvEkE x8JS+PggF5Snk3ha3bd4ORtFBMez81cUxcFt5m7hQyYN2Q== -----END CERTIFICATE-----Generated at Mon Apr 7 07:59:04 2025 by rpki-client