$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/I6bRIIyNMWpGSo-1fk6K7NtMsQI.roa File: I6bRIIyNMWpGSo-1fk6K7NtMsQI.roa (raw, json) Hash identifier: BF0+PmpN349KXV6Jq8gEcsnae7mK3DYFsz5YZlzOi/Y= Subject key identifier: 23:A6:D1:20:8C:8D:31:6A:46:4A:8F:B5:7E:4E:8A:EC:DB:4C:B1:02 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 17F4 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/I6bRIIyNMWpGSo-1fk6K7NtMsQI.roa Signing time: Mon 10 Feb 2025 14:07:27 +0000 ROA not before: Mon 10 Feb 2025 14:07:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 220.229.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 22:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6132 (0x17f4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Feb 10 14:07:27 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=23A6D1208C8D316A464A8FB57E4E8AECDB4CB102 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:1d:57:c7:20:97:b9:f8:6d:c1:53:fa:d4:48: 90:86:bc:22:5c:12:23:34:fa:87:0d:4d:05:ee:28: 0a:40:35:a6:2d:d4:33:7a:db:56:ed:05:9d:8d:38: bb:ce:85:64:38:36:53:50:30:d3:05:5b:11:0a:98: 7d:35:0b:e9:7e:71:cc:38:87:d8:71:2f:b2:10:9e: 98:20:6e:43:6a:32:d3:74:33:f3:d1:be:56:06:81: af:29:23:1f:47:a5:37:6f:be:af:90:66:80:4f:09: aa:d1:ee:0f:a5:35:35:49:9d:74:cd:bf:5b:c9:3b: 4d:e7:4e:52:90:c5:55:76:ea:51:17:71:44:78:39: 5d:2d:bb:ad:82:23:b4:74:47:9b:16:bb:f8:f8:74: 56:2b:59:7c:0e:92:c2:0f:d5:be:29:54:26:75:bc: 09:51:19:34:da:da:55:a5:74:71:0e:38:cc:32:14: d3:a6:65:c8:c3:1a:f1:d7:64:02:e0:2a:5c:c4:cf: f8:c6:fd:12:f1:d8:4b:43:40:d7:06:fa:8f:3e:5c: 51:81:28:ed:5f:e1:7b:c9:b5:98:bc:d3:18:b1:0f: c3:01:1e:b8:6e:cf:97:08:be:b8:be:1a:13:50:28: 8f:3c:03:23:f5:1a:88:d5:89:5e:37:38:39:b5:66: b7:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:A6:D1:20:8C:8D:31:6A:46:4A:8F:B5:7E:4E:8A:EC:DB:4C:B1:02 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/I6bRIIyNMWpGSo-1fk6K7NtMsQI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.229.68.0/22 Signature Algorithm: sha256WithRSAEncryption 96:2d:28:ff:dc:a9:1b:6f:16:a8:a3:5f:66:82:30:d4:4b:e6: 99:e5:ee:28:f6:fa:b9:89:88:99:0d:8a:63:ef:ab:4a:55:07: 45:d2:31:7c:52:83:00:0b:0e:cd:b6:c2:e6:44:94:a0:74:57: 5b:b7:6d:5e:a4:ca:48:57:0e:9c:71:42:a1:7d:03:43:fc:6e: b9:9c:ff:c7:ca:a9:cb:a3:a1:96:4e:c8:4e:13:3c:65:99:24: 81:97:1c:ba:1f:ee:57:75:fb:88:06:1e:77:8a:a2:80:1d:55: fa:91:70:7d:60:1a:66:d4:8a:49:39:64:b8:31:25:fc:b6:a7: ec:90:eb:8b:9c:c8:51:1a:f4:41:a6:ce:3c:63:a6:de:c0:f8: 04:a3:87:ce:05:20:de:a4:14:26:06:89:b9:2c:a2:47:8a:4a: a0:4b:70:4c:94:8e:90:59:fd:66:b1:3f:2d:f2:17:07:d0:6c: 48:f8:dd:a1:91:46:84:96:74:04:49:3b:2a:01:ed:83:8f:ba: 44:f1:19:96:ab:5e:18:95:b2:b5:c5:d6:3a:dc:dd:ec:1d:a6: 32:3e:cf:3f:39:c6:fa:b5:52:a5:5d:93:fb:df:e9:15:d1:9d: 3d:be:3b:d0:68:f5:e1:af:78:02:69:01:c3:28:e2:8a:8e:1f: b1:06:9b:b9 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICF/QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx NDA3MjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIzQTZEMTIwOEM4RDMx NkE0NjRBOEZCNTdFNEU4QUVDREI0Q0IxMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEHVfHIJe5+G3BU/rUSJCGvCJcEiM0+ocNTQXuKApANaYt1DN6 21btBZ2NOLvOhWQ4NlNQMNMFWxEKmH01C+l+ccw4h9hxL7IQnpggbkNqMtN0M/PR vlYGga8pIx9HpTdvvq+QZoBPCarR7g+lNTVJnXTNv1vJO03nTlKQxVV26lEXcUR4 OV0tu62CI7R0R5sWu/j4dFYrWXwOksIP1b4pVCZ1vAlRGTTa2lWldHEOOMwyFNOm ZcjDGvHXZALgKlzEz/jG/RLx2EtDQNcG+o8+XFGBKO1f4XvJtZi80xixD8MBHrhu z5cIvri+GhNQKI88AyP1GojViV43ODm1ZrfbAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUI6bRIIyNMWpGSo+1fk6K7NtMsQIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSTZiUklJeU5NV3BHU28tMWZrNks3 TnRNc1FJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtzlRDAN BgkqhkiG9w0BAQsFAAOCAQEAli0o/9ypG28WqKNfZoIw1EvmmeXuKPb6uYmImQ2K Y++rSlUHRdIxfFKDAAsOzbbC5kSUoHRXW7dtXqTKSFcOnHFCoX0DQ/xuuZz/x8qp y6Ohlk7IThM8ZZkkgZccuh/uV3X7iAYed4qigB1V+pFwfWAaZtSKSTlkuDEl/Lan 7JDri5zIURr0QabOPGOm3sD4BKOHzgUg3qQUJgaJuSyiR4pKoEtwTJSOkFn9ZrE/ LfIXB9BsSPjdoZFGhJZ0BEk7KgHtg4+6RPEZlqteGJWytcXWOtzd7B2mMj7PPznG +rVSpV2T+9/pFdGdPb470Gj14a94AmkBwyjiio4fsQabuQ== -----END CERTIFICATE-----Generated at Sat Apr 5 20:07:37 2025 by rpki-client