$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/mY1lS5z9H-YPQRHA8hnGlm3ohFc.roa File: mY1lS5z9H-YPQRHA8hnGlm3ohFc.roa (raw, json) Hash identifier: aVHMy0xuwtqdoEUKCroYQ9wmvcRSs9lpF+I91KneA50= Subject key identifier: 99:8D:65:4B:9C:FD:1F:E6:0F:41:11:C0:F2:19:C6:96:6D:E8:84:57 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 1811 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/mY1lS5z9H-YPQRHA8hnGlm3ohFc.roa Signing time: Mon 10 Feb 2025 14:07:33 +0000 ROA not before: Mon 10 Feb 2025 14:07:33 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131602 IP address blocks: 106.105.168.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 08:37:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6161 (0x1811) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Feb 10 14:07:33 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=998D654B9CFD1FE60F4111C0F219C6966DE88457 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:ad:e1:99:fb:20:64:26:2f:c6:14:aa:51:09: 4d:7a:4c:50:43:b6:9f:9e:9b:c5:5c:31:6f:6f:d6: 49:ae:75:c7:04:46:35:d6:a9:b7:d2:88:85:06:e6: 10:03:a4:59:5f:c2:da:32:d8:3e:95:47:fd:31:42: 5f:1b:ee:93:48:e2:3e:68:8d:18:aa:c8:bc:97:4d: 49:05:ac:33:e9:ec:44:8a:c9:93:f9:10:a5:cf:e8: 02:11:dc:ec:ee:c7:82:48:31:e9:89:8d:4c:11:9c: 4d:8a:54:cd:e9:dd:fc:08:d4:0f:7a:04:67:11:e9: fc:09:e3:3b:dc:40:1b:de:1f:e6:8f:91:ce:cd:7f: d9:14:f5:2e:47:68:d0:76:52:be:dd:16:47:d3:91: ca:3e:5f:f8:46:9b:51:07:3f:5f:86:6f:13:90:7e: 4b:fc:93:29:3a:78:74:11:21:28:19:9a:98:63:b3: d6:7e:8d:3b:14:07:43:7b:65:b1:df:da:a5:67:98: 80:9f:44:44:2f:66:da:73:8a:d8:54:c7:e3:c3:77: aa:d5:ec:7d:2a:f7:d0:30:06:11:d8:7a:91:7c:a5: c0:97:25:cf:69:92:9f:12:52:ca:cf:67:e7:b6:a7: e2:66:fa:ce:fe:e6:e0:e0:bd:e8:13:c0:79:7a:78: d4:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:8D:65:4B:9C:FD:1F:E6:0F:41:11:C0:F2:19:C6:96:6D:E8:84:57 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/mY1lS5z9H-YPQRHA8hnGlm3ohFc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.105.168.0/21 Signature Algorithm: sha256WithRSAEncryption c5:48:7c:c9:09:4e:9b:65:24:ae:64:00:a2:0e:33:a0:4a:6b: 4b:24:31:5d:3f:e7:ee:af:85:dd:73:d8:a3:cc:c2:5d:cb:b4: e9:1f:73:48:0c:d0:48:b3:da:8c:c9:08:64:b2:44:80:ac:50: f0:62:1e:af:d4:27:f0:db:89:86:c5:07:f0:7b:b0:ea:1f:c8: 4a:8f:5d:b8:96:70:58:55:b9:14:15:55:c6:e1:09:c8:c6:ae: 7f:92:fd:d1:bb:63:aa:ef:35:57:b0:20:85:e3:bd:be:77:8d: 2c:54:5b:03:03:b0:2f:2d:ce:e3:0c:fe:36:09:02:09:21:f2: 9c:77:e3:e3:8c:50:c7:33:5a:5b:b7:5b:08:03:31:0b:6b:75: 36:e3:23:b6:f4:fb:d8:4c:30:e1:75:1a:c3:3b:4c:9c:67:38: c8:57:16:57:f7:a6:09:9b:71:9c:89:95:b4:41:41:7c:02:a5: 94:76:19:a5:9e:11:ef:d7:ac:d0:d7:f4:93:97:29:88:c4:ca: ec:51:56:3d:99:a1:aa:0f:e8:39:56:3c:23:8e:8e:33:28:e5: 13:a8:86:be:0d:81:fa:6e:fb:70:b8:7d:bb:41:f4:73:e8:44: ff:86:18:57:e7:52:8f:0f:a3:11:be:c8:f1:21:01:c4:4e:06: f7:41:c1:2d -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGBEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx NDA3MzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk5OEQ2NTRCOUNGRDFG RTYwRjQxMTFDMEYyMTlDNjk2NkRFODg0NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfreGZ+yBkJi/GFKpRCU16TFBDtp+em8VcMW9v1kmudccERjXW qbfSiIUG5hADpFlfwtoy2D6VR/0xQl8b7pNI4j5ojRiqyLyXTUkFrDPp7ESKyZP5 EKXP6AIR3Ozux4JIMemJjUwRnE2KVM3p3fwI1A96BGcR6fwJ4zvcQBveH+aPkc7N f9kU9S5HaNB2Ur7dFkfTkco+X/hGm1EHP1+GbxOQfkv8kyk6eHQRISgZmphjs9Z+ jTsUB0N7ZbHf2qVnmICfREQvZtpzithUx+PDd6rV7H0q99AwBhHYepF8pcCXJc9p kp8SUsrPZ+e2p+Jm+s7+5uDgvegTwHl6eNQfAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUmY1lS5z9H+YPQRHA8hnGlm3ohFcwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbVkxbFM1ejlILVlQUVJIQThobkds bTNvaEZjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2ppqDAN BgkqhkiG9w0BAQsFAAOCAQEAxUh8yQlOm2UkrmQAog4zoEprSyQxXT/n7q+F3XPY o8zCXcu06R9zSAzQSLPajMkIZLJEgKxQ8GIer9Qn8NuJhsUH8Huw6h/ISo9duJZw WFW5FBVVxuEJyMauf5L90btjqu81V7AgheO9vneNLFRbAwOwLy3O4wz+NgkCCSHy nHfj44xQxzNaW7dbCAMxC2t1NuMjtvT72Eww4XUawztMnGc4yFcWV/emCZtxnImV tEFBfAKllHYZpZ4R79es0Nf0k5cpiMTK7FFWPZmhqg/oOVY8I46OMyjlE6iGvg2B +m77cLh9u0H0c+hE/4YYV+dSjw+jEb7I8SEBxE4G90HBLQ== -----END CERTIFICATE-----Generated at Mon Apr 7 08:08:13 2025 by rpki-client