$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/phK85_haumZeklMDMMKM5VS2kPA.roa File: phK85_haumZeklMDMMKM5VS2kPA.roa (raw, json) Hash identifier: b9XsarXI2YtKj7fGACAknfuV3NknbhlkkCqJmsOLbNs= Subject key identifier: A6:12:BC:E7:F8:5A:BA:66:5E:92:53:03:30:C2:8C:E5:54:B6:90:F0 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 0F67 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/phK85_haumZeklMDMMKM5VS2kPA.roa Signing time: Mon 10 Feb 2025 14:08:02 +0000 ROA not before: Mon 10 Feb 2025 14:08:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9919 IP address blocks: 192.72.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 02:06:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3943 (0xf67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Feb 10 14:08:02 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A612BCE7F85ABA665E92530330C28CE554B690F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5b:2f:ec:f1:63:cb:9e:d9:1e:d5:32:cd:70: 03:ab:66:5a:55:5c:ae:3c:af:97:06:60:49:97:43: 50:6f:b3:26:f0:d5:87:13:ee:c3:c9:f6:76:16:46: fb:1a:97:25:c7:56:13:dc:c2:73:8f:28:28:39:88: b0:11:d2:b1:a6:92:bf:75:dc:7d:34:af:17:16:5c: a7:af:f6:b7:58:f9:7b:4e:fa:cc:ea:07:0b:05:03: 9a:b7:89:06:43:73:11:8c:95:6b:3e:b2:0e:ff:a7: 68:c0:49:54:67:dd:bd:57:1c:ee:ec:75:ea:e7:fc: 5b:35:b2:38:e7:04:f2:c1:d0:be:3d:7c:31:c0:3c: ad:dd:f5:7d:03:67:fe:62:67:89:31:9c:a8:75:6b: 1f:84:43:47:c6:98:14:aa:87:29:16:54:5d:ac:d1: f2:8f:0d:0c:5e:3b:cb:af:22:33:83:bb:ad:75:b3: f8:94:2b:18:c3:96:6e:2f:32:c8:f4:00:c9:e5:64: 59:eb:68:77:e4:3e:d1:61:db:75:7d:8b:c0:ac:42: a0:2c:81:ec:eb:d4:0f:bf:89:cb:7d:00:1d:41:db: 22:61:9d:a4:18:57:c5:5a:3e:f1:e6:a9:6d:1c:51: f0:bc:86:27:3b:4f:ab:02:4f:f2:b1:25:e5:0c:81: cd:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:12:BC:E7:F8:5A:BA:66:5E:92:53:03:30:C2:8C:E5:54:B6:90:F0 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/phK85_haumZeklMDMMKM5VS2kPA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.240.0/21 Signature Algorithm: sha256WithRSAEncryption 31:ec:4c:d9:1c:88:19:ca:9b:cb:b2:a3:c7:65:5b:de:dc:dd: 4a:44:81:af:08:47:42:78:ba:c9:7e:9d:6e:ec:59:d8:29:c4: a8:66:2f:74:ab:fc:c7:d7:58:f9:34:30:85:d6:6d:35:dc:5e: e8:10:d7:b5:a5:9e:62:e1:29:0a:7e:fb:28:d4:69:91:fc:d1: 83:ba:4c:45:14:e2:f5:65:73:c6:8b:3f:0b:b5:e4:dd:62:ab: c9:52:7a:2c:ac:2d:df:de:92:10:a2:80:1f:bf:5d:75:22:35: e4:fc:a1:70:72:41:73:78:e6:81:bc:a6:8b:0a:d4:23:81:0e: 18:9e:7b:fd:14:bb:f2:f4:0b:f9:26:70:91:2e:7b:c9:1f:70: 58:ca:f0:49:1d:76:b9:a9:73:39:dc:89:b0:e0:fc:bc:ea:37: b8:b9:d7:8d:95:a0:9b:15:95:d7:a4:72:9b:d4:fb:19:18:db: 9c:76:43:07:49:e3:01:3f:a4:61:61:b4:c3:cf:15:cc:92:a5: 55:40:02:3c:3f:af:1e:3d:1f:8e:78:78:80:02:64:c0:c2:ca: 20:cb:59:bc:77:98:2c:d1:bb:a7:02:a3:54:e0:1b:e3:ea:47: 53:97:b3:6e:80:9d:d6:89:22:ba:2b:a4:ed:89:6d:59:9e:07: 17:c2:89:87 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD2cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx NDA4MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE2MTJCQ0U3Rjg1QUJB NjY1RTkyNTMwMzMwQzI4Q0U1NTRCNjkwRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDWy/s8WPLntke1TLNcAOrZlpVXK48r5cGYEmXQ1Bvsybw1YcT 7sPJ9nYWRvsalyXHVhPcwnOPKCg5iLAR0rGmkr913H00rxcWXKev9rdY+XtO+szq BwsFA5q3iQZDcxGMlWs+sg7/p2jASVRn3b1XHO7sdern/Fs1sjjnBPLB0L49fDHA PK3d9X0DZ/5iZ4kxnKh1ax+EQ0fGmBSqhykWVF2s0fKPDQxeO8uvIjODu611s/iU KxjDlm4vMsj0AMnlZFnraHfkPtFh23V9i8CsQqAsgezr1A+/ict9AB1B2yJhnaQY V8VaPvHmqW0cUfC8hic7T6sCT/KxJeUMgc29AgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUphK85/haumZeklMDMMKM5VS2kPAwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcGhLODVfaGF1bVpla2xNRE1NS001 VlMya1BBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BI8DAN BgkqhkiG9w0BAQsFAAOCAQEAMexM2RyIGcqby7Kjx2Vb3tzdSkSBrwhHQni6yX6d buxZ2CnEqGYvdKv8x9dY+TQwhdZtNdxe6BDXtaWeYuEpCn77KNRpkfzRg7pMRRTi 9WVzxos/C7Xk3WKryVJ6LKwt396SEKKAH79ddSI15PyhcHJBc3jmgbymiwrUI4EO GJ57/RS78vQL+SZwkS57yR9wWMrwSR12ualzOdyJsOD8vOo3uLnXjZWgmxWV16Ry m9T7GRjbnHZDB0njAT+kYWG0w88VzJKlVUACPD+vHj0fjnh4gAJkwMLKIMtZvHeY LNG7pwKjVOAb4+pHU5ezboCd1okiuiuk7YltWZ4HF8KJhw== -----END CERTIFICATE-----Generated at Sat Apr 5 23:14:33 2025 by rpki-client