$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCREE/BZmDRB0SwtLygRJZXcGRDCBZ9TI.roa File: BZmDRB0SwtLygRJZXcGRDCBZ9TI.roa (raw, json) Hash identifier: TOVC67wGWMCHxA34kalCv6BiJsbBGfZGhW3mlttqkrs= Subject key identifier: 05:99:83:44:1D:12:C2:D2:F2:81:12:59:5D:C1:91:0C:20:59:F5:32 Certificate issuer: /CN=3B49B87A3FF389634C7D090D76DAEAA96FEEFD90 Certificate serial: 0C94 Authority key identifier: 3B:49:B8:7A:3F:F3:89:63:4C:7D:09:0D:76:DA:EA:A9:6F:EE:FD:90 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/BZmDRB0SwtLygRJZXcGRDCBZ9TI.roa Signing time: Mon 10 Feb 2025 13:50:48 +0000 ROA not before: Mon 10 Feb 2025 13:50:48 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18183 IP address blocks: 202.5.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3220 (0xc94) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3B49B87A3FF389634C7D090D76DAEAA96FEEFD90 Validity Not Before: Feb 10 13:50:48 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=059983441D12C2D2F28112595DC1910C2059F532 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:06:40:bb:ce:d8:7c:d1:68:e1:76:32:c6:1e: 70:e4:55:93:4f:c2:2a:75:65:c0:08:7a:3f:79:cc: 82:c8:2a:f9:61:33:d2:4d:93:6e:0a:40:69:dd:01: c2:e2:fa:af:82:ce:01:e0:5e:fd:e4:bd:10:bc:da: 93:8b:fd:f9:37:4b:06:a6:54:a9:c9:30:de:a0:7e: 97:cc:4a:ce:71:dd:83:bd:17:b7:dc:09:9d:0a:50: cc:04:82:16:c3:d5:94:5f:62:53:51:e8:9a:46:37: 52:da:da:95:8b:8c:dd:c4:bb:e8:eb:f2:81:ec:d7: c8:80:a0:37:2f:38:2f:0c:99:61:e6:74:9b:8e:4d: 09:65:b7:05:72:d9:36:cc:bf:c8:5a:23:6a:17:93: e1:9e:86:b7:d7:8e:8b:e1:6b:c2:29:13:13:fb:ab: 52:0d:a4:89:e3:2f:b9:a8:c7:02:f2:31:33:fe:44: 43:27:ee:33:16:41:7d:0c:df:47:cf:54:ff:e4:ca: 36:86:6d:64:d8:d4:82:a7:83:31:ca:01:83:81:7a: b4:44:f7:e6:f4:0c:63:a2:08:3e:3a:30:a8:d4:09: a1:66:f2:60:12:50:12:f3:f1:dc:90:63:c1:2f:3d: 91:53:a2:d9:73:6e:07:85:91:34:29:a3:9c:e2:a2: f2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:99:83:44:1D:12:C2:D2:F2:81:12:59:5D:C1:91:0C:20:59:F5:32 X509v3 Authority Key Identifier: keyid:3B:49:B8:7A:3F:F3:89:63:4C:7D:09:0D:76:DA:EA:A9:6F:EE:FD:90 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/BZmDRB0SwtLygRJZXcGRDCBZ9TI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.5.12.0/22 Signature Algorithm: sha256WithRSAEncryption b0:1c:59:14:a3:d7:36:41:44:c7:a6:c6:9a:9a:f0:2e:1d:2c: 62:71:a9:cb:ec:1a:b2:67:27:b9:bc:32:c1:7b:96:d4:e5:d8: 65:2d:a2:fe:85:01:0a:86:04:b8:b3:f5:3b:14:03:3d:bb:6b: ec:ff:e1:06:c1:6a:4f:f5:97:82:c2:7b:4a:f6:5e:fa:44:67: 94:85:90:84:ac:1a:d3:69:32:49:87:0c:15:ef:07:6d:e0:db: ce:8a:c8:e5:61:5a:0f:c4:9e:da:62:15:72:9d:62:e3:7e:2b: 44:5b:33:1e:e1:f5:76:25:3a:ae:11:c8:a6:58:f3:d4:c3:7b: 92:61:15:7a:26:05:74:33:78:dd:a6:3a:b5:fa:12:bd:4b:df: 7c:cf:50:28:78:28:ab:ac:60:cb:51:37:ae:6c:f3:a2:05:7f: a1:2c:04:f2:54:91:9f:49:a7:09:a5:fa:cd:74:6d:3d:75:05: aa:5f:ea:ea:60:31:ac:84:c9:13:00:b8:68:7e:5b:f6:cb:c8: 81:17:92:8a:a7:38:f2:19:b6:5e:39:a0:44:c4:74:4d:52:4f: ef:f1:ce:51:a4:41:a4:bf:2e:de:c4:29:e5:82:59:b6:b3:36: 03:32:d6:76:22:19:89:7a:42:b4:32:f9:d9:33:b7:6c:e7:6e: 2b:8a:1d:02 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0I0 OUI4N0EzRkYzODk2MzRDN0QwOTBENzZEQUVBQTk2RkVFRkQ5MDAeFw0yNTAyMTAx MzUwNDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA1OTk4MzQ0MUQxMkMy RDJGMjgxMTI1OTVEQzE5MTBDMjA1OUY1MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGBkC7zth80WjhdjLGHnDkVZNPwip1ZcAIej95zILIKvlhM9JN k24KQGndAcLi+q+CzgHgXv3kvRC82pOL/fk3SwamVKnJMN6gfpfMSs5x3YO9F7fc CZ0KUMwEghbD1ZRfYlNR6JpGN1La2pWLjN3Eu+jr8oHs18iAoDcvOC8MmWHmdJuO TQlltwVy2TbMv8haI2oXk+GehrfXjovha8IpExP7q1INpInjL7moxwLyMTP+REMn 7jMWQX0M30fPVP/kyjaGbWTY1IKngzHKAYOBerRE9+b0DGOiCD46MKjUCaFm8mAS UBLz8dyQY8EvPZFTotlzbgeFkTQpo5ziovJFAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUBZmDRB0SwtLygRJZXcGRDCBZ9TIwHwYDVR0jBBgwFoAUO0m4ej/ziWNMfQkN dtrqqW/u/ZAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNSRUUv TzBtNGVqX3ppV05NZlFrTmR0cnFxV191X1pBLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PMG00ZWpfemlXTk1mUWtOZHRycXFXX3VfWkEuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ1JFRS9CWm1EUkIwU3d0THlnUkpaWGNH UkRDQlo5VEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCygUM MA0GCSqGSIb3DQEBCwUAA4IBAQCwHFkUo9c2QUTHpsaamvAuHSxicanL7BqyZye5 vDLBe5bU5dhlLaL+hQEKhgS4s/U7FAM9u2vs/+EGwWpP9ZeCwntK9l76RGeUhZCE rBrTaTJJhwwV7wdt4NvOisjlYVoPxJ7aYhVynWLjfitEWzMe4fV2JTquEcimWPPU w3uSYRV6JgV0M3jdpjq1+hK9S998z1AoeCirrGDLUTeubPOiBX+hLATyVJGfSacJ pfrNdG09dQWqX+rqYDGshMkTALhoflv2y8iBF5KKpzjyGbZeOaBExHRNUk/v8c5R pEGkvy7exCnlglm2szYDMtZ2IhmJekK0MvnZM7ds524rih0C -----END CERTIFICATE-----Generated at Fri Apr 18 22:43:41 2025 by rpki-client