$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/dkfU3iJQ1EU1HP3FEFK9bBJwMNw.roa File: dkfU3iJQ1EU1HP3FEFK9bBJwMNw.roa (raw, json) Hash identifier: MynGKcbU5FZQmZooynCoChZMUc95iauGKCVJ0M0VO+k= Subject key identifier: 76:47:D4:DE:22:50:D4:45:35:1C:FD:C5:10:52:BD:6C:12:70:30:DC Certificate issuer: /CN=938EB4AB05A861667FD03554ACFB836A2CFDC9DB Certificate serial: 0130 Authority key identifier: 93:8E:B4:AB:05:A8:61:66:7F:D0:35:54:AC:FB:83:6A:2C:FD:C9:DB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/k460qwWoYWZ_0DVUrPuDaiz9yds.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/dkfU3iJQ1EU1HP3FEFK9bBJwMNw.roa Signing time: Mon 10 Feb 2025 13:45:11 +0000 ROA not before: Mon 10 Feb 2025 13:45:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 150758 IP address blocks: 210.87.108.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/k460qwWoYWZ_0DVUrPuDaiz9yds.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/k460qwWoYWZ_0DVUrPuDaiz9yds.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/k460qwWoYWZ_0DVUrPuDaiz9yds.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 304 (0x130) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=938EB4AB05A861667FD03554ACFB836A2CFDC9DB Validity Not Before: Feb 10 13:45:11 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=7647D4DE2250D445351CFDC51052BD6C127030DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:6f:5d:ab:16:4f:01:28:b6:3d:7e:c5:75:c0: bd:b4:63:f6:24:d1:7f:a4:bb:50:bc:9a:0b:b4:87: 69:98:3a:a3:c6:2f:ee:39:25:a0:8a:ef:12:9b:0d: c1:52:1c:72:d5:dd:6e:ba:88:56:07:7c:f7:e0:db: 16:78:48:ef:ef:27:21:86:b5:3e:4d:1b:23:88:41: 7b:8d:ef:0c:74:04:3f:4e:b8:93:55:ec:2d:33:34: 8c:5c:9a:e7:9a:82:46:da:8a:ee:84:41:b3:d8:64: e7:df:ba:3d:8e:64:a0:b4:be:3a:8e:65:f8:73:1a: 27:0f:cc:1a:ee:a1:5a:7c:77:74:56:53:96:fa:7d: 25:13:29:ba:ac:c5:e4:91:79:d7:ab:7f:d2:a8:61: e0:1f:05:a7:ce:a8:4b:59:1d:f8:c4:02:20:22:8f: 08:87:04:e3:62:a1:6c:4f:49:3e:dd:73:02:66:f5: 22:1a:5d:42:bb:d9:83:f9:fd:8f:a7:d8:35:bc:54: f2:88:10:45:a0:f8:4e:8f:23:5f:33:9a:64:a6:d8: 91:65:53:55:64:85:33:ce:c8:d0:44:1e:28:a5:85: 22:37:4b:46:b5:2a:db:3e:cf:23:15:1f:7e:d1:a4: ff:f5:91:89:7b:b5:67:e6:0a:97:a8:27:fc:38:fa: c9:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:47:D4:DE:22:50:D4:45:35:1C:FD:C5:10:52:BD:6C:12:70:30:DC X509v3 Authority Key Identifier: keyid:93:8E:B4:AB:05:A8:61:66:7F:D0:35:54:AC:FB:83:6A:2C:FD:C9:DB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/k460qwWoYWZ_0DVUrPuDaiz9yds.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/k460qwWoYWZ_0DVUrPuDaiz9yds.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/dkfU3iJQ1EU1HP3FEFK9bBJwMNw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.87.108.0/23 Signature Algorithm: sha256WithRSAEncryption bc:74:d2:6d:1a:67:35:6d:49:88:04:2a:bb:68:89:fe:08:47: 48:78:bc:ad:07:9b:23:06:42:9a:7c:40:82:c9:21:0f:09:95: c1:28:d3:78:1d:a3:d0:18:90:12:81:b9:a5:73:6a:b9:3b:11: b1:45:c3:9a:79:f6:c4:20:15:e7:95:44:fa:f9:09:80:18:4c: 9b:ff:7c:f7:10:65:30:0b:c3:86:39:dc:73:33:83:ad:a8:b5: 95:97:1d:cc:49:a9:3f:29:cd:36:35:d2:2f:f5:d9:21:fb:8e: 49:c1:26:78:ed:c1:d4:40:8e:1d:aa:5d:79:d1:b6:15:6b:67: 8d:fc:37:8d:4b:c4:5e:4e:9e:8b:22:09:7e:8e:f2:25:95:7a: 58:75:8b:b8:fe:cb:08:90:ab:76:7d:37:a5:66:da:8b:78:32: 80:72:93:e1:d4:97:74:43:87:0b:e2:0b:d4:ff:10:8a:71:b5: ab:fa:02:db:c5:4f:87:a2:b5:c9:f4:06:34:d5:3f:45:a8:f3: 4d:57:55:0c:bf:60:0b:05:8e:a5:b7:1a:ac:b2:f2:59:d8:49: 8e:83:82:f2:79:b3:cc:c9:6f:1f:67:7c:6e:f3:c4:ad:f0:f6: 23:9d:73:de:dc:4b:91:1c:57:c5:23:46:b1:4e:ad:59:a6:48: 77:e0:08:6f -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTM4 RUI0QUIwNUE4NjE2NjdGRDAzNTU0QUNGQjgzNkEyQ0ZEQzlEQjAeFw0yNTAyMTAx MzQ1MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc2NDdENERFMjI1MEQ0 NDUzNTFDRkRDNTEwNTJCRDZDMTI3MDMwREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDyb12rFk8BKLY9fsV1wL20Y/Yk0X+ku1C8mgu0h2mYOqPGL+45 JaCK7xKbDcFSHHLV3W66iFYHfPfg2xZ4SO/vJyGGtT5NGyOIQXuN7wx0BD9OuJNV 7C0zNIxcmueagkbaiu6EQbPYZOffuj2OZKC0vjqOZfhzGicPzBruoVp8d3RWU5b6 fSUTKbqsxeSRederf9KoYeAfBafOqEtZHfjEAiAijwiHBONioWxPST7dcwJm9SIa XUK72YP5/Y+n2DW8VPKIEEWg+E6PI18zmmSm2JFlU1VkhTPOyNBEHiilhSI3S0a1 Kts+zyMVH37RpP/1kYl7tWfmCpeoJ/w4+skjAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUdkfU3iJQ1EU1HP3FEFK9bBJwMNwwHwYDVR0jBBgwFoAUk460qwWoYWZ/0DVU rPuDaiz9ydswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkRfU0VD VVJFL2s0NjBxd1dvWVdaXzBEVlVyUHVEYWl6OXlkcy5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvazQ2MHF3V29ZV1pfMERWVXJQdURhaXo5eWRzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkRfU0VDVVJFL2RrZlUzaUpRMUVV MUhQM0ZFRks5YkJKd01Ody5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAHSV2wwDQYJKoZIhvcNAQELBQADggEBALx00m0aZzVtSYgEKrtoif4IR0h4 vK0HmyMGQpp8QILJIQ8JlcEo03gdo9AYkBKBuaVzark7EbFFw5p59sQgFeeVRPr5 CYAYTJv/fPcQZTALw4Y53HMzg62otZWXHcxJqT8pzTY10i/12SH7jknBJnjtwdRA jh2qXXnRthVrZ438N41LxF5OnosiCX6O8iWVelh1i7j+ywiQq3Z9N6Vm2ot4MoBy k+HUl3RDhwviC9T/EIpxtav6AtvFT4eitcn0BjTVP0Wo801XVQy/YAsFjqW3Gqyy 8lnYSY6DgvJ5s8zJbx9nfG7zxK3w9iOdc97cS5EcV8UjRrFOrVmmSHfgCG8= -----END CERTIFICATE-----Generated at Fri Apr 18 23:46:42 2025 by rpki-client