$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/tT9ZcNNQVDhAkd5735Tn3ajDQ78.roa File: tT9ZcNNQVDhAkd5735Tn3ajDQ78.roa (raw, json) Hash identifier: vqX1WUnRvWMnzsHOSf75rGgmzbFWNg9+EeqrBU2nsOw= Subject key identifier: B5:3F:59:70:D3:50:54:38:40:91:DE:7B:DF:94:E7:DD:A8:C3:43:BF Certificate issuer: /CN=938EB4AB05A861667FD03554ACFB836A2CFDC9DB Certificate serial: 012F Authority key identifier: 93:8E:B4:AB:05:A8:61:66:7F:D0:35:54:AC:FB:83:6A:2C:FD:C9:DB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/k460qwWoYWZ_0DVUrPuDaiz9yds.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/tT9ZcNNQVDhAkd5735Tn3ajDQ78.roa Signing time: Mon 10 Feb 2025 13:45:11 +0000 ROA not before: Mon 10 Feb 2025 13:45:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 150758 IP address blocks: 2401:57a0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/k460qwWoYWZ_0DVUrPuDaiz9yds.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/k460qwWoYWZ_0DVUrPuDaiz9yds.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/k460qwWoYWZ_0DVUrPuDaiz9yds.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 303 (0x12f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=938EB4AB05A861667FD03554ACFB836A2CFDC9DB Validity Not Before: Feb 10 13:45:11 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B53F5970D35054384091DE7BDF94E7DDA8C343BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:88:32:84:f7:50:ce:01:da:37:c3:f4:f6:12: b4:f2:47:6d:d0:b8:2b:ea:b2:87:64:f1:c2:00:b3: 45:94:74:71:cf:6e:2e:2b:4f:30:dc:f1:9c:ab:14: 60:cb:2e:b9:5c:23:a2:75:25:0b:f5:0b:97:74:ed: 99:8c:b7:b8:15:ed:38:49:4e:d8:84:56:cb:d3:25: 91:8d:d1:ee:ec:bb:9c:23:08:ac:4d:92:26:9c:d0: 3a:52:74:36:39:f6:ef:3b:5e:b3:24:25:e0:cb:64: 8d:b9:a2:88:10:a4:5d:80:8e:7d:62:fa:bb:48:8c: 95:03:08:3a:23:b4:de:83:3c:d1:83:60:9a:29:06: dc:6b:54:f5:85:d8:4d:a3:f8:de:02:3e:fd:39:03: 8a:f0:f9:14:9c:97:07:4c:1e:ad:6a:75:8e:00:b6: 09:88:f6:62:fa:2f:fd:3b:f5:09:1a:8b:72:1a:a1: a0:4b:b6:97:2e:05:07:15:f0:7d:c3:d6:72:e7:92: e0:e4:e4:40:ea:cd:be:6f:9e:60:11:ce:a2:64:14: 85:84:da:a9:80:0b:a0:ac:d8:9d:15:ad:f2:cd:fb: e8:63:a8:11:8f:13:54:06:ec:e6:44:fb:f1:d4:6f: 44:91:c7:7e:24:bc:61:0d:d3:24:31:45:aa:0d:90: 60:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:3F:59:70:D3:50:54:38:40:91:DE:7B:DF:94:E7:DD:A8:C3:43:BF X509v3 Authority Key Identifier: keyid:93:8E:B4:AB:05:A8:61:66:7F:D0:35:54:AC:FB:83:6A:2C:FD:C9:DB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/k460qwWoYWZ_0DVUrPuDaiz9yds.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/k460qwWoYWZ_0DVUrPuDaiz9yds.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/tT9ZcNNQVDhAkd5735Tn3ajDQ78.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:57a0::/32 Signature Algorithm: sha256WithRSAEncryption 7d:eb:6e:ed:2e:23:8f:de:d2:e2:c8:3d:1c:d4:fa:5a:5a:09: 79:6a:87:0e:ad:7f:c5:f3:3a:e5:87:cd:b4:87:a2:28:dd:d6: 77:cc:62:d1:26:0f:93:d1:42:ab:10:47:7c:99:ac:c9:4a:46: cc:41:93:f5:f5:6a:b7:fb:17:d6:f3:fb:4e:7a:11:c0:5b:a8: c9:60:7a:34:c0:fa:a5:22:e9:42:90:02:3b:c6:ae:d6:8c:a6: fc:4d:20:6b:94:3b:cf:b4:d2:ec:24:72:1b:c5:6e:9d:56:ea: 0f:ba:d8:a5:a6:10:29:23:e7:b7:22:bd:82:a3:8b:16:d5:e5: ce:7d:bf:99:c7:29:af:06:54:db:90:40:e1:dc:41:ae:cd:51: e5:fa:da:1d:37:28:92:b0:b0:5d:cc:15:ec:ee:92:07:f6:35: e1:cc:b5:cd:7a:60:61:d1:07:65:b4:3e:df:e4:a6:a9:7c:7a: 6d:8f:49:db:ed:f3:06:4f:e7:9f:92:1d:ac:6c:d4:08:2e:4a: d6:b5:48:94:0e:48:3e:93:d9:b0:d9:28:28:32:09:67:9c:e8: 9e:83:a1:f0:0c:bf:3d:11:6d:ce:de:07:4b:53:3c:96:b4:87: 97:ba:d7:18:2b:40:3b:62:80:4e:a1:90:37:5e:29:63:30:9a: d9:3a:e2:8a -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICAS8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTM4 RUI0QUIwNUE4NjE2NjdGRDAzNTU0QUNGQjgzNkEyQ0ZEQzlEQjAeFw0yNTAyMTAx MzQ1MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI1M0Y1OTcwRDM1MDU0 Mzg0MDkxREU3QkRGOTRFN0REQThDMzQzQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoiDKE91DOAdo3w/T2ErTyR23QuCvqsodk8cIAs0WUdHHPbi4r TzDc8ZyrFGDLLrlcI6J1JQv1C5d07ZmMt7gV7ThJTtiEVsvTJZGN0e7su5wjCKxN kiac0DpSdDY59u87XrMkJeDLZI25oogQpF2Ajn1i+rtIjJUDCDojtN6DPNGDYJop BtxrVPWF2E2j+N4CPv05A4rw+RSclwdMHq1qdY4AtgmI9mL6L/079Qkai3IaoaBL tpcuBQcV8H3D1nLnkuDk5EDqzb5vnmARzqJkFIWE2qmAC6Cs2J0VrfLN++hjqBGP E1QG7OZE+/HUb0SRx34kvGEN0yQxRaoNkGD5AgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUtT9ZcNNQVDhAkd5735Tn3ajDQ78wHwYDVR0jBBgwFoAUk460qwWoYWZ/0DVU rPuDaiz9ydswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkRfU0VD VVJFL2s0NjBxd1dvWVdaXzBEVlVyUHVEYWl6OXlkcy5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvazQ2MHF3V29ZV1pfMERWVXJQdURhaXo5eWRzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkRfU0VDVVJFL3RUOVpjTk5RVkRo QWtkNTczNVRuM2FqRFE3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkAVegMA0GCSqGSIb3DQEBCwUAA4IBAQB9627tLiOP3tLiyD0c1PpaWgl5 aocOrX/F8zrlh820h6Io3dZ3zGLRJg+T0UKrEEd8mazJSkbMQZP19Wq3+xfW8/tO ehHAW6jJYHo0wPqlIulCkAI7xq7WjKb8TSBrlDvPtNLsJHIbxW6dVuoPutilphAp I+e3Ir2Co4sW1eXOfb+ZxymvBlTbkEDh3EGuzVHl+todNyiSsLBdzBXs7pIH9jXh zLXNemBh0QdltD7f5KapfHptj0nb7fMGT+efkh2sbNQILkrWtUiUDkg+k9mw2Sgo MglnnOieg6HwDL89EW3O3gdLUzyWtIeXutcYK0A7YoBOoZA3XiljMJrZOuKK -----END CERTIFICATE-----Generated at Fri Apr 18 23:56:48 2025 by rpki-client