$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/ZRmciX8MRpTAtYbzSDPfG5ZjDn4.roa File: ZRmciX8MRpTAtYbzSDPfG5ZjDn4.roa (raw, json) Hash identifier: euyl50LrFdkpKXMRboByPMD/9TwxBomVzyRrxffkQMg= Subject key identifier: 65:19:9C:89:7F:0C:46:94:C0:B5:86:F3:48:33:DF:1B:96:63:0E:7E Certificate issuer: /CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2 Certificate serial: 598A Authority key identifier: B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/ZRmciX8MRpTAtYbzSDPfG5ZjDn4.roa Signing time: Mon 10 Feb 2025 14:10:36 +0000 ROA not before: Mon 10 Feb 2025 14:10:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38851 IP address blocks: 103.131.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 16:36:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22922 (0x598a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4320FD78DFB6A4D1C92322F794966B8525DFDD2 Validity Not Before: Feb 10 14:10:36 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=65199C897F0C4694C0B586F34833DF1B96630E7E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:a5:8d:e9:09:ba:37:29:07:79:38:cb:88:8e: 07:60:95:09:77:24:c8:40:42:fb:9e:93:52:f5:8c: ab:ad:0f:ab:28:65:59:d6:99:1a:71:3f:91:d3:ae: a6:02:93:5d:65:36:14:f4:5d:9e:fc:7d:19:12:93: 82:ce:b0:c4:24:9e:7b:d0:eb:c8:a5:cb:36:81:b5: 19:76:f9:fe:46:72:29:83:5a:fb:ee:28:2b:2f:80: dc:c7:6e:3b:df:ff:e5:5b:5d:34:be:b7:0b:7d:52: 08:03:fc:08:e5:27:0c:9d:ca:1f:a9:bc:7d:d3:d0: b2:02:4f:99:db:19:5c:64:53:9b:13:dc:76:25:8f: 0b:f0:ba:e9:dc:f3:8e:ac:86:37:b0:52:9b:1c:7e: f5:a7:72:73:41:47:56:bd:7c:6e:e3:b7:e3:b4:11: 3c:5f:a2:d2:25:83:45:30:6d:c5:91:67:f7:e4:06: 9f:48:8b:d4:ae:1e:be:b2:88:d7:8c:d4:c8:4d:5d: b4:0b:21:20:d1:55:94:db:45:52:85:3b:f0:93:ed: 35:d3:74:03:30:50:07:99:fb:41:3d:9d:ff:87:7a: 96:7e:f4:15:1a:90:7f:4a:a1:44:5f:01:2f:bb:8d: f9:39:ae:aa:31:d6:6e:95:98:b8:ff:36:ea:52:b6: ed:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:19:9C:89:7F:0C:46:94:C0:B5:86:F3:48:33:DF:1B:96:63:0E:7E X509v3 Authority Key Identifier: keyid:B4:32:0F:D7:8D:FB:6A:4D:1C:92:32:2F:79:49:66:B8:52:5D:FD:D2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/tDIP1437ak0ckjIveUlmuFJd_dI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tDIP1437ak0ckjIveUlmuFJd_dI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NTCCATV/ZRmciX8MRpTAtYbzSDPfG5ZjDn4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.131.172.0/22 Signature Algorithm: sha256WithRSAEncryption a4:1e:79:3c:62:77:26:da:32:92:bd:51:d7:20:5e:ed:81:ce: fa:7f:20:15:18:59:61:29:6f:7f:41:54:ec:44:69:11:5a:06: 4d:ca:67:f8:71:31:c9:e0:e2:39:6f:4a:44:41:fe:ca:2f:05: 0b:ac:71:19:38:ee:a7:a9:53:00:0a:5e:ab:60:04:83:2a:e3: 5f:62:d4:64:a2:8c:32:3d:fd:a1:ca:04:69:2a:99:a5:ea:a6: 0a:f6:41:41:0f:5a:13:7b:07:27:f3:d4:c7:44:46:83:a6:32: aa:49:6c:1a:ec:69:93:b8:a8:c4:35:49:c2:db:b6:86:17:36: 11:3c:d8:c1:4c:9c:0c:2d:5d:f6:5e:e3:f3:c3:c3:0f:7c:ef: 6b:60:9a:c6:28:62:c2:64:0b:94:35:dd:d5:d5:4e:b8:ca:50: ba:e1:b4:d4:bb:a3:8a:23:53:bc:63:d1:49:a8:3a:61:a2:42: 3f:ba:df:b8:10:fe:40:1e:df:94:3e:ea:24:00:31:4a:1c:d1: 34:c1:a6:c8:14:ab:d9:f8:6b:f0:3f:9e:8a:31:0c:f5:42:79: 41:c0:07:e1:d9:75:e9:cc:1e:91:c9:45:b0:56:61:0c:33:ba: f0:4a:ca:77:0a:84:4f:06:15:a6:c8:e3:c3:c2:a6:87:e5:8b: 24:1d:24:c4 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICWYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjQz MjBGRDc4REZCNkE0RDFDOTIzMjJGNzk0OTY2Qjg1MjVERkREMjAeFw0yNTAyMTAx NDEwMzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY1MTk5Qzg5N0YwQzQ2 OTRDMEI1ODZGMzQ4MzNERjFCOTY2MzBFN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYpY3pCbo3KQd5OMuIjgdglQl3JMhAQvuek1L1jKutD6soZVnW mRpxP5HTrqYCk11lNhT0XZ78fRkSk4LOsMQknnvQ68ilyzaBtRl2+f5GcimDWvvu KCsvgNzHbjvf/+VbXTS+twt9UggD/AjlJwydyh+pvH3T0LICT5nbGVxkU5sT3HYl jwvwuunc846shjewUpscfvWncnNBR1a9fG7jt+O0ETxfotIlg0UwbcWRZ/fkBp9I i9SuHr6yiNeM1MhNXbQLISDRVZTbRVKFO/CT7TXTdAMwUAeZ+0E9nf+HepZ+9BUa kH9KoURfAS+7jfk5rqox1m6VmLj/NupStu3vAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUZRmciX8MRpTAtYbzSDPfG5ZjDn4wHwYDVR0jBBgwFoAUtDIP1437ak0ckjIv eUlmuFJd/dIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlRDQ0FU Vi90RElQMTQzN2FrMGNrakl2ZVVsbXVGSmRfZEkuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL3RESVAxNDM3YWswY2tqSXZlVWxtdUZKZF9kSS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05UQ0NBVFYvWlJtY2lYOE1ScFRBdFli elNEUGZHNVpqRG40LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AmeDrDANBgkqhkiG9w0BAQsFAAOCAQEApB55PGJ3Jtoykr1R1yBe7YHO+n8gFRhZ YSlvf0FU7ERpEVoGTcpn+HExyeDiOW9KREH+yi8FC6xxGTjup6lTAApeq2AEgyrj X2LUZKKMMj39ocoEaSqZpeqmCvZBQQ9aE3sHJ/PUx0RGg6YyqklsGuxpk7ioxDVJ wtu2hhc2ETzYwUycDC1d9l7j88PDD3zva2CaxihiwmQLlDXd1dVOuMpQuuG01Luj iiNTvGPRSag6YaJCP7rfuBD+QB7flD7qJAAxShzRNMGmyBSr2fhr8D+eijEM9UJ5 QcAH4dl16cwekclFsFZhDDO68ErKdwqETwYVpsjjw8Kmh+WLJB0kxA== -----END CERTIFICATE-----Generated at Sun Apr 6 13:07:12 2025 by rpki-client