$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/bZ38zQcdYSHchR8L2_tYf7GKYY8.roa File: bZ38zQcdYSHchR8L2_tYf7GKYY8.roa (raw, json) Hash identifier: fnlV8ih9uOLQaNJx28/gJpVXsmvINxVIZ8817ZkQVxQ= Subject key identifier: 6D:9D:FC:CD:07:1D:61:21:DC:85:1F:0B:DB:FB:58:7F:B1:8A:61:8F Certificate issuer: /CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB Certificate serial: 08A4 Authority key identifier: 2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/bZ38zQcdYSHchR8L2_tYf7GKYY8.roa Signing time: Mon 10 Feb 2025 14:03:49 +0000 ROA not before: Mon 10 Feb 2025 14:03:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131674 IP address blocks: 103.149.64.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2212 (0x8a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB Validity Not Before: Feb 10 14:03:49 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=6D9DFCCD071D6121DC851F0BDBFB587FB18A618F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:69:af:d1:e0:b0:4d:5a:ff:43:8d:ed:0f:66: aa:c0:38:40:2d:4f:63:8e:6d:44:b8:7f:d5:37:cf: 81:57:36:00:b8:9e:be:db:83:04:75:97:ab:22:d4: a5:a0:bd:46:7d:0e:bd:38:e5:bc:2c:e5:53:d9:83: e6:ca:ae:80:3e:6a:10:25:6a:26:0d:fe:c4:e8:46: 96:fb:b6:6a:2a:78:81:33:9a:d4:b5:ee:31:6f:cf: ae:ad:58:36:8d:11:6f:cf:10:c8:f1:19:6a:c8:2f: 1a:13:bc:af:68:26:8f:19:f4:a6:a5:57:eb:f5:13: eb:ac:cf:cc:4e:8c:ab:23:e4:14:e0:2b:e2:61:28: 0e:7f:db:7e:0b:88:2c:4f:8e:4d:d9:67:bf:d7:2e: 50:77:69:0e:66:d9:67:e0:7e:c2:79:97:65:f2:48: 79:62:45:f7:1a:c1:7a:57:1a:79:02:cd:9a:48:4f: 1f:4d:8e:e2:19:c0:26:19:2d:ac:93:32:d6:0e:2c: 94:e8:57:d2:85:50:c4:dc:0d:97:b6:a8:9f:04:45: 2f:89:49:0c:0f:9d:0e:ca:c6:3b:50:ef:9a:e1:90: 8c:8a:1c:a0:f0:9d:53:82:f4:cc:30:bf:ad:12:83: e9:6c:c8:15:72:2f:df:68:05:14:0c:f1:d9:8e:14: 86:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:9D:FC:CD:07:1D:61:21:DC:85:1F:0B:DB:FB:58:7F:B1:8A:61:8F X509v3 Authority Key Identifier: keyid:2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/bZ38zQcdYSHchR8L2_tYf7GKYY8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.149.64.0/23 Signature Algorithm: sha256WithRSAEncryption 44:f9:c8:55:4e:f0:92:98:95:44:60:26:a8:a6:1e:e1:1a:0b: 6b:29:61:63:42:61:ac:0d:01:99:72:2a:93:0a:72:c3:8f:d6: 3c:93:21:a1:92:30:fa:d7:b1:b9:20:2e:42:d1:46:f0:6c:74: 12:b5:31:84:07:26:df:d6:84:f1:7c:a3:b8:8d:8a:d4:60:7e: 4b:3f:70:1a:63:92:e1:8c:62:5a:b5:a6:21:4b:bf:26:5a:08: 54:a5:a3:d8:ca:92:2e:15:4a:06:ed:9a:fd:11:ba:70:e9:ea: a9:a1:41:5a:ae:cd:01:c1:16:7e:a0:1e:3b:3f:85:61:f6:ba: d6:32:8b:f6:1d:e6:55:09:04:bb:53:60:c7:be:39:40:90:8a: 09:dc:54:80:83:2d:9a:f4:72:0f:45:21:47:5e:c8:8c:ed:cd: 7e:3e:cf:f7:b3:ce:0b:ed:69:7d:28:1b:80:72:e2:22:ba:60: bd:8c:89:c8:92:d4:66:27:4b:ac:fa:72:ff:c4:ba:da:4b:e6: 9c:a0:75:b0:a6:ec:6d:e8:f1:0c:f5:3e:bf:d6:b5:1c:7f:89: 37:b2:06:0c:fa:9a:57:45:8b:68:b8:13:46:6f:0b:34:db:6c: dd:82:d3:64:af:da:18:99:81:7c:80:c1:ee:45:06:c9:c7:f0: d5:b1:fd:1d -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICCKQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF RjJCM0MzQTlBMUI1M0MxNkMxQzcwRTU1MTFBRDU5MDMyODRGQjAeFw0yNTAyMTAx NDAzNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDZEOURGQ0NEMDcxRDYx MjFEQzg1MUYwQkRCRkI1ODdGQjE4QTYxOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCcaa/R4LBNWv9Dje0PZqrAOEAtT2OObUS4f9U3z4FXNgC4nr7b gwR1l6si1KWgvUZ9Dr045bws5VPZg+bKroA+ahAlaiYN/sToRpb7tmoqeIEzmtS1 7jFvz66tWDaNEW/PEMjxGWrILxoTvK9oJo8Z9KalV+v1E+usz8xOjKsj5BTgK+Jh KA5/234LiCxPjk3ZZ7/XLlB3aQ5m2WfgfsJ5l2XySHliRfcawXpXGnkCzZpITx9N juIZwCYZLayTMtYOLJToV9KFUMTcDZe2qJ8ERS+JSQwPnQ7KxjtQ75rhkIyKHKDw nVOC9Mwwv60Sg+lsyBVyL99oBRQM8dmOFIbzAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUbZ38zQcdYSHchR8L2/tYf7GKYY8wHwYDVR0jBBgwFoAULe8rPDqaG1PBbBxw 5VEa1ZAyhPswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTkZP Ui9MZThyUERxYUcxUEJiQnh3NVZFYTFaQXloUHMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0xlOHJQRHFhRzFQQmJCeHc1VkVhMVpBeWhQcy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL09QRU5GT1IvYlozOHpRY2RZU0hjaFI4 TDJfdFlmN0dLWVk4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AWeVQDANBgkqhkiG9w0BAQsFAAOCAQEARPnIVU7wkpiVRGAmqKYe4RoLaylhY0Jh rA0BmXIqkwpyw4/WPJMhoZIw+texuSAuQtFG8Gx0ErUxhAcm39aE8XyjuI2K1GB+ Sz9wGmOS4YxiWrWmIUu/JloIVKWj2MqSLhVKBu2a/RG6cOnqqaFBWq7NAcEWfqAe Oz+FYfa61jKL9h3mVQkEu1Ngx745QJCKCdxUgIMtmvRyD0UhR17IjO3Nfj7P97PO C+1pfSgbgHLiIrpgvYyJyJLUZidLrPpy/8S62kvmnKB1sKbsbejxDPU+v9a1HH+J N7IGDPqaV0WLaLgTRm8LNNts3YLTZK/aGJmBfIDB7kUGycfw1bH9HQ== -----END CERTIFICATE-----Generated at Fri Apr 18 22:33:30 2025 by rpki-client