$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dAAQQQ1IkK2moTZydq0jJ3uVREk.roa File: dAAQQQ1IkK2moTZydq0jJ3uVREk.roa (raw, json) Hash identifier: DFYGkNN+ntzFPTnRJbT9vtX0Z5g8DRLCRnSk2wK0Jkw= Subject key identifier: 74:00:10:41:0D:48:90:AD:A6:A1:36:72:76:AD:23:27:7B:95:44:49 Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 12FE Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dAAQQQ1IkK2moTZydq0jJ3uVREk.roa Signing time: Mon 10 Feb 2025 14:08:58 +0000 ROA not before: Mon 10 Feb 2025 14:08:58 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24164 IP address blocks: 203.65.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 21:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4862 (0x12fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Feb 10 14:08:58 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=740010410D4890ADA6A1367276AD23277B954449 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ef:81:0a:b3:1b:c1:ee:89:1d:b3:cd:f7:a5: 71:7e:fe:28:7c:8f:d9:14:8d:7d:55:cb:42:ba:77: e5:2c:5a:13:0f:28:72:c9:07:b5:ec:fa:85:c5:39: d8:d6:06:6f:fe:90:33:f5:18:7e:a4:99:cd:d8:31: 24:d0:a8:e5:8f:77:b9:fb:74:c5:f5:0e:b7:30:66: 88:c2:d7:a6:d4:25:c8:fa:bf:b6:34:c5:38:49:21: 37:86:b5:ad:30:1a:fb:96:c6:08:ac:aa:77:d1:ff: 73:8d:b8:a5:da:87:0f:e8:38:36:56:8c:e2:fd:4c: 5f:97:db:4e:1a:c8:26:19:82:ca:bf:2b:41:ba:5b: ba:9a:1c:b9:39:92:dc:59:0d:b1:87:52:19:5e:9a: c9:dc:99:51:9e:02:30:c5:49:9e:ee:8a:6b:81:4e: 18:4e:03:26:bc:77:2d:7f:e8:af:d5:2c:db:c7:b7: a6:cc:92:2c:04:e9:d3:f3:e0:5e:13:5a:84:2b:0f: 5e:e4:37:c1:50:d7:1b:8c:0e:03:f3:87:ed:df:04: 67:ef:28:1e:d4:c0:cd:1d:84:ac:c4:11:cb:d1:45: af:04:ec:aa:ec:61:fe:ef:af:68:37:8d:9a:a3:b5: fa:46:00:7b:9f:3a:96:67:0a:df:f0:68:99:e4:29: 7b:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:00:10:41:0D:48:90:AD:A6:A1:36:72:76:AD:23:27:7B:95:44:49 X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/dAAQQQ1IkK2moTZydq0jJ3uVREk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.65.172.0/24 Signature Algorithm: sha256WithRSAEncryption 66:01:d6:e9:56:68:1c:ab:5e:1b:40:74:fd:3e:75:f6:43:f4: 58:e6:c5:6b:0c:c2:0c:1c:5b:b4:4c:80:34:47:c1:41:cf:4e: bb:52:3a:cc:ea:80:ea:b2:39:59:a2:42:93:98:72:cc:4a:e2: 10:fd:f6:10:0a:0e:de:23:30:34:ad:a9:e5:72:a1:40:15:b1: 1d:ee:66:ad:38:62:69:74:09:df:e5:73:05:27:3a:08:27:7e: df:4e:ac:70:2e:af:7b:03:53:52:dd:1b:96:e3:8f:56:49:7c: 7d:16:44:d7:ad:d4:ce:9e:03:09:1e:93:91:2f:5a:7a:fc:ac: 77:a3:78:03:59:9e:ba:4f:0e:4a:f3:17:9d:d3:c4:f2:7e:0f: fe:b4:db:16:d3:45:fd:fd:c7:83:6d:f8:bc:44:36:b8:16:5b: c3:e8:83:d3:12:a5:29:07:f5:b3:3e:69:5d:17:d9:8f:94:74: 42:06:f7:57:be:01:de:5a:9e:fb:6c:db:8d:8f:58:7e:29:a1: 24:f4:55:b9:65:94:1b:7d:e9:57:f1:43:f0:13:9d:be:d4:eb: 7d:1d:56:a1:d4:73:ff:ca:cb:bc:2c:b3:43:20:02:ca:87:ce: e6:6b:20:22:22:1e:7b:5b:33:8b:62:0f:fb:86:80:24:89:c7: 0f:f3:60:e4 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx NDA4NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc0MDAxMDQxMEQ0ODkw QURBNkExMzY3Mjc2QUQyMzI3N0I5NTQ0NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDR74EKsxvB7okds833pXF+/ih8j9kUjX1Vy0K6d+UsWhMPKHLJ B7Xs+oXFOdjWBm/+kDP1GH6kmc3YMSTQqOWPd7n7dMX1DrcwZojC16bUJcj6v7Y0 xThJITeGta0wGvuWxgisqnfR/3ONuKXahw/oODZWjOL9TF+X204ayCYZgsq/K0G6 W7qaHLk5ktxZDbGHUhlemsncmVGeAjDFSZ7uimuBThhOAya8dy1/6K/VLNvHt6bM kiwE6dPz4F4TWoQrD17kN8FQ1xuMDgPzh+3fBGfvKB7UwM0dhKzEEcvRRa8E7Krs Yf7vr2g3jZqjtfpGAHufOpZnCt/waJnkKXvZAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUdAAQQQ1IkK2moTZydq0jJ3uVREkwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvZEFBUVFRMUlrSzJtb1Ra eWRxMGpKM3VWUkVrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AMtBrDANBgkqhkiG9w0BAQsFAAOCAQEAZgHW6VZoHKteG0B0/T519kP0WObFawzC DBxbtEyANEfBQc9Ou1I6zOqA6rI5WaJCk5hyzEriEP32EAoO3iMwNK2p5XKhQBWx He5mrThiaXQJ3+VzBSc6CCd+306scC6vewNTUt0bluOPVkl8fRZE163Uzp4DCR6T kS9aevysd6N4A1meuk8OSvMXndPE8n4P/rTbFtNF/f3Hg234vEQ2uBZbw+iD0xKl KQf1sz5pXRfZj5R0Qgb3V74B3lqe+2zbjY9YfimhJPRVuWWUG33pV/FD8BOdvtTr fR1WodRz/8rLvCyzQyACyofO5msgIiIee1szi2IP+4aAJInHD/Ng5A== -----END CERTIFICATE-----Generated at Tue Apr 8 16:54:02 2025 by rpki-client