$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/vzlwbBcl0hrDR3Ilc6cvcyRqi8k.roa File: vzlwbBcl0hrDR3Ilc6cvcyRqi8k.roa (raw, json) Hash identifier: Ti2SJuxALnH5LX+wXCK65hVf+yGdRjUqHeZ3+DqcSQQ= Subject key identifier: BF:39:70:6C:17:25:D2:1A:C3:47:72:25:73:A7:2F:73:24:6A:8B:C9 Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 12F2 Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/vzlwbBcl0hrDR3Ilc6cvcyRqi8k.roa Signing time: Mon 10 Feb 2025 14:08:55 +0000 ROA not before: Mon 10 Feb 2025 14:08:55 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24164 IP address blocks: 203.77.0.0/19 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 21:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4850 (0x12f2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Feb 10 14:08:55 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=BF39706C1725D21AC347722573A72F73246A8BC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8e:9d:d6:cc:78:71:d5:b4:68:58:75:fe:6a: fa:19:7f:a5:7b:6c:50:a0:ed:17:61:5c:93:99:52: ee:3c:12:cc:da:b0:81:0e:69:6e:cf:42:1e:a2:af: 54:03:2f:86:e2:5d:23:7e:73:10:4d:4a:a9:8e:3b: 07:ca:df:73:f0:10:71:b5:93:fc:f0:6d:10:ab:ab: 32:32:1e:77:ef:49:8b:6d:23:df:04:7a:47:3f:c7: ac:0d:04:da:34:5a:2d:0e:23:c7:ac:07:ff:ee:47: 83:9e:62:1c:3a:bd:f8:eb:4c:99:01:19:20:15:7d: af:4e:41:30:3f:14:d8:5a:c5:2f:a7:77:03:e5:a5: 10:93:cf:0a:5a:49:c7:3b:12:23:f4:b4:79:4c:62: d6:49:67:52:aa:3a:ef:1b:bd:ff:9f:46:7e:d7:5e: 01:50:19:6e:e5:76:20:74:b1:d2:8d:bd:e9:57:d7: 77:90:d2:f5:9c:68:74:23:d5:0e:59:92:d5:28:1a: 6a:46:13:f6:f6:c7:17:3d:fe:a2:65:1f:de:fc:48: c8:5a:c9:82:49:66:83:af:85:c0:d1:af:4a:0a:aa: a2:86:77:39:0f:d7:4c:b9:80:17:be:59:29:b0:88: 44:fa:56:12:0e:80:c2:8f:a6:18:f7:a4:24:f2:d0: fc:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:39:70:6C:17:25:D2:1A:C3:47:72:25:73:A7:2F:73:24:6A:8B:C9 X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/vzlwbBcl0hrDR3Ilc6cvcyRqi8k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.77.0.0/19 Signature Algorithm: sha256WithRSAEncryption 7d:11:4e:3a:9d:5e:b1:dc:27:8b:16:8b:eb:61:6f:6c:8b:81: 31:ad:09:f5:b3:81:40:86:54:1c:d6:be:96:62:d4:84:ae:36: b3:bf:ff:b7:03:86:e3:6a:1b:86:47:4b:71:a1:bf:cf:13:66: 66:a4:86:82:8d:52:e3:1c:54:31:c8:fa:5f:83:1e:fb:75:fc: 25:ce:0e:e5:d6:b0:fb:14:da:05:47:64:3d:55:45:74:f7:8c: 85:b9:2f:54:c5:1d:4c:9f:6a:11:05:0a:a3:61:b6:7f:f4:9d: b3:f3:0b:84:a9:74:a7:4f:ff:a9:6d:63:a9:e3:f3:d0:47:9a: d8:08:9e:d3:1e:f0:73:f1:fd:20:43:81:fd:bf:74:d3:8d:01: 3f:0a:a3:61:21:2c:ee:ba:a1:29:d8:af:db:80:46:8c:2f:73: 9d:90:71:4f:4c:32:ea:28:e3:18:6c:55:9b:a3:eb:fe:2c:1b: 6e:67:59:09:25:ff:08:c4:5d:1d:4a:62:fa:0a:20:11:14:74: 46:2c:17:df:6c:81:27:c8:56:b8:51:55:b5:9a:81:ae:61:e5: b7:ec:d2:f4:73:2d:a3:4f:ed:40:15:74:a4:85:79:75:b6:8a: 99:a6:94:5a:92:08:b5:cc:69:da:b7:82:29:8a:65:28:c7:46: 11:c4:5c:c0 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx NDA4NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJGMzk3MDZDMTcyNUQy MUFDMzQ3NzIyNTczQTcyRjczMjQ2QThCQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7jp3WzHhx1bRoWHX+avoZf6V7bFCg7RdhXJOZUu48EszasIEO aW7PQh6ir1QDL4biXSN+cxBNSqmOOwfK33PwEHG1k/zwbRCrqzIyHnfvSYttI98E ekc/x6wNBNo0Wi0OI8esB//uR4OeYhw6vfjrTJkBGSAVfa9OQTA/FNhaxS+ndwPl pRCTzwpaScc7EiP0tHlMYtZJZ1KqOu8bvf+fRn7XXgFQGW7ldiB0sdKNvelX13eQ 0vWcaHQj1Q5ZktUoGmpGE/b2xxc9/qJlH978SMhayYJJZoOvhcDRr0oKqqKGdzkP 10y5gBe+WSmwiET6VhIOgMKPphj3pCTy0PxdAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUvzlwbBcl0hrDR3Ilc6cvcyRqi8kwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvdnpsd2JCY2wwaHJEUjNJ bGM2Y3ZjeVJxaThrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BctNADANBgkqhkiG9w0BAQsFAAOCAQEAfRFOOp1esdwnixaL62FvbIuBMa0J9bOB QIZUHNa+lmLUhK42s7//twOG42obhkdLcaG/zxNmZqSGgo1S4xxUMcj6X4Me+3X8 Jc4O5daw+xTaBUdkPVVFdPeMhbkvVMUdTJ9qEQUKo2G2f/Sds/MLhKl0p0//qW1j qePz0Eea2Aie0x7wc/H9IEOB/b90040BPwqjYSEs7rqhKdiv24BGjC9znZBxT0wy 6ijjGGxVm6Pr/iwbbmdZCSX/CMRdHUpi+gogERR0RiwX32yBJ8hWuFFVtZqBrmHl t+zS9HMto0/tQBV0pIV5dbaKmaaUWpIItcxp2reCKYplKMdGEcRcwA== -----END CERTIFICATE-----Generated at Tue Apr 8 16:59:06 2025 by rpki-client