$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/Tj1JcjVfJ5Gpt9_OxwJVFGvORSY.roa File: Tj1JcjVfJ5Gpt9_OxwJVFGvORSY.roa (raw, json) Hash identifier: Z1W5IY0JvwlKvAKZttcyAvJzdNzNoLh8eDtRvir2F2s= Subject key identifier: 4E:3D:49:72:35:5F:27:91:A9:B7:DF:CE:C7:02:55:14:6B:CE:45:26 Certificate issuer: /CN=01A53261B2001FA7EB57793E2E579B7322F8E76A Certificate serial: 0D6B Authority key identifier: 01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/Tj1JcjVfJ5Gpt9_OxwJVFGvORSY.roa Signing time: Mon 10 Feb 2025 13:51:07 +0000 ROA not before: Mon 10 Feb 2025 13:51:07 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9676 IP address blocks: 61.65.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 18:08:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3435 (0xd6b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01A53261B2001FA7EB57793E2E579B7322F8E76A Validity Not Before: Feb 10 13:51:07 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4E3D4972355F2791A9B7DFCEC70255146BCE4526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:ab:fa:83:14:ae:a7:84:28:39:7a:af:64:3f: 17:85:5d:0d:52:07:19:43:2b:9a:9e:1e:89:55:96: fa:e3:28:7a:28:f7:33:11:9f:c5:2c:a0:83:b7:5a: 51:b4:63:ac:e2:77:6d:b5:f0:f0:8e:2f:d7:a8:ec: 54:b4:d9:03:bc:02:71:b1:de:5c:72:a6:23:ea:14: 11:07:b8:6f:6e:d6:1d:01:89:1d:22:56:10:77:1b: fd:1d:80:e2:6f:32:99:73:04:21:13:bf:1d:3f:c0: 63:9e:d6:78:24:10:47:ea:34:62:04:ac:5c:d2:06: d7:dc:11:90:3f:1b:d9:bb:1c:20:98:66:be:8b:d5: e0:2e:d6:9a:7e:2f:b5:f4:7b:0c:51:cc:19:86:67: 92:35:04:dc:e9:3a:77:3f:58:95:2e:6b:6b:cc:51: 00:7d:01:d6:76:5e:7f:24:5a:86:c5:2d:3b:84:da: 80:7e:2a:47:82:41:e4:b6:c8:7d:a3:96:af:2f:5b: a0:65:8e:72:bb:7c:b1:84:3a:6a:11:be:37:37:4b: 7e:35:18:0d:9e:51:7d:8a:1b:36:71:fe:58:2a:4e: 14:b0:30:33:f5:f6:03:5e:4c:b7:05:69:f2:2c:13: 31:5a:62:67:2b:af:72:3f:f3:97:93:66:f4:73:88: c8:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:3D:49:72:35:5F:27:91:A9:B7:DF:CE:C7:02:55:14:6B:CE:45:26 X509v3 Authority Key Identifier: keyid:01:A5:32:61:B2:00:1F:A7:EB:57:79:3E:2E:57:9B:73:22:F8:E7:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/AaUyYbIAH6frV3k-LlebcyL452o.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AaUyYbIAH6frV3k-LlebcyL452o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAVECOM/Tj1JcjVfJ5Gpt9_OxwJVFGvORSY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.65.128.0/18 Signature Algorithm: sha256WithRSAEncryption 2f:bd:a6:35:24:8b:64:69:bb:6c:79:c0:8a:fa:19:2f:8f:79: fe:9d:b8:ba:7c:29:85:d0:3e:94:c3:50:af:0a:c6:b7:58:83: d5:c8:8a:8d:7f:56:fe:54:b5:63:3e:5c:b8:eb:61:b3:1a:30: 3f:db:a1:b4:b3:d6:f7:4b:76:b8:62:ce:f5:86:7b:66:58:a3: a3:20:24:70:c9:5f:75:a1:04:31:d3:b8:7c:68:a6:c9:b4:bc: 7b:0d:f3:97:36:fe:e1:00:80:2d:74:8f:e1:1d:32:c3:5c:52: 34:14:05:ec:53:09:ac:dd:ac:b9:8d:7b:6f:8f:03:e4:ce:26: fe:29:5e:5f:49:32:66:b9:b1:40:fd:35:e3:e3:8e:b7:cb:ee: ed:fc:c9:1e:06:8c:d6:00:6f:e1:e9:65:5a:3f:6b:b8:f3:d8: f5:80:7a:d1:37:cc:35:00:0e:f1:4e:57:87:80:04:17:62:54: 28:1d:6b:0b:b5:1d:3c:c4:af:22:07:45:ba:f8:c8:1b:32:b4: eb:c6:0d:70:78:78:4f:5e:e1:c5:6f:da:22:a9:ad:6d:93:c0: 4b:01:a6:4b:99:d0:28:cb:37:91:19:52:35:2c:12:85:03:8a: 00:62:dd:cf:f2:83:6c:0a:ae:c8:17:23:01:5f:05:d1:b1:0d: af:ed:59:06 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDFB NTMyNjFCMjAwMUZBN0VCNTc3OTNFMkU1NzlCNzMyMkY4RTc2QTAeFw0yNTAyMTAx MzUxMDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRFM0Q0OTcyMzU1RjI3 OTFBOUI3REZDRUM3MDI1NTE0NkJDRTQ1MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkq/qDFK6nhCg5eq9kPxeFXQ1SBxlDK5qeHolVlvrjKHoo9zMR n8UsoIO3WlG0Y6zid2218PCOL9eo7FS02QO8AnGx3lxypiPqFBEHuG9u1h0BiR0i VhB3G/0dgOJvMplzBCETvx0/wGOe1ngkEEfqNGIErFzSBtfcEZA/G9m7HCCYZr6L 1eAu1pp+L7X0ewxRzBmGZ5I1BNzpOnc/WJUua2vMUQB9AdZ2Xn8kWobFLTuE2oB+ KkeCQeS2yH2jlq8vW6BljnK7fLGEOmoRvjc3S341GA2eUX2KGzZx/lgqThSwMDP1 9gNeTLcFafIsEzFaYmcrr3I/85eTZvRziMhRAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUTj1JcjVfJ5Gpt9/OxwJVFGvORSYwHwYDVR0jBBgwFoAUAaUyYbIAH6frV3k+ LlebcyL452owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FWRUNP TS9BYVV5WWJJQUg2ZnJWM2stTGxlYmN5TDQ1Mm8uY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0FhVXlZYklBSDZmclYzay1MbGViY3lMNDUyby5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBVkVDT00vVGoxSmNqVmZKNUdwdDlf T3h3SlZGR3ZPUlNZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME Bj1BgDANBgkqhkiG9w0BAQsFAAOCAQEAL72mNSSLZGm7bHnAivoZL495/p24unwp hdA+lMNQrwrGt1iD1ciKjX9W/lS1Yz5cuOthsxowP9uhtLPW90t2uGLO9YZ7Zlij oyAkcMlfdaEEMdO4fGimybS8ew3zlzb+4QCALXSP4R0yw1xSNBQF7FMJrN2suY17 b48D5M4m/ileX0kyZrmxQP014+OOt8vu7fzJHgaM1gBv4ellWj9ruPPY9YB60TfM NQAO8U5Xh4AEF2JUKB1rC7UdPMSvIgdFuvjIGzK068YNcHh4T17hxW/aIqmtbZPA SwGmS5nQKMs3kRlSNSwShQOKAGLdz/KDbAquyBcjAV8F0bENr+1ZBg== -----END CERTIFICATE-----Generated at Thu Apr 17 13:21:58 2025 by rpki-client