$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/4rwk80QsCxvlNxOzy0A2WQTFkVs.roa File: 4rwk80QsCxvlNxOzy0A2WQTFkVs.roa (raw, json) Hash identifier: CHj2k89xHi1idAa49e2+0bw0vnYyN/9LU6WeGVxnfHE= Subject key identifier: E2:BC:24:F3:44:2C:0B:1B:E5:37:13:B3:CB:40:36:59:04:C5:91:5B Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Certificate serial: 0D24 Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/4rwk80QsCxvlNxOzy0A2WQTFkVs.roa Signing time: Mon 10 Feb 2025 14:23:30 +0000 ROA not before: Mon 10 Feb 2025 14:23:30 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131584 IP address blocks: 43.255.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3364 (0xd24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Validity Not Before: Feb 10 14:23:30 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E2BC24F3442C0B1BE53713B3CB40365904C5915B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:51:44:f3:ba:b2:3f:f1:b6:b0:41:92:e0:46: 45:06:6f:22:0e:3b:7b:87:44:e7:4f:15:9f:05:3d: 90:d2:de:2e:dd:e6:6f:2a:20:72:ce:af:80:70:9c: ca:2b:3c:66:74:d4:0b:5a:f5:26:c4:7d:db:ba:5a: eb:34:99:1d:d1:ff:e0:b5:16:11:46:94:87:fb:4b: 4f:3c:a4:1b:24:55:e1:fd:dd:49:f9:19:a8:c9:bf: ec:88:3b:fe:47:63:4b:29:5f:e3:17:43:fe:8e:0a: 23:6d:66:e3:56:b4:2f:9e:3a:02:10:f2:29:93:db: 63:6b:12:07:44:b7:2f:25:54:e5:32:1d:3b:92:fe: fa:a1:a1:6e:71:6a:e1:bf:d7:2c:28:42:6f:f7:f7: c0:d8:82:ce:f4:d9:80:62:8c:6a:9a:f4:ed:61:dc: b8:6d:fe:03:41:69:87:31:da:fc:d6:b0:64:ba:3c: 08:5d:ac:50:6c:76:e8:7a:43:cb:26:0f:f4:14:8f: 58:18:78:9f:d1:5b:0d:30:7f:d2:a5:a4:6b:c4:09: ff:da:3d:e0:1a:91:47:92:16:7d:2f:9b:87:54:9a: 79:a4:79:98:c7:f9:9f:71:31:24:22:19:65:7d:b0: 36:b1:72:3a:12:b0:80:7f:c9:98:4d:1b:32:b1:38: d8:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:BC:24:F3:44:2C:0B:1B:E5:37:13:B3:CB:40:36:59:04:C5:91:5B X509v3 Authority Key Identifier: keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/4rwk80QsCxvlNxOzy0A2WQTFkVs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.255.12.0/22 Signature Algorithm: sha256WithRSAEncryption a2:f4:38:8a:5a:a8:c6:b5:82:de:fc:70:b4:da:3d:de:2e:50: 73:e7:75:ef:1d:28:95:de:de:37:d2:e4:97:28:b6:c0:87:f3: b6:c2:e0:8e:4a:c2:4f:4b:1f:5e:48:55:3d:21:fc:90:69:80: 97:7c:4c:29:88:c7:65:da:20:ea:d7:67:53:31:63:e5:69:0a: d8:b3:bd:36:43:83:d8:43:36:fd:24:9e:c9:9f:8d:74:d7:06: c1:1a:31:e1:e7:d7:b3:ba:9f:c6:8f:68:6d:d2:9a:ea:e2:50: e3:ae:e0:e4:93:91:55:5b:c5:7c:dc:c4:dd:9f:e1:76:62:c7: 7d:ab:d6:7e:3e:03:4e:13:5b:6e:36:75:48:47:7a:c3:fb:70: 37:04:34:c9:b8:8a:af:23:14:d5:ca:0f:ba:55:9b:0d:fc:ce: af:1e:04:2e:88:a9:da:af:dc:00:40:51:85:6e:a7:12:91:91: 8b:38:71:c3:37:60:30:74:5e:48:da:26:5c:c7:c4:a2:8a:9d: 07:7f:83:ae:aa:b3:d4:a6:8b:68:a1:f8:36:17:78:92:9e:8f: 3d:6b:a6:79:52:46:13:5c:f6:a7:50:ca:b7:06:4c:7e:d9:3e: 53:71:62:fd:56:ae:d8:4a:79:5e:fd:d5:02:08:77:78:cb:ba: 68:c4:7f:14 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDSQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1 NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTAyMTAx NDIzMzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUyQkMyNEYzNDQyQzBC MUJFNTM3MTNCM0NCNDAzNjU5MDRDNTkxNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1UUTzurI/8bawQZLgRkUGbyIOO3uHROdPFZ8FPZDS3i7d5m8q IHLOr4BwnMorPGZ01Ata9SbEfdu6Wus0mR3R/+C1FhFGlIf7S088pBskVeH93Un5 GajJv+yIO/5HY0spX+MXQ/6OCiNtZuNWtC+eOgIQ8imT22NrEgdEty8lVOUyHTuS /vqhoW5xauG/1ywoQm/398DYgs702YBijGqa9O1h3Lht/gNBaYcx2vzWsGS6PAhd rFBsduh6Q8smD/QUj1gYeJ/RWw0wf9KlpGvECf/aPeAakUeSFn0vm4dUmnmkeZjH +Z9xMSQiGWV9sDaxcjoSsIB/yZhNGzKxONi/AgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU4rwk80QsCxvlNxOzy0A2WQTFkVswHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83 NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2LzRyd2s4MFFzQ3h2 bE54T3p5MEEyV1FURmtWcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAIr/wwwDQYJKoZIhvcNAQELBQADggEBAKL0OIpaqMa1gt78cLTaPd4uUHPn de8dKJXe3jfS5JcotsCH87bC4I5Kwk9LH15IVT0h/JBpgJd8TCmIx2XaIOrXZ1Mx Y+VpCtizvTZDg9hDNv0knsmfjXTXBsEaMeHn17O6n8aPaG3SmuriUOOu4OSTkVVb xXzcxN2f4XZix32r1n4+A04TW242dUhHesP7cDcENMm4iq8jFNXKD7pVmw38zq8e BC6Iqdqv3ABAUYVupxKRkYs4ccM3YDB0XkjaJlzHxKKKnQd/g66qs9Smi2ih+DYX eJKejz1rpnlSRhNc9qdQyrcGTH7ZPlNxYv1WrthKeV791QIId3jLumjEfxQ= -----END CERTIFICATE-----Generated at Mon Apr 7 20:54:09 2025 by rpki-client