$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/P6xWQEgDgpXJDs8fq5UOJZcaPGg.roa File: P6xWQEgDgpXJDs8fq5UOJZcaPGg.roa (raw, json) Hash identifier: sO3W4pfC8RKbINstWl/Pv5RYUevKOnZa3OQHxJQS7Jk= Subject key identifier: 3F:AC:56:40:48:03:82:95:C9:0E:CF:1F:AB:95:0E:25:97:1A:3C:68 Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Certificate serial: 0D1F Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/P6xWQEgDgpXJDs8fq5UOJZcaPGg.roa Signing time: Mon 10 Feb 2025 14:23:28 +0000 ROA not before: Mon 10 Feb 2025 14:23:28 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 101.3.106.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3359 (0xd1f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Validity Not Before: Feb 10 14:23:28 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=3FAC564048038295C90ECF1FAB950E25971A3C68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:20:aa:25:ef:cc:f3:0c:17:6e:0e:6d:eb:bc: 01:53:2d:6e:57:de:46:95:44:da:97:90:bb:68:0c: 03:46:3a:84:b3:08:03:8e:53:86:96:97:7d:61:97: 26:0e:11:bd:fd:61:24:b8:df:a4:19:c0:5f:f7:50: 78:77:d5:d4:c6:02:9a:be:f3:a1:e8:ff:2c:6c:ba: 79:90:9f:ea:fd:72:78:c6:6a:44:73:b7:ed:08:57: b7:dc:ae:67:aa:91:07:b4:d1:2e:1b:23:a1:fa:bf: 36:bc:37:d4:d3:5f:fe:dc:ca:e8:26:77:86:96:1d: 2f:e5:74:58:50:26:27:b2:2c:43:1c:a1:60:33:df: 1a:0b:6a:34:58:31:76:eb:fa:f8:1b:7d:09:72:92: f2:67:66:b1:f8:04:cc:98:b7:ef:85:10:94:2a:7d: f5:04:2a:9c:41:0a:6f:f8:37:94:e2:15:f6:2c:21: c5:6f:ed:c1:a1:b9:26:4a:da:d3:b1:26:bd:d6:42: f8:8f:e4:d7:1a:ab:61:24:b4:99:62:19:1a:32:c8: 93:17:88:75:79:90:c2:db:34:13:c7:82:0e:4f:a6: 72:8c:59:04:77:4c:67:c2:a4:6d:02:e5:8d:cc:3c: f3:65:f8:67:20:f9:fc:d8:be:02:45:85:c3:94:77: af:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:AC:56:40:48:03:82:95:C9:0E:CF:1F:AB:95:0E:25:97:1A:3C:68 X509v3 Authority Key Identifier: keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/P6xWQEgDgpXJDs8fq5UOJZcaPGg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.3.106.0/23 Signature Algorithm: sha256WithRSAEncryption 60:4e:7f:db:ae:0e:77:e5:60:88:bf:db:1f:84:df:54:4e:7a: 00:09:bc:12:15:60:fc:67:db:44:35:18:7f:05:16:bd:3b:57: 16:e6:2f:df:8b:aa:67:ad:3d:69:c5:cd:76:70:96:51:5e:c4: c9:76:03:38:e7:ba:dd:3a:a3:5e:02:c7:b4:a7:76:e3:9a:3d: a2:0e:d7:5f:e1:2f:da:a6:99:ed:47:d0:4e:bd:b5:09:07:11: e4:ad:f9:1a:a2:cd:ce:05:c8:83:e3:27:51:af:cb:01:8f:f8: ca:ba:a1:9c:65:02:24:c3:68:1f:d4:44:bf:5f:46:c1:81:51: af:5d:2d:21:f6:5a:a1:93:b3:d4:7b:c8:50:16:84:77:af:82: 28:f3:05:0c:a6:12:38:f9:94:2a:e8:b3:ef:9a:74:0d:68:c1: ca:0a:02:07:b3:a6:dd:c3:c8:b9:1a:c1:57:bb:19:b7:9b:ad: 9d:dd:a9:14:25:a3:f1:8c:f3:d0:14:47:f8:d3:10:21:fb:b3: 53:02:ed:18:91:d2:db:69:c5:f3:59:7d:7c:74:57:59:5f:9a: f4:6a:5f:52:4d:5e:41:88:97:db:eb:93:83:e9:09:0a:be:b1: 1e:c3:d2:e5:8b:a3:50:dc:69:78:ac:38:ef:80:7d:02:10:35: a5:37:ad:a5 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1 NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTAyMTAx NDIzMjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNGQUM1NjQwNDgwMzgy OTVDOTBFQ0YxRkFCOTUwRTI1OTcxQTNDNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMIKol78zzDBduDm3rvAFTLW5X3kaVRNqXkLtoDANGOoSzCAOO U4aWl31hlyYOEb39YSS436QZwF/3UHh31dTGApq+86Ho/yxsunmQn+r9cnjGakRz t+0IV7fcrmeqkQe00S4bI6H6vza8N9TTX/7cyugmd4aWHS/ldFhQJieyLEMcoWAz 3xoLajRYMXbr+vgbfQlykvJnZrH4BMyYt++FEJQqffUEKpxBCm/4N5TiFfYsIcVv 7cGhuSZK2tOxJr3WQviP5Ncaq2EktJliGRoyyJMXiHV5kMLbNBPHgg5PpnKMWQR3 TGfCpG0C5Y3MPPNl+Gcg+fzYvgJFhcOUd6/pAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUP6xWQEgDgpXJDs8fq5UOJZcaPGgwHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83 NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L1A2eFdRRWdEZ3BY SkRzOGZxNVVPSlpjYVBHZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAFlA2owDQYJKoZIhvcNAQELBQADggEBAGBOf9uuDnflYIi/2x+E31ROegAJ vBIVYPxn20Q1GH8FFr07VxbmL9+LqmetPWnFzXZwllFexMl2Azjnut06o14Cx7Sn duOaPaIO11/hL9qmme1H0E69tQkHEeSt+Rqizc4FyIPjJ1GvywGP+Mq6oZxlAiTD aB/URL9fRsGBUa9dLSH2WqGTs9R7yFAWhHevgijzBQymEjj5lCros++adA1owcoK Agezpt3DyLkawVe7GbebrZ3dqRQlo/GM89AUR/jTECH7s1MC7RiR0ttpxfNZfXx0 V1lfmvRqX1JNXkGIl9vrk4PpCQq+sR7D0uWLo1DcaXisOO+AfQIQNaU3raU= -----END CERTIFICATE-----Generated at Sat Apr 5 16:36:22 2025 by rpki-client