$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/X8cg4bxOFGA3o2DkkQiqvIY2iGE.roa File: X8cg4bxOFGA3o2DkkQiqvIY2iGE.roa (raw, json) Hash identifier: pcT9UxwO4SkaxW0dlhEkMUZnRrQ/+pOcDxF190IKpwA= Subject key identifier: 5F:C7:20:E1:BC:4E:14:60:37:A3:60:E4:91:08:AA:BC:86:36:88:61 Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Certificate serial: 0D1E Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/X8cg4bxOFGA3o2DkkQiqvIY2iGE.roa Signing time: Mon 10 Feb 2025 14:23:28 +0000 ROA not before: Mon 10 Feb 2025 14:23:28 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131584 IP address blocks: 111.125.128.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 03:06:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3358 (0xd1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Validity Not Before: Feb 10 14:23:28 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5FC720E1BC4E146037A360E49108AABC86368861 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:7f:28:0e:df:ca:56:0b:f8:54:e1:29:0b:63: d4:a1:88:6f:01:22:9d:d7:26:ef:59:a3:c3:a4:bc: 24:2c:3a:b7:52:2a:fc:d9:e4:aa:0d:3e:b3:cf:fb: d8:fd:4b:38:05:53:28:61:0c:12:05:7f:75:59:e4: cc:0f:a3:1d:5b:ec:dd:f9:44:52:13:68:c4:ae:d0: ca:98:88:0a:3a:4d:ed:e6:10:aa:f1:f9:e8:c7:29: 34:8b:1f:d8:ed:ea:ca:60:40:bb:6f:b5:61:64:a5: 9a:ca:39:2b:32:78:97:b8:fe:c7:5c:14:e4:32:20: 23:81:18:84:f5:e4:2d:ff:d8:7a:ed:b2:84:36:cc: e4:c5:a6:b9:ca:ed:67:14:25:30:ad:b3:ca:4f:d9: 4f:a2:88:a1:44:74:97:73:66:71:93:65:bc:e3:cc: 23:8d:71:ec:a7:7a:c4:9e:bb:71:07:2b:5f:f3:a0: c3:9b:ac:b6:4f:75:6b:f8:d0:71:21:28:0f:4e:c2: bf:6a:7b:4f:fd:c4:34:cd:44:a3:f5:e7:2b:d0:4d: b6:f0:5d:a8:60:96:b4:f3:86:10:c4:eb:52:e9:51: dd:15:0f:42:ef:cc:3a:b3:1e:49:47:68:97:f9:d6: ee:57:8f:ce:9d:c9:a2:97:a8:01:2e:ee:42:99:07: b3:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:C7:20:E1:BC:4E:14:60:37:A3:60:E4:91:08:AA:BC:86:36:88:61 X509v3 Authority Key Identifier: keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/X8cg4bxOFGA3o2DkkQiqvIY2iGE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 111.125.128.0/21 Signature Algorithm: sha256WithRSAEncryption 42:af:17:7f:dd:d2:21:ef:83:ff:6a:bc:71:b0:cf:56:a2:5c: 7d:48:36:f0:52:fd:6c:86:4b:bd:48:eb:cc:76:72:2f:1e:12: 3a:18:fc:36:cd:e7:e5:48:d8:eb:08:92:a6:0f:cb:29:be:43: 8b:cf:d5:90:51:5a:05:f2:cd:cb:43:fb:e9:30:85:77:77:e1: 00:4a:00:27:50:82:91:7f:da:d5:6c:81:22:5f:1c:72:4a:19: f2:c8:dc:40:59:0d:3b:59:01:1a:d5:7b:75:b8:f2:7e:b0:38: 1d:bf:77:88:e8:d8:ce:27:7d:52:b1:14:03:b1:e6:da:39:ce: f1:28:3a:64:a6:7d:d6:a6:6b:9a:72:ed:2a:db:01:04:dd:60: 8b:32:65:d2:0d:24:ab:0c:fe:60:f8:f3:62:56:b0:c3:9d:69: eb:2b:bd:e8:14:70:eb:c2:a7:1c:61:6a:00:53:e5:4a:11:90: fb:02:6d:c0:17:67:5c:af:d2:8d:69:e6:bf:cd:49:da:0d:a0: f0:61:8a:d8:1c:3a:1c:f9:35:cc:45:18:a9:7d:64:cd:ad:63: 58:7b:49:1f:0f:b3:d6:0f:e3:ea:39:d1:2d:7c:f1:8d:14:a9: 5e:a6:49:e3:cc:61:ae:b1:8b:ed:ce:f0:5c:96:92:80:cd:b1: 82:78:92:9e -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1 NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTAyMTAx NDIzMjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVGQzcyMEUxQkM0RTE0 NjAzN0EzNjBFNDkxMDhBQUJDODYzNjg4NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClfygO38pWC/hU4SkLY9ShiG8BIp3XJu9Zo8OkvCQsOrdSKvzZ 5KoNPrPP+9j9SzgFUyhhDBIFf3VZ5MwPox1b7N35RFITaMSu0MqYiAo6Te3mEKrx +ejHKTSLH9jt6spgQLtvtWFkpZrKOSsyeJe4/sdcFOQyICOBGIT15C3/2HrtsoQ2 zOTFprnK7WcUJTCts8pP2U+iiKFEdJdzZnGTZbzjzCONceynesSeu3EHK1/zoMOb rLZPdWv40HEhKA9Owr9qe0/9xDTNRKP15yvQTbbwXahglrTzhhDE61LpUd0VD0Lv zDqzHklHaJf51u5Xj86dyaKXqAEu7kKZB7PzAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUX8cg4bxOFGA3o2DkkQiqvIY2iGEwHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83 NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L1g4Y2c0YnhPRkdB M28yRGtrUWlxdklZMmlHRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBANvfYAwDQYJKoZIhvcNAQELBQADggEBAEKvF3/d0iHvg/9qvHGwz1aiXH1I NvBS/WyGS71I68x2ci8eEjoY/DbN5+VI2OsIkqYPyym+Q4vP1ZBRWgXyzctD++kw hXd34QBKACdQgpF/2tVsgSJfHHJKGfLI3EBZDTtZARrVe3W48n6wOB2/d4jo2M4n fVKxFAOx5to5zvEoOmSmfdama5py7SrbAQTdYIsyZdINJKsM/mD482JWsMOdaesr vegUcOvCpxxhagBT5UoRkPsCbcAXZ1yv0o1p5r/NSdoNoPBhitgcOhz5NcxFGKl9 ZM2tY1h7SR8Ps9YP4+o50S188Y0UqV6mSePMYa6xi+3O8FyWkoDNsYJ4kp4= -----END CERTIFICATE-----Generated at Mon Apr 7 23:12:58 2025 by rpki-client