$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3S_Wg0Wwe4wOBPgIyxz_matljRo.roa File: 3S_Wg0Wwe4wOBPgIyxz_matljRo.roa (raw, json) Hash identifier: RwoqadB7SccFCKH4W664FNOOvNBYL50kkTDujjQfEz8= Subject key identifier: DD:2F:D6:83:45:B0:7B:8C:0E:04:F8:08:CB:1C:FF:99:AB:65:8D:1A Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0D57 Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3S_Wg0Wwe4wOBPgIyxz_matljRo.roa Signing time: Mon 10 Feb 2025 14:13:12 +0000 ROA not before: Mon 10 Feb 2025 14:13:12 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131596 IP address blocks: 123.240.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3415 (0xd57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Feb 10 14:13:12 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DD2FD68345B07B8C0E04F808CB1CFF99AB658D1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:8d:16:d1:63:83:ac:c2:27:01:41:95:af:32: d7:0b:06:a5:da:8d:f9:2f:0d:19:6d:6f:91:f8:d3: 5e:2d:9d:52:32:87:ac:ea:85:b9:c2:41:f5:f5:36: dd:4f:ae:3d:14:ed:b1:bf:d0:20:48:77:10:2d:f5: 8d:29:d5:29:47:c8:8e:c3:ac:5e:0d:b3:5e:49:b9: a7:3f:72:ca:fb:5e:b6:73:80:23:be:f0:cd:e5:e6: 4c:9c:1c:d9:aa:8f:05:6f:ad:d5:4f:ca:b8:ae:f6: 39:1b:ee:a6:32:00:49:48:f8:b8:ec:3e:1a:f1:da: ff:bc:8a:d8:52:b2:8f:76:41:4d:2d:af:7a:2b:75: 76:30:58:3a:6c:c4:65:7b:82:3e:3c:29:9e:a6:3c: dd:96:24:3b:50:de:59:52:52:04:e0:24:f3:df:19: 45:a8:d4:5a:78:64:fe:6a:fe:2b:ca:c2:64:14:5f: 11:29:9b:79:40:ac:3a:2d:b7:97:c3:36:f6:b2:27: ee:af:fc:84:24:0b:13:bd:dc:b7:59:bd:64:69:99: 91:ee:aa:63:38:7d:08:c7:c6:38:54:fc:58:2f:e0: 66:aa:3c:25:39:e1:7d:89:78:5d:38:2d:f6:fb:4c: 89:2c:fe:57:2a:6c:43:cb:f5:07:72:ee:3e:33:63: ce:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:2F:D6:83:45:B0:7B:8C:0E:04:F8:08:CB:1C:FF:99:AB:65:8D:1A X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3S_Wg0Wwe4wOBPgIyxz_matljRo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.240.0.0/15 Signature Algorithm: sha256WithRSAEncryption 2c:e6:8c:a0:ca:3b:16:3c:26:4f:dd:d4:4a:ac:52:f4:f3:68: ec:d9:00:f8:58:43:c7:1d:42:70:7d:72:b2:79:b5:60:37:be: 97:dc:6d:5a:34:cd:36:a5:ec:30:d8:a9:38:47:92:9d:de:b2: 87:f5:e0:16:4e:91:06:bb:fa:86:43:dc:be:e2:1a:b5:e6:fa: 61:ef:20:18:c3:3f:d6:17:02:ce:e6:89:91:56:70:4f:a1:96: 74:fb:ac:0f:fe:d4:5b:e8:a6:4f:2b:95:5c:52:93:88:ae:48: 6d:27:44:3c:7f:92:7a:10:17:36:7d:98:18:d5:fa:05:37:76: 59:16:31:7c:17:be:ad:e6:0b:52:f1:fb:a8:8b:f9:82:c1:b9: eb:2a:a2:b8:a7:84:f9:06:f0:88:71:0f:0e:53:71:5d:49:a4: b3:db:fd:9a:a3:62:74:bd:e3:8b:7b:cd:c0:2f:e3:7c:41:27: 4c:8e:4b:72:84:cb:da:78:a8:ee:06:c1:29:cb:47:8e:54:a7: c6:8a:74:46:ce:c6:75:3a:e6:86:e7:50:7e:5e:40:ad:52:4a: 3a:0f:5c:c2:29:63:c1:ae:78:42:23:3b:76:6f:53:d3:7e:df: fa:a0:f8:b9:ff:0e:d9:ee:65:a4:ef:7f:7d:8f:f5:fd:16:80: 7e:c0:ab:92 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx NDEzMTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEREMkZENjgzNDVCMDdC OEMwRTA0RjgwOENCMUNGRjk5QUI2NThEMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9jRbRY4OswicBQZWvMtcLBqXajfkvDRltb5H4014tnVIyh6zq hbnCQfX1Nt1Prj0U7bG/0CBIdxAt9Y0p1SlHyI7DrF4Ns15Juac/csr7XrZzgCO+ 8M3l5kycHNmqjwVvrdVPyriu9jkb7qYyAElI+LjsPhrx2v+8ithSso92QU0tr3or dXYwWDpsxGV7gj48KZ6mPN2WJDtQ3llSUgTgJPPfGUWo1Fp4ZP5q/ivKwmQUXxEp m3lArDott5fDNvayJ+6v/IQkCxO93LdZvWRpmZHuqmM4fQjHxjhU/Fgv4GaqPCU5 4X2JeF04Lfb7TIks/lcqbEPL9Qdy7j4zY84jAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU3S/Wg0Wwe4wOBPgIyxz/matljRowHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS8zU19XZzBXd2U0d09CUGdJeXh6 X21hdGxqUm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBe/Aw DQYJKoZIhvcNAQELBQADggEBACzmjKDKOxY8Jk/d1EqsUvTzaOzZAPhYQ8cdQnB9 crJ5tWA3vpfcbVo0zTal7DDYqThHkp3esof14BZOkQa7+oZD3L7iGrXm+mHvIBjD P9YXAs7miZFWcE+hlnT7rA/+1Fvopk8rlVxSk4iuSG0nRDx/knoQFzZ9mBjV+gU3 dlkWMXwXvq3mC1Lx+6iL+YLBuesqorinhPkG8IhxDw5TcV1JpLPb/ZqjYnS944t7 zcAv43xBJ0yOS3KEy9p4qO4GwSnLR45Up8aKdEbOxnU65obnUH5eQK1SSjoPXMIp Y8GueEIjO3ZvU9N+3/qg+Ln/DtnuZaTvf32P9f0WgH7Aq5I= -----END CERTIFICATE-----Generated at Fri Apr 18 22:23:56 2025 by rpki-client