$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TTNS/X_pEjmc3RvupcKYDHkPGsrTa9qg.roa File: X_pEjmc3RvupcKYDHkPGsrTa9qg.roa (raw, json) Hash identifier: kfhF5SE+seSmiTPzxtt8W8OVQXvh72zmXSSex8tMlqQ= Subject key identifier: 5F:FA:44:8E:67:37:46:FB:A9:70:A6:03:1E:43:C6:B2:B4:DA:F6:A8 Certificate issuer: /CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94 Certificate serial: 028D Authority key identifier: 29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/X_pEjmc3RvupcKYDHkPGsrTa9qg.roa Signing time: Mon 10 Feb 2025 14:05:47 +0000 ROA not before: Mon 10 Feb 2025 14:05:47 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 31972 IP address blocks: 103.159.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 653 (0x28d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94 Validity Not Before: Feb 10 14:05:47 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5FFA448E673746FBA970A6031E43C6B2B4DAF6A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:34:80:30:99:e0:cc:ff:cd:e1:cb:f5:ae:32: ad:01:26:4a:75:94:66:ca:81:0e:d5:61:af:15:9f: 0a:1c:76:7f:2f:6d:ff:4f:c0:20:8d:9f:46:18:34: ca:d7:45:df:17:0f:3e:26:4d:a0:d9:59:1f:ca:e7: de:4d:9e:31:a7:51:12:4e:0c:d5:21:4a:fa:66:71: c1:c4:be:11:c7:b8:c8:1b:84:ac:48:62:40:d7:d2: 01:2c:2b:11:c2:5c:f9:80:a4:62:bc:83:96:a9:f5: 72:a2:fb:50:0d:5a:88:bd:4a:cf:a3:6c:d4:13:c2: 1e:0c:ff:31:c4:ca:6c:31:cb:61:3d:41:7f:4f:75: 1f:bb:95:34:cd:1a:95:a0:61:c5:ef:45:73:1a:17: a5:3d:95:ca:65:7b:15:8b:10:f8:f8:b0:3e:2c:0f: a8:53:80:d2:15:e5:09:c6:0d:f2:9a:8c:bf:32:9e: 4f:e3:52:7c:bd:63:0d:38:be:76:53:93:4a:3f:14: a4:78:9d:cc:0a:60:32:57:a1:ec:a1:96:cc:43:dd: 57:33:62:30:ff:43:91:9e:78:a8:06:a8:a9:b7:d7: b0:07:41:c9:26:cb:3c:e8:0b:54:c2:1c:2d:6e:4d: 68:23:1a:1a:bd:1e:9f:b5:9f:7f:dd:6c:4e:eb:1d: d8:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:FA:44:8E:67:37:46:FB:A9:70:A6:03:1E:43:C6:B2:B4:DA:F6:A8 X509v3 Authority Key Identifier: keyid:29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/X_pEjmc3RvupcKYDHkPGsrTa9qg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.159.206.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:45:59:fa:d2:2d:db:9a:d7:20:44:c9:d9:8f:d4:a6:c4:b6: 36:ac:d0:27:84:df:c5:5e:bc:2a:d0:ce:93:88:d3:41:ca:ad: 79:77:0d:41:3b:0b:d1:30:dd:db:24:3f:67:c6:eb:70:6c:90: 62:dd:9f:8e:63:7d:6b:95:1a:9f:6f:83:ac:dd:f0:da:40:d8: 77:eb:45:38:80:8f:8a:6a:3a:10:ac:0a:d6:74:52:5f:fa:87: 9c:e9:ee:6d:38:96:68:71:a8:ee:e5:dc:bb:f5:20:d7:cc:d4: 0d:10:b2:4b:7b:05:7e:de:5f:41:be:15:12:a5:d2:64:7a:ed: f1:88:95:2b:1e:fd:76:6c:d1:2c:85:cb:78:42:c6:7a:96:83: 23:21:ed:d1:58:f0:9d:9e:16:5b:eb:72:7c:20:59:62:0a:a2: 13:3b:f9:65:73:36:75:5f:95:45:c2:67:9d:46:9e:4f:22:63: 96:cd:54:27:c2:b8:f2:f0:51:dc:fd:04:6d:73:58:92:b0:39: d4:d3:e3:a0:88:8a:91:1a:4e:c8:5c:65:83:4d:c0:ef:3b:73: b6:57:a1:54:dc:57:dc:e4:cf:7f:92:0f:a6:cf:f2:cd:b2:0e: 08:03:d0:aa:ee:d6:6c:5e:a8:f2:d3:c3:62:7b:3f:a5:21:03: 21:e5:cb:a0 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICAo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk4 RUQyRkQ2QUQ1QzVCNTY4N0RGNjE0QTI3NUMyRkM4NDhENEU5NDAeFw0yNTAyMTAx NDA1NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVGRkE0NDhFNjczNzQ2 RkJBOTcwQTYwMzFFNDNDNkIyQjREQUY2QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzNIAwmeDM/83hy/WuMq0BJkp1lGbKgQ7VYa8Vnwocdn8vbf9P wCCNn0YYNMrXRd8XDz4mTaDZWR/K595NnjGnURJODNUhSvpmccHEvhHHuMgbhKxI YkDX0gEsKxHCXPmApGK8g5ap9XKi+1ANWoi9Ss+jbNQTwh4M/zHEymwxy2E9QX9P dR+7lTTNGpWgYcXvRXMaF6U9lcplexWLEPj4sD4sD6hTgNIV5QnGDfKajL8ynk/j Uny9Yw04vnZTk0o/FKR4ncwKYDJXoeyhlsxD3VczYjD/Q5GeeKgGqKm317AHQckm yzzoC1TCHC1uTWgjGhq9Hp+1n3/dbE7rHdizAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUX/pEjmc3RvupcKYDHkPGsrTa9qgwHwYDVR0jBBgwFoAUKY7S/WrVxbVoffYU onXC/ISNTpQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFROUy9L WTdTX1dyVnhiVm9mZllVb25YQ19JU05UcFEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0tZN1NfV3JWeGJWb2ZmWVVvblhDX0lTTlRwUS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1RUTlMvWF9wRWptYzNSdnVwY0tZREhrUEdz clRhOXFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWefzjAN BgkqhkiG9w0BAQsFAAOCAQEATEVZ+tIt25rXIETJ2Y/UpsS2NqzQJ4TfxV68KtDO k4jTQcqteXcNQTsL0TDd2yQ/Z8brcGyQYt2fjmN9a5Uan2+DrN3w2kDYd+tFOICP imo6EKwK1nRSX/qHnOnubTiWaHGo7uXcu/Ug18zUDRCyS3sFft5fQb4VEqXSZHrt 8YiVKx79dmzRLIXLeELGepaDIyHt0VjwnZ4WW+tyfCBZYgqiEzv5ZXM2dV+VRcJn nUaeTyJjls1UJ8K48vBR3P0EbXNYkrA51NPjoIiKkRpOyFxlg03A7ztztlehVNxX 3OTPf5IPps/yzbIOCAPQqu7WbF6o8tPDYns/pSEDIeXLoA== -----END CERTIFICATE-----Generated at Fri Apr 18 23:57:41 2025 by rpki-client