$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TTNS/gW89KoRn_R_KYmfRly6NuqPV7Ac.roa File: gW89KoRn_R_KYmfRly6NuqPV7Ac.roa (raw, json) Hash identifier: MRW2RqtyWCt7DYOH0RsKazzcZbAAeoRidW9Qbi0WiJQ= Subject key identifier: 81:6F:3D:2A:84:67:FD:1F:CA:62:67:D1:97:2E:8D:BA:A3:D5:EC:07 Certificate issuer: /CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94 Certificate serial: 028C Authority key identifier: 29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/gW89KoRn_R_KYmfRly6NuqPV7Ac.roa Signing time: Mon 10 Feb 2025 14:05:47 +0000 ROA not before: Mon 10 Feb 2025 14:05:47 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 132369 IP address blocks: 103.159.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 652 (0x28c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94 Validity Not Before: Feb 10 14:05:47 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=816F3D2A8467FD1FCA6267D1972E8DBAA3D5EC07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:3d:42:84:02:ea:99:a2:67:34:7f:e1:13:c5: 73:0e:17:d9:c8:fc:18:9f:75:18:8a:be:17:97:6f: ad:fd:22:70:3a:2e:9b:33:e4:5c:bf:26:b8:eb:6b: 8e:04:cb:24:c5:99:2f:c9:13:08:81:42:f2:61:89: 24:51:b7:2e:56:f3:dd:cd:ec:6d:d2:b4:e5:ec:4f: 27:0c:d3:52:32:ce:c6:1d:8f:17:54:a5:4d:75:ee: 99:27:6d:10:23:3a:e3:3e:1c:1e:37:d1:aa:fa:e3: 47:c0:92:5b:11:20:1d:ec:2e:c5:48:87:50:58:1a: 8b:ed:e2:a8:fc:fb:26:71:7a:a9:83:0a:cc:c8:8a: 3f:a1:b8:13:30:7e:5f:0f:08:b8:24:6a:01:b5:22: 4b:a5:c9:32:c6:75:36:ab:be:8d:77:04:3c:83:6e: 7e:76:9c:11:bb:51:1b:fd:75:21:27:58:38:6d:04: 30:0a:6e:88:93:54:4e:40:a7:96:b2:65:81:c3:d8: 10:04:2e:91:f0:97:29:25:24:e6:cf:3e:24:8c:09: 9c:8b:2f:66:83:87:37:dd:09:87:53:f6:7e:20:54: a1:e5:04:b9:68:ae:4d:56:7e:b6:cf:9c:50:78:ce: 76:d7:ed:c9:6f:dd:50:be:21:38:c8:fb:50:d5:50: 37:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:6F:3D:2A:84:67:FD:1F:CA:62:67:D1:97:2E:8D:BA:A3:D5:EC:07 X509v3 Authority Key Identifier: keyid:29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/gW89KoRn_R_KYmfRly6NuqPV7Ac.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.159.206.0/23 Signature Algorithm: sha256WithRSAEncryption 16:e0:89:60:d4:a5:4c:d0:06:a6:88:3f:03:14:d7:79:05:9b: b5:7e:74:d1:31:18:cf:dc:fe:ad:ae:22:ae:61:2d:0e:27:eb: 05:d7:38:53:34:66:31:92:6f:f0:1b:33:69:db:80:92:58:f9: d5:0f:67:b7:43:e6:86:1c:fe:f2:f7:b8:8c:c9:59:3b:57:5b: 14:9c:ca:67:d0:70:69:db:2e:a7:79:c9:e7:32:b1:7e:c3:ae: 12:6d:96:83:10:1e:c4:68:c0:b3:77:b9:ea:50:55:31:fa:9f: 1f:03:a7:17:2e:03:1d:c9:70:b4:a9:1e:97:d1:cb:c4:d7:bf: a0:11:f9:89:96:45:13:48:4b:f5:a7:d3:a9:66:2c:4e:ad:79: 01:c4:12:14:20:08:3a:b6:c1:78:67:8a:fa:29:0e:07:3c:11: a4:4e:cd:09:5d:ea:22:90:50:25:b0:28:ab:b0:49:0d:36:53: d6:a2:80:95:f0:07:67:d7:54:9c:00:98:49:64:72:c1:4c:d3: 5b:9b:f8:3b:da:dd:01:df:6c:09:3d:2a:76:45:ce:cf:c6:f2: 75:52:c8:25:43:1f:9e:84:1b:57:d7:07:b6:49:b6:fb:6c:4e: a4:16:c1:f6:5d:22:4a:ae:ef:f5:70:cf:15:79:0d:92:2b:9e: d5:a5:75:79 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICAowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk4 RUQyRkQ2QUQ1QzVCNTY4N0RGNjE0QTI3NUMyRkM4NDhENEU5NDAeFw0yNTAyMTAx NDA1NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgxNkYzRDJBODQ2N0ZE MUZDQTYyNjdEMTk3MkU4REJBQTNENUVDMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRPUKEAuqZomc0f+ETxXMOF9nI/BifdRiKvheXb639InA6Lpsz 5Fy/Jrjra44EyyTFmS/JEwiBQvJhiSRRty5W893N7G3StOXsTycM01IyzsYdjxdU pU117pknbRAjOuM+HB430ar640fAklsRIB3sLsVIh1BYGovt4qj8+yZxeqmDCszI ij+huBMwfl8PCLgkagG1IkulyTLGdTarvo13BDyDbn52nBG7URv9dSEnWDhtBDAK boiTVE5Ap5ayZYHD2BAELpHwlyklJObPPiSMCZyLL2aDhzfdCYdT9n4gVKHlBLlo rk1WfrbPnFB4znbX7clv3VC+ITjI+1DVUDf/AgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUgW89KoRn/R/KYmfRly6NuqPV7AcwHwYDVR0jBBgwFoAUKY7S/WrVxbVoffYU onXC/ISNTpQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFROUy9L WTdTX1dyVnhiVm9mZllVb25YQ19JU05UcFEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0tZN1NfV3JWeGJWb2ZmWVVvblhDX0lTTlRwUS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1RUTlMvZ1c4OUtvUm5fUl9LWW1mUmx5Nk51 cVBWN0FjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWefzjAN BgkqhkiG9w0BAQsFAAOCAQEAFuCJYNSlTNAGpog/AxTXeQWbtX500TEYz9z+ra4i rmEtDifrBdc4UzRmMZJv8BszaduAklj51Q9nt0Pmhhz+8ve4jMlZO1dbFJzKZ9Bw adsup3nJ5zKxfsOuEm2WgxAexGjAs3e56lBVMfqfHwOnFy4DHclwtKkel9HLxNe/ oBH5iZZFE0hL9afTqWYsTq15AcQSFCAIOrbBeGeK+ikOBzwRpE7NCV3qIpBQJbAo q7BJDTZT1qKAlfAHZ9dUnACYSWRywUzTW5v4O9rdAd9sCT0qdkXOz8bydVLIJUMf noQbV9cHtkm2+2xOpBbB9l0iSq7v9XDPFXkNkiue1aV1eQ== -----END CERTIFICATE-----Generated at Fri Apr 18 23:44:58 2025 by rpki-client