$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/sRKzVbFnMQ_of4-hnYjVIQgKDbM.roa File: sRKzVbFnMQ_of4-hnYjVIQgKDbM.roa (raw, json) Hash identifier: jZ9tJh4bhpX4DOqnkh64BhSDHUHgX670DsMeRKEr7oo= Subject key identifier: B1:12:B3:55:B1:67:31:0F:E8:7F:8F:A1:9D:88:D5:21:08:0A:0D:B3 Certificate issuer: /CN=C28F57324E766BC5E9FA99C4D7AD4C40D3958FC6 Certificate serial: 0C60 Authority key identifier: C2:8F:57:32:4E:76:6B:C5:E9:FA:99:C4:D7:AD:4C:40:D3:95:8F:C6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/sRKzVbFnMQ_of4-hnYjVIQgKDbM.roa Signing time: Mon 10 Feb 2025 13:55:47 +0000 ROA not before: Mon 10 Feb 2025 13:55:47 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 133955 IP address blocks: 223.165.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 03:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3168 (0xc60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C28F57324E766BC5E9FA99C4D7AD4C40D3958FC6 Validity Not Before: Feb 10 13:55:47 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B112B355B167310FE87F8FA19D88D521080A0DB3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f0:de:af:92:68:c6:d2:1c:ee:37:c3:17:c6: f1:0b:d0:c7:9f:c7:81:94:b1:df:a6:53:ae:14:8d: 30:88:1f:69:99:3c:ed:bb:d1:63:d3:f1:81:cb:9c: 4c:fd:e0:f4:d3:9b:5d:c1:0c:c2:16:ea:e9:d5:b1: 1d:9f:30:1c:f2:08:21:fa:2b:f3:04:25:b8:bd:45: f2:a8:d0:53:02:6d:21:b2:64:95:73:8d:fd:49:4a: 73:15:45:23:f4:89:39:75:d1:79:6e:8c:ea:3a:6c: 73:b4:0e:d3:27:7e:56:22:13:69:cd:03:1c:47:52: 99:2a:b5:c1:e4:c7:65:b7:fc:fc:a5:ec:0b:0e:e6: 74:a9:6e:78:97:73:42:99:93:5a:d3:30:ca:8b:6e: 48:f8:90:ee:ed:70:03:48:57:5a:c1:5f:29:40:08: 69:9e:c6:d3:f2:15:9b:1b:7f:15:3e:9d:32:67:77: ed:3c:7b:bf:ae:22:2e:bf:24:56:f8:4b:78:e2:e6: aa:68:b0:61:d4:95:1b:b0:37:ac:7f:81:e9:d5:2c: 38:30:85:75:c5:f2:db:a7:64:a0:62:dd:87:e4:b7: a4:e8:58:3c:4c:c7:60:5e:a3:d5:81:15:ee:ef:3c: c3:81:4c:81:c2:4c:da:96:cd:0f:b7:89:95:28:02: 87:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:12:B3:55:B1:67:31:0F:E8:7F:8F:A1:9D:88:D5:21:08:0A:0D:B3 X509v3 Authority Key Identifier: keyid:C2:8F:57:32:4E:76:6B:C5:E9:FA:99:C4:D7:AD:4C:40:D3:95:8F:C6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/sRKzVbFnMQ_of4-hnYjVIQgKDbM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.165.9.0/24 Signature Algorithm: sha256WithRSAEncryption 76:5e:d9:0d:a6:5f:00:23:97:38:96:47:77:95:1d:64:7e:88: 2e:09:4a:2d:65:42:88:9f:05:2e:6b:2d:3c:26:03:91:39:f8: 91:50:e6:bd:93:4b:10:84:d9:f7:19:e2:8c:d3:6c:d2:d9:22: 28:4f:49:d8:aa:a0:e2:09:cd:0e:5f:9a:58:04:f0:c6:fa:ce: af:41:cc:e2:cc:ca:b2:5f:f7:e6:4b:2f:82:1c:5d:72:c1:9e: 62:b5:df:43:38:90:d7:34:e3:7b:5d:f1:68:38:29:40:97:70: 27:47:6a:31:17:dd:79:8b:92:3b:1b:3b:74:6e:2f:ca:25:21: ff:b8:38:d1:09:3c:4d:bf:8d:0a:69:bb:a5:d1:e5:b6:7d:1c: ad:9e:1c:58:b9:cf:2f:09:2c:9a:cc:89:e0:6c:b6:86:22:2e: 50:6e:d2:41:83:12:16:f3:9e:73:54:36:e5:64:94:ad:0f:b5: 9e:8a:52:62:14:fb:6f:2f:0f:c0:6f:12:19:4b:9b:26:f4:e2: 73:1e:f1:cd:10:52:de:4d:e0:fc:a9:bc:57:80:36:6a:ed:6b: 7f:34:17:e2:e5:f6:d6:bb:6c:17:1a:df:20:9b:36:f8:65:c6: 8b:77:3a:1c:6c:f7:a0:39:d9:c1:6e:25:e9:d4:61:5d:ba:46: fb:18:6e:2c -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzI4 RjU3MzI0RTc2NkJDNUU5RkE5OUM0RDdBRDRDNDBEMzk1OEZDNjAeFw0yNTAyMTAx MzU1NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIxMTJCMzU1QjE2NzMx MEZFODdGOEZBMTlEODhENTIxMDgwQTBEQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC28N6vkmjG0hzuN8MXxvEL0Mefx4GUsd+mU64UjTCIH2mZPO27 0WPT8YHLnEz94PTTm13BDMIW6unVsR2fMBzyCCH6K/MEJbi9RfKo0FMCbSGyZJVz jf1JSnMVRSP0iTl10XlujOo6bHO0DtMnflYiE2nNAxxHUpkqtcHkx2W3/Pyl7AsO 5nSpbniXc0KZk1rTMMqLbkj4kO7tcANIV1rBXylACGmextPyFZsbfxU+nTJnd+08 e7+uIi6/JFb4S3ji5qposGHUlRuwN6x/genVLDgwhXXF8tunZKBi3Yfkt6ToWDxM x2Beo9WBFe7vPMOBTIHCTNqWzQ+3iZUoAof7AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUsRKzVbFnMQ/of4+hnYjVIQgKDbMwHwYDVR0jBBgwFoAUwo9XMk52a8Xp+pnE 161MQNOVj8YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdELUNP TS1UVy93bzlYTWs1MmE4WHAtcG5FMTYxTVFOT1ZqOFkuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL3dvOVhNazUyYThYcC1wbkUxNjFNUU5PVmo4WS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXRC1DT00tVFcvc1JLelZiRm5N UV9vZjQtaG5ZalZJUWdLRGJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAN+lCTANBgkqhkiG9w0BAQsFAAOCAQEAdl7ZDaZfACOXOJZHd5UdZH6I LglKLWVCiJ8FLmstPCYDkTn4kVDmvZNLEITZ9xnijNNs0tkiKE9J2Kqg4gnNDl+a WATwxvrOr0HM4szKsl/35ksvghxdcsGeYrXfQziQ1zTje13xaDgpQJdwJ0dqMRfd eYuSOxs7dG4vyiUh/7g40Qk8Tb+NCmm7pdHltn0crZ4cWLnPLwksmsyJ4Gy2hiIu UG7SQYMSFvOec1Q25WSUrQ+1nopSYhT7by8PwG8SGUubJvTicx7xzRBS3k3g/Km8 V4A2au1rfzQX4uX21rtsFxrfIJs2+GXGi3c6HGz3oDnZwW4l6dRhXbpG+xhuLA== -----END CERTIFICATE-----Generated at Fri Apr 18 00:49:37 2025 by rpki-client