$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/D1bzjoH60-Q1IIbcdRQ5BbxBwfU.roa File: D1bzjoH60-Q1IIbcdRQ5BbxBwfU.roa (raw, json) Hash identifier: B81litXl6LWAkBOB6UiiOJjnR7HVlZMTw21zIPkVwuw= Subject key identifier: 0F:56:F3:8E:81:FA:D3:E4:35:20:86:DC:75:14:39:05:BC:41:C1:F5 Certificate issuer: /CN=87A4AFD9E7FC1FED4F9545DE41CE4413DACB0E05 Certificate serial: 0CFC Authority key identifier: 87:A4:AF:D9:E7:FC:1F:ED:4F:95:45:DE:41:CE:44:13:DA:CB:0E:05 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/D1bzjoH60-Q1IIbcdRQ5BbxBwfU.roa Signing time: Mon 10 Feb 2025 14:01:03 +0000 ROA not before: Mon 10 Feb 2025 14:01:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 62610 IP address blocks: 103.123.242.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3324 (0xcfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87A4AFD9E7FC1FED4F9545DE41CE4413DACB0E05 Validity Not Before: Feb 10 14:01:03 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0F56F38E81FAD3E4352086DC75143905BC41C1F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ec:99:14:1b:6e:e3:14:88:cb:8e:0e:61:2b: 3c:64:c3:6a:f6:a3:3c:c2:e6:3e:31:19:89:e7:cf: 34:09:37:36:43:5a:a3:70:3d:55:6a:09:08:36:3c: 0b:26:4a:d0:4b:9c:22:f0:a6:12:10:14:62:78:c4: f9:18:0d:3c:2b:8e:7b:c8:b9:18:75:2d:da:79:9d: a1:e0:e2:87:92:6b:f1:58:67:87:5b:ce:25:52:b5: 95:1e:db:cc:8c:64:77:36:78:bd:b5:31:b2:c5:23: 98:14:79:5a:85:bf:3b:f0:f5:5f:f7:f8:13:8d:94: c0:c8:03:ac:48:4c:f9:82:1b:b3:fd:c2:c1:8e:75: 08:95:93:fa:3a:74:2e:45:19:72:0b:54:dc:6b:24: 11:b2:f6:af:02:72:8e:42:2e:0f:d8:c6:db:91:80: f4:e3:98:3c:8c:f7:2b:87:77:3b:14:19:1f:16:11: c2:71:09:42:9a:cb:b8:7c:84:94:41:d4:c0:bc:97: 49:bc:ec:6b:ed:04:c8:72:fd:7a:ec:e0:61:09:9d: ab:d9:24:dc:e2:25:69:70:13:4f:23:ad:da:06:38: 5c:50:9e:f1:f4:86:98:4f:59:15:87:8a:11:32:5a: 64:b4:75:20:17:77:21:74:57:b0:7e:39:e0:2b:ac: 31:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:56:F3:8E:81:FA:D3:E4:35:20:86:DC:75:14:39:05:BC:41:C1:F5 X509v3 Authority Key Identifier: keyid:87:A4:AF:D9:E7:FC:1F:ED:4F:95:45:DE:41:CE:44:13:DA:CB:0E:05 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/D1bzjoH60-Q1IIbcdRQ5BbxBwfU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.123.242.0/23 Signature Algorithm: sha256WithRSAEncryption 89:df:bd:99:5f:31:f7:98:ab:f1:c1:4b:52:7b:41:9d:5e:da: ed:60:cd:97:b4:46:31:3f:47:c5:c3:5e:ae:73:75:38:21:3d: 9d:19:2b:d7:32:5c:78:27:0b:78:48:9f:b6:ce:66:92:6d:25: 39:02:8e:93:98:0b:fc:ff:17:9c:96:73:ec:78:0b:44:9e:04: de:0f:e8:ca:64:58:1b:39:23:d4:8f:56:e8:d4:e9:ed:06:0e: 02:ca:7e:f1:9f:09:f8:1a:af:d8:34:77:f3:24:73:3d:22:89: 3f:36:32:28:70:38:20:87:36:29:85:f5:e3:b3:7e:9a:5e:d1: 14:40:12:3e:0b:77:d8:e0:ed:33:bf:22:df:0c:a4:48:0d:ef: 76:10:09:f6:92:e1:6b:df:71:a9:66:30:b6:38:37:19:b3:17: 9f:81:79:ac:2b:c3:9a:c4:8b:cb:e4:11:3b:c2:fe:a3:45:50: 82:ac:77:ed:80:0a:9c:17:66:d9:c0:da:c8:ce:e4:a1:23:14: 61:4a:af:76:57:94:8f:64:8d:86:53:59:6f:b1:06:c8:63:ae: 40:2b:47:06:60:c2:eb:ea:7a:42:6f:31:0d:6e:92:35:fb:00: 6b:9f:16:ed:74:18:70:07:b8:22:10:00:67:10:bb:8f:36:b7: ca:4e:f8:32 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODdB NEFGRDlFN0ZDMUZFRDRGOTU0NURFNDFDRTQ0MTNEQUNCMEUwNTAeFw0yNTAyMTAx NDAxMDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBGNTZGMzhFODFGQUQz RTQzNTIwODZEQzc1MTQzOTA1QkM0MUMxRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH7JkUG27jFIjLjg5hKzxkw2r2ozzC5j4xGYnnzzQJNzZDWqNw PVVqCQg2PAsmStBLnCLwphIQFGJ4xPkYDTwrjnvIuRh1Ldp5naHg4oeSa/FYZ4db ziVStZUe28yMZHc2eL21MbLFI5gUeVqFvzvw9V/3+BONlMDIA6xITPmCG7P9wsGO dQiVk/o6dC5FGXILVNxrJBGy9q8Cco5CLg/YxtuRgPTjmDyM9yuHdzsUGR8WEcJx CUKay7h8hJRB1MC8l0m87GvtBMhy/Xrs4GEJnavZJNziJWlwE08jrdoGOFxQnvH0 hphPWRWHihEyWmS0dSAXdyF0V7B+OeArrDFZAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUD1bzjoH60+Q1IIbcdRQ5BbxBwfUwHwYDVR0jBBgwFoAUh6Sv2ef8H+1PlUXe Qc5EE9rLDgUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWVVBTkpI RU4vaDZTdjJlZjhILTFQbFVYZVFjNUVFOXJMRGdVLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9oNlN2MmVmOEgtMVBsVVhlUWM1RUU5ckxEZ1UuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ZVUFOSkhFTi9EMWJ6am9INjAtUTFJ SWJjZFJRNUJieEJ3ZlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ3vyMA0GCSqGSIb3DQEBCwUAA4IBAQCJ372ZXzH3mKvxwUtSe0GdXtrtYM2X tEYxP0fFw16uc3U4IT2dGSvXMlx4Jwt4SJ+2zmaSbSU5Ao6TmAv8/xeclnPseAtE ngTeD+jKZFgbOSPUj1bo1OntBg4Cyn7xnwn4Gq/YNHfzJHM9Iok/NjIocDgghzYp hfXjs36aXtEUQBI+C3fY4O0zvyLfDKRIDe92EAn2kuFr33GpZjC2ODcZsxefgXms K8OaxIvL5BE7wv6jRVCCrHftgAqcF2bZwNrIzuShIxRhSq92V5SPZI2GU1lvsQbI Y65AK0cGYMLr6npCbzENbpI1+wBrnxbtdBhwB7giEABnELuPNrfKTvgy -----END CERTIFICATE-----Generated at Sat Apr 5 17:35:59 2025 by rpki-client