$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/104IT/-3Ur2oUwVZNIohHTsJcV6-RKpEE.roa File: -3Ur2oUwVZNIohHTsJcV6-RKpEE.roa (raw, json) Hash identifier: ri/atlU+5J7pqfMNnnvJuBjvnI9mHkiGC3ho5YTqMWw= Subject key identifier: FB:75:2B:DA:85:30:55:93:48:A2:11:D3:B0:97:15:EB:E4:4A:A4:41 Certificate issuer: /CN=D797D20CC7952CD68B3955AA36C401B1B34E2733 Certificate serial: 0C2E Authority key identifier: D7:97:D2:0C:C7:95:2C:D6:8B:39:55:AA:36:C4:01:B1:B3:4E:27:33 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/15fSDMeVLNaLOVWqNsQBsbNOJzM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/104IT/-3Ur2oUwVZNIohHTsJcV6-RKpEE.roa Signing time: Mon 10 Feb 2025 14:14:06 +0000 ROA not before: Mon 10 Feb 2025 14:14:06 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18410 IP address blocks: 202.8.14.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/104IT/15fSDMeVLNaLOVWqNsQBsbNOJzM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/104IT/15fSDMeVLNaLOVWqNsQBsbNOJzM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/15fSDMeVLNaLOVWqNsQBsbNOJzM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3118 (0xc2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D797D20CC7952CD68B3955AA36C401B1B34E2733 Validity Not Before: Feb 10 14:14:06 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=FB752BDA8530559348A211D3B09715EBE44AA441 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:6b:ea:c2:ae:c1:62:45:35:7c:e0:0a:e5:49: 3a:5d:a5:50:c0:f0:96:ff:d4:c4:de:75:dd:6a:24: ce:10:b4:59:47:e4:fc:d1:64:ef:f6:62:bf:c4:9e: 00:52:2c:6d:d8:e6:01:2c:9f:bb:3d:37:36:3b:1d: 39:74:4b:e3:fc:45:c0:91:b7:82:21:70:d9:de:55: a5:bb:9c:1f:b1:8e:5d:b3:24:32:58:3a:6f:ef:fe: 10:7b:7f:81:92:61:57:a9:99:3a:35:30:ef:6e:b6: 09:b4:9e:3b:01:7d:2c:e4:b6:7f:4a:a7:1a:e9:c4: 74:7a:a8:e8:77:05:bc:ae:76:ee:61:f7:9e:fe:83: 44:30:03:07:d8:78:e3:af:2f:bf:8d:52:3e:d3:dc: 91:72:ae:d8:09:0f:d1:c3:ab:67:51:5d:10:8e:c8: 3d:64:f5:a1:50:f6:99:ee:45:e2:35:fa:f9:db:04: f6:81:40:5b:e0:7f:9c:94:5d:b2:57:87:65:68:6a: 4f:77:34:6d:3e:b9:51:bd:b1:41:b7:7c:fa:80:47: 37:2a:05:53:34:6c:e5:31:83:8b:c0:fd:55:4b:91: 2a:3b:03:71:66:18:85:0a:03:c6:0b:a1:6d:08:0d: a8:60:c2:44:0a:1e:9e:27:82:6e:1f:6a:8f:4f:d2: b2:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:75:2B:DA:85:30:55:93:48:A2:11:D3:B0:97:15:EB:E4:4A:A4:41 X509v3 Authority Key Identifier: keyid:D7:97:D2:0C:C7:95:2C:D6:8B:39:55:AA:36:C4:01:B1:B3:4E:27:33 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/104IT/15fSDMeVLNaLOVWqNsQBsbNOJzM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/15fSDMeVLNaLOVWqNsQBsbNOJzM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/104IT/-3Ur2oUwVZNIohHTsJcV6-RKpEE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.8.14.0/23 Signature Algorithm: sha256WithRSAEncryption 02:f6:96:f9:06:db:3f:c9:9f:ff:0e:18:d7:26:86:12:e9:f6: 0a:3a:8a:60:2d:4d:bb:96:ea:b8:ff:ad:6e:d9:c2:49:5e:3e: 3b:79:b5:f7:3a:1b:fb:9e:55:bd:2e:72:0b:e3:99:57:c9:2e: 3a:dd:06:07:16:9b:a2:d9:7b:80:84:9a:44:1e:e2:f4:cb:b4: e2:82:05:36:09:34:7e:af:8d:1a:89:6c:91:65:56:22:c8:89: 3f:a1:85:6e:8c:99:a0:a4:1b:e0:db:b7:8a:ed:13:b8:81:09: 44:5e:86:2c:c7:35:10:f2:72:54:9f:03:1a:53:83:0a:e3:47: c4:e8:66:59:8c:7e:be:3f:b0:ae:97:ca:06:db:32:06:4b:5c: 76:fd:b0:b2:a7:df:b7:25:c5:67:86:4d:63:05:c3:44:88:9a: 87:55:1f:eb:e9:83:56:d9:db:e9:4a:74:30:e7:4e:0b:24:2c: 45:1e:9b:7a:7f:13:4b:f9:32:ca:3a:eb:3a:85:d2:e5:e6:ed: e7:24:f9:01:13:65:b8:e1:00:8c:e2:6e:b9:02:8d:82:95:73: ce:96:15:f0:96:72:72:8c:1f:28:03:49:a2:7d:c1:df:84:09: 17:78:d2:96:a3:0a:a2:92:aa:89:d2:3f:1a:f7:26:ed:54:3b: dc:ac:f6:3d -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDc5 N0QyMENDNzk1MkNENjhCMzk1NUFBMzZDNDAxQjFCMzRFMjczMzAeFw0yNTAyMTAx NDE0MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZCNzUyQkRBODUzMDU1 OTM0OEEyMTFEM0IwOTcxNUVCRTQ0QUE0NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZa+rCrsFiRTV84ArlSTpdpVDA8Jb/1MTedd1qJM4QtFlH5PzR ZO/2Yr/EngBSLG3Y5gEsn7s9NzY7HTl0S+P8RcCRt4IhcNneVaW7nB+xjl2zJDJY Om/v/hB7f4GSYVepmTo1MO9utgm0njsBfSzktn9KpxrpxHR6qOh3Bbyudu5h957+ g0QwAwfYeOOvL7+NUj7T3JFyrtgJD9HDq2dRXRCOyD1k9aFQ9pnuReI1+vnbBPaB QFvgf5yUXbJXh2Voak93NG0+uVG9sUG3fPqARzcqBVM0bOUxg4vA/VVLkSo7A3Fm GIUKA8YLoW0IDahgwkQKHp4ngm4fao9P0rL9AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU+3Ur2oUwVZNIohHTsJcV6+RKpEEwHwYDVR0jBBgwFoAU15fSDMeVLNaLOVWq NsQBsbNOJzMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMTA0SVQv MTVmU0RNZVZMTmFMT1ZXcU5zUUJzYk5PSnpNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8xNWZTRE1lVkxOYUxPVldxTnNRQnNiTk9Kek0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS8xMDRJVC8tM1VyMm9Vd1ZaTklvaEhUc0pj VjYtUktwRUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQByggO MA0GCSqGSIb3DQEBCwUAA4IBAQAC9pb5Bts/yZ//DhjXJoYS6fYKOopgLU27luq4 /61u2cJJXj47ebX3Ohv7nlW9LnIL45lXyS463QYHFpui2XuAhJpEHuL0y7TiggU2 CTR+r40aiWyRZVYiyIk/oYVujJmgpBvg27eK7RO4gQlEXoYsxzUQ8nJUnwMaU4MK 40fE6GZZjH6+P7Cul8oG2zIGS1x2/bCyp9+3JcVnhk1jBcNEiJqHVR/r6YNW2dvp SnQw504LJCxFHpt6fxNL+TLKOus6hdLl5u3nJPkBE2W44QCM4m65Ao2ClXPOlhXw lnJyjB8oA0mifcHfhAkXeNKWowqikqqJ0j8a9ybtVDvcrPY9 -----END CERTIFICATE-----Generated at Wed Feb 19 22:04:14 2025 by rpki-client