$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/CAHAZ2CreYoMO2Bk-TfhM8zK4Ps.roa File: CAHAZ2CreYoMO2Bk-TfhM8zK4Ps.roa (raw, json) Hash identifier: 8o6uocS9k3Z392PT43DVZJhSZgqTxUsAAleKrSvqL40= Subject key identifier: 08:01:C0:67:60:AB:79:8A:0C:3B:60:64:F9:37:E1:33:CC:CA:E0:FB Certificate issuer: /CN=23E0C44033B500F78931D123EBD9F35E9AE17DC4 Certificate serial: 117F Authority key identifier: 23:E0:C4:40:33:B5:00:F7:89:31:D1:23:EB:D9:F3:5E:9A:E1:7D:C4 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/I-DEQDO1APeJMdEj69nzXprhfcQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/CAHAZ2CreYoMO2Bk-TfhM8zK4Ps.roa Signing time: Mon 10 Feb 2025 14:20:05 +0000 ROA not before: Mon 10 Feb 2025 14:20:05 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131635 IP address blocks: 103.127.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/I-DEQDO1APeJMdEj69nzXprhfcQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/I-DEQDO1APeJMdEj69nzXprhfcQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/I-DEQDO1APeJMdEj69nzXprhfcQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4479 (0x117f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23E0C44033B500F78931D123EBD9F35E9AE17DC4 Validity Not Before: Feb 10 14:20:05 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0801C06760AB798A0C3B6064F937E133CCCAE0FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:89:51:6c:fe:fa:69:78:56:c0:77:af:1b:16: 55:a4:d4:b5:0d:58:cf:7e:c7:f2:24:c1:f4:9a:84: 45:67:e7:4d:66:8d:e0:88:b3:e7:cf:7d:46:3b:7a: 47:e0:ff:7d:b0:38:d0:df:c3:52:fd:01:ec:7a:64: 3c:53:21:ae:1d:e0:52:77:bc:d3:7b:19:0d:b3:22: a9:9b:b8:52:9a:25:ea:02:ad:47:57:35:cc:ce:f2: 93:82:30:66:82:52:b7:a4:55:e3:65:b5:5f:b1:4c: 8c:2c:d6:8c:ed:94:d8:59:69:8c:d2:1c:ad:67:0c: fe:da:be:56:10:69:40:30:cb:38:1d:b7:fa:12:86: 37:b8:7c:4c:65:2e:7d:d7:fb:4a:29:14:17:69:c3: e7:2a:4a:b4:4e:f3:5c:b9:98:88:9a:a7:f3:8f:f3: 8e:cd:2d:53:74:2c:be:31:19:b1:d6:6d:44:a6:d2: ca:f6:a9:8f:e3:bb:8b:ea:06:4c:d8:1a:56:a7:ab: 0f:37:e7:4c:64:55:a5:e2:6e:c0:ed:17:b7:c6:b5: 7d:41:2f:21:74:a2:9d:55:c5:1d:8c:cf:52:cf:ea: 60:36:f1:b1:7f:65:8f:e8:2a:c5:03:05:cf:62:89: 9e:02:41:d1:16:f4:e7:6d:9f:86:cb:ae:57:b1:6f: 54:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:01:C0:67:60:AB:79:8A:0C:3B:60:64:F9:37:E1:33:CC:CA:E0:FB X509v3 Authority Key Identifier: keyid:23:E0:C4:40:33:B5:00:F7:89:31:D1:23:EB:D9:F3:5E:9A:E1:7D:C4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/I-DEQDO1APeJMdEj69nzXprhfcQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/I-DEQDO1APeJMdEj69nzXprhfcQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/CAHAZ2CreYoMO2Bk-TfhM8zK4Ps.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.127.232.0/22 Signature Algorithm: sha256WithRSAEncryption 86:f5:47:91:0f:6d:32:48:f4:8a:e8:15:bd:e6:dc:93:0f:71: 28:2f:87:fc:ff:93:ae:90:0a:b7:3f:94:81:92:cc:e0:cd:d2: 69:45:78:c0:03:e3:3c:66:42:87:a5:14:39:0e:ad:8f:cd:32: ec:9e:15:ae:60:c4:12:13:74:f5:97:13:1d:5d:45:0e:18:d9: cf:db:90:ab:1d:16:99:18:a3:40:61:e3:b6:18:64:c0:bb:34: 93:8c:c5:7b:a0:66:1c:e1:54:4b:d2:4c:c5:ba:aa:04:83:78: c2:d9:ab:77:44:10:89:89:ca:9f:61:93:1b:51:e2:8f:df:b2: 6d:85:24:1b:b2:06:be:c5:cd:7b:f6:1e:ac:6d:2b:27:1d:6e: df:b5:f7:54:2a:a2:f1:2e:5a:8c:1c:47:2e:3d:21:78:5a:41: 83:e5:18:08:7e:45:ec:8b:99:36:d3:f5:3a:c5:6c:f5:4d:a8: 7e:61:f2:0c:cc:45:44:16:82:ed:2c:27:70:35:0f:de:04:58: 14:b5:3c:45:80:1d:ae:b2:a6:c7:cf:2e:fc:57:de:3e:cb:af: 0e:1a:e7:2f:fe:22:bb:5b:7b:f0:38:da:2a:bb:dc:57:bc:b5: 5a:91:5d:28:6f:e7:c4:a8:46:44:ba:ae:07:88:86:1f:7d:f2: 1d:31:fa:41 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEX8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjNF MEM0NDAzM0I1MDBGNzg5MzFEMTIzRUJEOUYzNUU5QUUxN0RDNDAeFw0yNTAyMTAx NDIwMDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4MDFDMDY3NjBBQjc5 OEEwQzNCNjA2NEY5MzdFMTMzQ0NDQUUwRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkiVFs/vppeFbAd68bFlWk1LUNWM9+x/IkwfSahEVn501mjeCI s+fPfUY7ekfg/32wONDfw1L9Aex6ZDxTIa4d4FJ3vNN7GQ2zIqmbuFKaJeoCrUdX NczO8pOCMGaCUrekVeNltV+xTIws1oztlNhZaYzSHK1nDP7avlYQaUAwyzgdt/oS hje4fExlLn3X+0opFBdpw+cqSrRO81y5mIiap/OP847NLVN0LL4xGbHWbUSm0sr2 qY/ju4vqBkzYGlanqw8350xkVaXibsDtF7fGtX1BLyF0op1VxR2Mz1LP6mA28bF/ ZY/oKsUDBc9iiZ4CQdEW9Odtn4bLrlexb1RTAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUCAHAZ2CreYoMO2Bk+TfhM8zK4PswHwYDVR0jBBgwFoAUI+DEQDO1APeJMdEj 69nzXprhfcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUlSUEFZ VFcvSS1ERVFETzFBUGVKTWRFajY5bnpYcHJoZmNRLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9JLURFUURPMUFQZUpNZEVqNjluelhwcmhmY1EuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BSVJQQVlUVy9DQUhBWjJDcmVZb01P MkJrLVRmaE04eks0UHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3/oMA0GCSqGSIb3DQEBCwUAA4IBAQCG9UeRD20ySPSK6BW95tyTD3EoL4f8 /5OukAq3P5SBkszgzdJpRXjAA+M8ZkKHpRQ5Dq2PzTLsnhWuYMQSE3T1lxMdXUUO GNnP25CrHRaZGKNAYeO2GGTAuzSTjMV7oGYc4VRL0kzFuqoEg3jC2at3RBCJicqf YZMbUeKP37JthSQbsga+xc179h6sbSsnHW7ftfdUKqLxLlqMHEcuPSF4WkGD5RgI fkXsi5k20/U6xWz1Tah+YfIMzEVEFoLtLCdwNQ/eBFgUtTxFgB2usqbHzy78V94+ y68OGucv/iK7W3vwONoqu9xXvLVakV0ob+fEqEZEuq4HiIYfffIdMfpB -----END CERTIFICATE-----Generated at Wed Feb 19 22:09:11 2025 by rpki-client