$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ARCHE/Rzs2-t7CKvOLFHsylAHMYc03Q2c.roa File: Rzs2-t7CKvOLFHsylAHMYc03Q2c.roa (raw, json) Hash identifier: xdht8wC5RZ3Sm2CIXd1DfxLs07+kTP+IL4jJ6oBbXQw= Subject key identifier: 47:3B:36:FA:DE:C2:2A:F3:8B:14:7B:32:94:01:CC:61:CD:37:43:67 Certificate issuer: /CN=EAB250D058FACBEB3EA0D16B53865061339074B6 Certificate serial: 0108 Authority key identifier: EA:B2:50:D0:58:FA:CB:EB:3E:A0:D1:6B:53:86:50:61:33:90:74:B6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ARCHE/Rzs2-t7CKvOLFHsylAHMYc03Q2c.roa Signing time: Mon 10 Feb 2025 13:45:27 +0000 ROA not before: Mon 10 Feb 2025 13:45:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18041 IP address blocks: 157.15.32.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ARCHE/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ARCHE/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:58:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 264 (0x108) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EAB250D058FACBEB3EA0D16B53865061339074B6 Validity Not Before: Feb 10 13:45:27 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=473B36FADEC22AF38B147B329401CC61CD374367 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:a1:ca:90:43:32:97:99:ea:fa:db:47:9a:bf: 6a:f3:a4:b2:db:2c:bc:61:8d:88:56:88:9b:6e:5a: 8e:c3:1b:cb:85:df:84:43:20:a9:af:21:18:70:67: 4d:5c:4a:81:89:e2:d2:57:74:25:9a:70:b6:46:8f: 0e:bc:af:46:56:60:cc:41:32:f2:2e:ac:5a:d6:95: 3d:bd:da:4f:fe:56:8a:53:f3:92:19:68:60:49:6b: ec:a5:71:6b:2b:0e:70:1d:d2:5c:e0:70:93:a2:68: 01:3c:fd:4c:e3:e6:c3:5d:ff:94:c4:da:e5:13:e4: af:3d:c6:80:d8:2f:8b:6b:cd:f9:16:45:6a:c3:dc: 72:4d:3a:72:99:55:64:49:14:19:b4:64:c7:88:25: 40:04:d9:26:89:01:53:bd:80:2e:7a:68:1c:cf:46: 5c:78:f8:86:5f:87:e3:52:7b:3b:f3:1f:f8:c4:22: 25:58:5a:f5:57:e0:24:94:89:e6:50:96:4b:ab:47: ed:42:c3:d5:0d:10:be:c1:ce:6b:28:ae:9b:da:78: d1:e6:78:61:4e:e4:13:1a:d5:d1:42:30:86:a1:2d: ba:0a:3a:0a:9d:07:23:af:8f:da:eb:9a:62:13:4d: b1:4e:ff:58:e5:f8:6c:cb:fc:49:61:88:de:f2:08: 37:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:3B:36:FA:DE:C2:2A:F3:8B:14:7B:32:94:01:CC:61:CD:37:43:67 X509v3 Authority Key Identifier: keyid:EA:B2:50:D0:58:FA:CB:EB:3E:A0:D1:6B:53:86:50:61:33:90:74:B6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ARCHE/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ARCHE/Rzs2-t7CKvOLFHsylAHMYc03Q2c.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.15.32.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:9c:5f:a9:15:d0:24:e0:ed:b1:bd:fa:f8:c0:46:7e:f7:c5: 1c:02:71:08:4d:c8:cf:c9:72:68:ff:fa:53:f1:34:d5:53:ce: 12:e7:33:3f:44:79:19:db:92:4a:55:3a:40:af:aa:12:5a:18: 05:26:21:4d:43:4b:0a:ca:76:e2:36:dd:4b:3c:b6:4f:7c:a7: 2d:2c:ce:9d:a1:13:00:ce:5c:41:a8:52:57:c8:fc:33:ae:d5: 88:52:2e:fa:46:fb:00:11:6c:07:60:6b:b3:49:f0:c6:e2:5d: c2:0e:8e:1e:4b:97:2f:a5:3e:8c:fb:f8:28:78:2b:eb:e8:a5: 2a:04:11:ef:53:2b:13:08:f9:75:d4:cd:f0:3f:c2:24:8e:5a: 5b:5f:e7:66:c2:99:e2:c2:01:5c:1a:2a:4c:65:f7:20:26:d8: 84:92:ee:f5:43:b0:93:0b:af:3a:ef:6f:37:87:59:fa:dc:95: 06:d5:87:3f:47:0d:54:5f:e5:b3:dd:36:fa:ef:97:00:e6:5e: d7:5b:cd:68:05:79:d1:17:28:4e:71:6d:b8:16:23:65:93:28: d5:c0:79:dc:a0:1a:dd:28:e5:6f:7c:69:77:5e:08:7a:97:71: 66:e5:0d:57:76:00:e7:7e:d3:4d:4e:91:c8:ef:fb:41:33:10: 27:8f:d6:08 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAQgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUFC MjUwRDA1OEZBQ0JFQjNFQTBEMTZCNTM4NjUwNjEzMzkwNzRCNjAeFw0yNTAyMTAx MzQ1MjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ3M0IzNkZBREVDMjJB RjM4QjE0N0IzMjk0MDFDQzYxQ0QzNzQzNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD2ocqQQzKXmer620eav2rzpLLbLLxhjYhWiJtuWo7DG8uF34RD IKmvIRhwZ01cSoGJ4tJXdCWacLZGjw68r0ZWYMxBMvIurFrWlT292k/+VopT85IZ aGBJa+ylcWsrDnAd0lzgcJOiaAE8/Uzj5sNd/5TE2uUT5K89xoDYL4trzfkWRWrD 3HJNOnKZVWRJFBm0ZMeIJUAE2SaJAVO9gC56aBzPRlx4+IZfh+NSezvzH/jEIiVY WvVX4CSUieZQlkurR+1Cw9UNEL7BzmsorpvaeNHmeGFO5BMa1dFCMIahLboKOgqd ByOvj9rrmmITTbFO/1jl+GzL/ElhiN7yCDf/AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQURzs2+t7CKvOLFHsylAHMYc03Q2cwHwYDVR0jBBgwFoAU6rJQ0Fj6y+s+oNFr U4ZQYTOQdLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVJDSEUv NnJKUTBGajZ5LXMtb05GclU0WlFZVE9RZExZLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS82ckpRMEZqNnktcy1vTkZyVTRaUVlUT1FkTFkuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BUkNIRS9SenMyLXQ3Q0t2T0xGSHN5bEFI TVljMDNRMmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnQ8g MA0GCSqGSIb3DQEBCwUAA4IBAQCMnF+pFdAk4O2xvfr4wEZ+98UcAnEITcjPyXJo //pT8TTVU84S5zM/RHkZ25JKVTpAr6oSWhgFJiFNQ0sKynbiNt1LPLZPfKctLM6d oRMAzlxBqFJXyPwzrtWIUi76RvsAEWwHYGuzSfDG4l3CDo4eS5cvpT6M+/goeCvr 6KUqBBHvUysTCPl11M3wP8IkjlpbX+dmwpniwgFcGipMZfcgJtiEku71Q7CTC686 7283h1n63JUG1Yc/Rw1UX+Wz3Tb675cA5l7XW81oBXnRFyhOcW24FiNlkyjVwHnc oBrdKOVvfGl3Xgh6l3Fm5Q1XdgDnftNNTpHI7/tBMxAnj9YI -----END CERTIFICATE-----Generated at Wed Feb 19 20:45:16 2025 by rpki-client