$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHUMMYTECH/Ri4EDmMU8hnITkeGSJh6Bfsklyc.roa File: Ri4EDmMU8hnITkeGSJh6Bfsklyc.roa (raw, json) Hash identifier: 3e8cDVdQdP9DH/+zuYx+YgQLHjdmoY/V5+6TGb93H2M= Subject key identifier: 46:2E:04:0E:63:14:F2:19:C8:4E:47:86:48:98:7A:05:FB:24:97:27 Certificate issuer: /CN=99AE43A97D51C5A14E11287A98024C36A599377B Certificate serial: 01AD Authority key identifier: 99:AE:43:A9:7D:51:C5:A1:4E:11:28:7A:98:02:4C:36:A5:99:37:7B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ma5DqX1RxaFOESh6mAJMNqWZN3s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUMMYTECH/Ri4EDmMU8hnITkeGSJh6Bfsklyc.roa Signing time: Mon 10 Feb 2025 14:04:17 +0000 ROA not before: Mon 10 Feb 2025 14:04:17 +0000 ROA not after: Wed 08 Oct 2025 15:30:19 +0000 asID: 152615 IP address blocks: 2401:caa0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUMMYTECH/ma5DqX1RxaFOESh6mAJMNqWZN3s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUMMYTECH/ma5DqX1RxaFOESh6mAJMNqWZN3s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ma5DqX1RxaFOESh6mAJMNqWZN3s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 12:18:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 429 (0x1ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=99AE43A97D51C5A14E11287A98024C36A599377B Validity Not Before: Feb 10 14:04:17 2025 GMT Not After : Oct 8 15:30:19 2025 GMT Subject: CN=462E040E6314F219C84E478648987A05FB249727 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:d7:62:c1:b6:52:79:b5:53:6d:ab:aa:7a:33: 5c:00:94:76:d8:a6:ee:25:e9:bb:5f:de:3d:4e:e0: 0f:84:01:67:2c:6e:29:8b:2b:51:b3:40:7f:8e:08: 66:c0:22:7b:79:62:db:48:e8:1a:9d:70:ae:e5:d2: e2:3b:70:79:3c:1a:c6:9f:c6:7a:d2:89:67:76:06: b1:36:64:41:42:94:9b:53:fd:18:40:8c:6a:d0:ab: 0e:a9:7c:ca:7a:2c:e7:06:89:72:e8:7a:d6:d8:dc: a0:e3:ef:2b:57:60:71:96:a0:cf:a9:8b:4d:ca:6a: 90:c7:85:67:aa:a8:1c:50:43:ed:9b:52:84:44:b9: bc:92:c8:da:5e:c1:bf:1f:5f:49:53:86:2a:5d:9f: 33:41:d0:76:b3:14:bd:ba:8e:0b:17:b9:eb:b6:fb: 48:73:7b:fb:b1:17:e9:9c:ff:6e:ac:cc:b9:e8:3d: 3e:ad:91:1b:36:a9:e4:b0:b2:c2:ea:8d:e5:63:17: 47:20:e1:df:e2:9e:fb:f2:6a:0a:de:bd:da:bd:3b: dc:ec:c3:6e:0e:d1:e3:b0:9b:0b:c2:d1:f9:c6:cf: c8:6a:80:a9:a1:14:fc:91:b0:c7:8c:24:c8:b3:9d: 24:f2:13:15:ab:51:bd:e2:d5:e3:23:87:bf:da:46: 42:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:2E:04:0E:63:14:F2:19:C8:4E:47:86:48:98:7A:05:FB:24:97:27 X509v3 Authority Key Identifier: keyid:99:AE:43:A9:7D:51:C5:A1:4E:11:28:7A:98:02:4C:36:A5:99:37:7B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUMMYTECH/ma5DqX1RxaFOESh6mAJMNqWZN3s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ma5DqX1RxaFOESh6mAJMNqWZN3s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUMMYTECH/Ri4EDmMU8hnITkeGSJh6Bfsklyc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:caa0::/32 Signature Algorithm: sha256WithRSAEncryption 2e:c4:03:71:60:48:ef:33:2d:80:e6:39:fb:73:30:9c:a0:aa: 1a:63:55:53:31:6a:77:cc:f5:98:ed:13:07:aa:b0:c4:b5:b9: b8:8c:f0:08:3a:f6:ad:f0:9c:78:a6:f8:a3:d9:17:98:ab:e1: 1b:fe:01:ea:7d:5a:0e:63:80:40:dc:cd:68:d0:ef:8d:a9:05: a0:a5:eb:c3:ed:9c:b3:2b:da:ae:2b:b8:81:36:af:d8:e2:76: 11:25:e9:c5:69:a7:6b:7f:48:d5:a9:ff:2c:e2:88:30:06:44: 9f:d0:44:98:bf:21:19:23:54:be:63:47:50:dd:18:66:23:74: 4f:19:10:3e:6e:67:5d:4b:d5:08:46:47:95:30:18:64:a5:55: 4d:27:cb:9a:3a:02:9c:25:63:6c:c8:ba:bf:59:3f:55:61:0c: 8e:63:77:96:40:f3:e2:c2:1e:4c:44:f9:5d:6a:f0:49:39:5f: 0b:16:2a:ef:a6:aa:7d:0a:c6:39:91:17:43:be:6b:8e:02:ff: 5e:22:19:2b:f9:e7:56:e2:7e:f5:10:25:59:08:6c:40:2f:a1: 10:e6:7b:1d:62:a9:76:0e:b2:31:c4:d1:39:ec:37:4c:87:20: 07:bb:14:29:46:0c:a6:35:af:7c:bd:3e:96:38:0d:0c:c9:74: 12:35:f4:eb -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTlB RTQzQTk3RDUxQzVBMTRFMTEyODdBOTgwMjRDMzZBNTk5Mzc3QjAeFw0yNTAyMTAx NDA0MTdaFw0yNTEwMDgxNTMwMTlaMDMxMTAvBgNVBAMTKDQ2MkUwNDBFNjMxNEYy MTlDODRFNDc4NjQ4OTg3QTA1RkIyNDk3MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD212LBtlJ5tVNtq6p6M1wAlHbYpu4l6btf3j1O4A+EAWcsbimL K1GzQH+OCGbAInt5YttI6BqdcK7l0uI7cHk8GsafxnrSiWd2BrE2ZEFClJtT/RhA jGrQqw6pfMp6LOcGiXLoetbY3KDj7ytXYHGWoM+pi03KapDHhWeqqBxQQ+2bUoRE ubySyNpewb8fX0lThipdnzNB0HazFL26jgsXueu2+0hze/uxF+mc/26szLnoPT6t kRs2qeSwssLqjeVjF0cg4d/invvyagrevdq9O9zsw24O0eOwmwvC0fnGz8hqgKmh FPyRsMeMJMiznSTyExWrUb3i1eMjh7/aRkKlAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQURi4EDmMU8hnITkeGSJh6BfsklycwHwYDVR0jBBgwFoAUma5DqX1RxaFOESh6 mAJMNqWZN3swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hVTU1Z VEVDSC9tYTVEcVgxUnhhRk9FU2g2bUFKTU5xV1pOM3MuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL21hNURxWDFSeGFGT0VTaDZtQUpNTnFXWk4zcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NIVU1NWVRFQ0gvUmk0RURtTVU4 aG5JVGtlR1NKaDZCZnNrbHljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC AAIwBwMFACQByqAwDQYJKoZIhvcNAQELBQADggEBAC7EA3FgSO8zLYDmOftzMJyg qhpjVVMxanfM9ZjtEweqsMS1ubiM8Ag69q3wnHim+KPZF5ir4Rv+Aep9Wg5jgEDc zWjQ742pBaCl68PtnLMr2q4ruIE2r9jidhEl6cVpp2t/SNWp/yziiDAGRJ/QRJi/ IRkjVL5jR1DdGGYjdE8ZED5uZ11L1QhGR5UwGGSlVU0ny5o6ApwlY2zIur9ZP1Vh DI5jd5ZA8+LCHkxE+V1q8Ek5XwsWKu+mqn0KxjmRF0O+a44C/14iGSv551bifvUQ JVkIbEAvoRDmex1iqXYOsjHE0TnsN0yHIAe7FClGDKY1r3y9PpY4DQzJdBI19Os= -----END CERTIFICATE-----Generated at Tue Apr 22 12:16:18 2025 by rpki-client