$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CJME/vFNe51u904S3-M7htoYMKJ7ZwUw.roa File: vFNe51u904S3-M7htoYMKJ7ZwUw.roa (raw, json) Hash identifier: M+gBWKxVU0r9iprZD9GVyq5DolhE47weX3yvCFfsIso= Subject key identifier: BC:53:5E:E7:5B:BD:D3:84:B7:F8:CE:E1:B6:86:0C:28:9E:D9:C1:4C Certificate issuer: /CN=E214623FD129CB972740D391DAF39196F2ADF2BD Certificate serial: 75 Authority key identifier: E2:14:62:3F:D1:29:CB:97:27:40:D3:91:DA:F3:91:96:F2:AD:F2:BD Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4hRiP9Epy5cnQNOR2vORlvKt8r0.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/vFNe51u904S3-M7htoYMKJ7ZwUw.roa Signing time: Mon 10 Feb 2025 13:46:01 +0000 ROA not before: Mon 10 Feb 2025 13:46:01 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 63897 IP address blocks: 157.20.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/4hRiP9Epy5cnQNOR2vORlvKt8r0.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/4hRiP9Epy5cnQNOR2vORlvKt8r0.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4hRiP9Epy5cnQNOR2vORlvKt8r0.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 01:08:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 117 (0x75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E214623FD129CB972740D391DAF39196F2ADF2BD Validity Not Before: Feb 10 13:46:01 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=BC535EE75BBDD384B7F8CEE1B6860C289ED9C14C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:6d:0d:9a:05:1a:88:73:a6:55:24:00:6f:51: e0:5d:a1:22:4b:02:67:3a:b3:4a:1b:11:fe:4c:1b: a7:36:56:cd:1f:7f:7d:87:84:aa:19:4b:e5:90:96: 79:cc:9d:0f:19:13:68:77:cf:d9:88:d7:ba:bc:77: 3d:4b:8d:0a:3d:d4:ce:77:f4:e8:77:4d:d1:4d:34: d7:ff:ba:ff:3b:a7:f6:03:3a:8a:d1:37:b1:9e:ba: df:70:75:ca:f1:39:0b:ec:67:01:43:d1:a4:77:35: 3d:18:17:82:86:a3:62:5e:6f:5d:30:49:fa:f3:4d: 32:f8:8a:f4:00:f4:b8:40:61:f0:60:b4:32:bb:e7: 9c:15:69:da:b9:d0:ea:15:98:a9:12:62:41:8d:8a: 39:41:02:53:dc:f4:77:75:6c:be:0a:6b:f5:18:06: 3a:8a:25:c1:8d:f4:68:9b:fa:d5:b6:40:da:34:7d: 8a:39:fd:9e:09:1f:a6:19:9c:7a:57:6f:43:8a:12: 09:40:0b:09:2a:ae:54:5d:10:03:31:2a:7e:2d:67: 92:b7:ec:ba:9c:1f:e5:32:a3:4a:22:ba:ef:ff:58: 5e:6d:0d:d4:72:6a:e7:1a:eb:b8:33:fa:89:00:76: 88:f7:bf:7d:88:28:66:db:60:e6:b2:da:42:d0:f8: 7e:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:53:5E:E7:5B:BD:D3:84:B7:F8:CE:E1:B6:86:0C:28:9E:D9:C1:4C X509v3 Authority Key Identifier: keyid:E2:14:62:3F:D1:29:CB:97:27:40:D3:91:DA:F3:91:96:F2:AD:F2:BD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/4hRiP9Epy5cnQNOR2vORlvKt8r0.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4hRiP9Epy5cnQNOR2vORlvKt8r0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/vFNe51u904S3-M7htoYMKJ7ZwUw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.199.0/24 Signature Algorithm: sha256WithRSAEncryption a1:9b:6d:06:4b:77:6d:06:d4:50:f6:b0:72:eb:49:80:46:55: e5:56:c1:9b:e6:c0:0c:5f:9b:a6:3c:73:bb:16:6b:d2:c4:2b: 8d:ff:61:ed:af:9f:b0:7e:13:9b:1f:cf:90:c0:e1:89:b7:a3: 74:57:c1:fb:50:34:7d:af:14:ee:60:62:63:d1:bb:38:e8:0a: 88:33:76:51:70:0a:29:7a:e0:e4:d8:f2:64:10:87:17:5b:cd: 9a:aa:79:b4:7e:2e:c7:18:c9:45:a0:5e:7a:b6:f6:84:fa:3b: 9c:c8:3a:ba:8b:00:f1:fc:52:66:b0:5e:76:9a:b8:bf:07:63: 17:ee:7a:4e:75:cb:8f:8b:48:40:37:4e:c6:29:ad:32:3b:b0: 06:12:c1:4f:58:2e:b6:2c:bf:b8:45:e5:67:95:06:8e:94:7c: 99:8e:a3:8e:fa:a7:cb:24:b7:f0:73:65:7e:07:ce:63:55:d2: e9:2f:90:b6:84:5b:a8:4b:d3:ad:87:12:40:52:97:da:de:71: 11:a6:b5:74:0c:0a:cc:3a:25:7a:59:cc:82:9a:c0:4b:9f:d2: 31:13:2b:00:e8:f9:16:f7:ba:db:1e:b9:14:9d:f1:88:34:ca: cc:1e:4b:4f:a9:a0:f3:6b:b5:bb:41:d9:e7:76:20:55:b5:49: 6a:9f:a8:95 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgIBdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMjE0 NjIzRkQxMjlDQjk3Mjc0MEQzOTFEQUYzOTE5NkYyQURGMkJEMB4XDTI1MDIxMDEz NDYwMVoXDTI1MDgyNjAxNTcwM1owMzExMC8GA1UEAxMoQkM1MzVFRTc1QkJERDM4 NEI3RjhDRUUxQjY4NjBDMjg5RUQ5QzE0QzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOxtDZoFGohzplUkAG9R4F2hIksCZzqzShsR/kwbpzZWzR9/fYeE qhlL5ZCWecydDxkTaHfP2YjXurx3PUuNCj3Uznf06HdN0U001/+6/zun9gM6itE3 sZ6633B1yvE5C+xnAUPRpHc1PRgXgoajYl5vXTBJ+vNNMviK9AD0uEBh8GC0Mrvn nBVp2rnQ6hWYqRJiQY2KOUECU9z0d3Vsvgpr9RgGOoolwY30aJv61bZA2jR9ijn9 ngkfphmceldvQ4oSCUALCSquVF0QAzEqfi1nkrfsupwf5TKjSiK67/9YXm0N1HJq 5xrruDP6iQB2iPe/fYgoZttg5rLaQtD4fl8CAwEAAaOCAeowggHmMB0GA1UdDgQW BBS8U17nW73ThLf4zuG2hgwontnBTDAfBgNVHSMEGDAWgBTiFGI/0SnLlydA05Ha 85GW8q3yvTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSk1FLzRo UmlQOUVweTVjblFOT1Iydk9SbHZLdDhyMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev NGhSaVA5RXB5NWNuUU5PUjJ2T1Jsdkt0OHIwLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvQ0pNRS92Rk5lNTF1OTA0UzMtTTdodG9ZTUtK N1p3VXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTHMA0G CSqGSIb3DQEBCwUAA4IBAQChm20GS3dtBtRQ9rBy60mARlXlVsGb5sAMX5umPHO7 FmvSxCuN/2Htr5+wfhObH8+QwOGJt6N0V8H7UDR9rxTuYGJj0bs46AqIM3ZRcAop euDk2PJkEIcXW82aqnm0fi7HGMlFoF56tvaE+jucyDq6iwDx/FJmsF52mri/B2MX 7npOdcuPi0hAN07GKa0yO7AGEsFPWC62LL+4ReVnlQaOlHyZjqOO+qfLJLfwc2V+ B85jVdLpL5C2hFuoS9OthxJAUpfa3nERprV0DArMOiV6WcyCmsBLn9IxEysA6PkW 97rbHrkUnfGINMrMHktPqaDza7W7QdnndiBVtUlqn6iV -----END CERTIFICATE-----Generated at Tue Apr 15 00:49:38 2025 by rpki-client