$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/HsR6sjj-hOKAFOKzwz1thWUyo6Q.roa File: HsR6sjj-hOKAFOKzwz1thWUyo6Q.roa (raw, json) Hash identifier: zRZ8JBiIZscJUMwTedK1E/3txJth8lb/oDXYTrHw5qQ= Subject key identifier: 1E:C4:7A:B2:38:FE:84:E2:80:14:E2:B3:C3:3D:6D:85:65:32:A3:A4 Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Certificate serial: 0C72 Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/HsR6sjj-hOKAFOKzwz1thWUyo6Q.roa Signing time: Mon 10 Feb 2025 14:13:40 +0000 ROA not before: Mon 10 Feb 2025 14:13:40 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 14618 IP address blocks: 103.119.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 04:06:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3186 (0xc72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Validity Not Before: Feb 10 14:13:40 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1EC47AB238FE84E28014E2B3C33D6D856532A3A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2d:7d:72:5b:42:3e:c0:20:9a:7f:a6:77:f2: 8b:0b:62:6d:9f:ee:fb:b1:ea:13:5d:e5:6a:54:19: ea:00:07:5b:d5:b7:fa:e8:1e:82:83:05:5e:b8:20: be:6a:9a:6a:6b:8a:a0:38:c2:b2:8b:78:3b:a4:72: 33:a6:d7:54:7a:a7:39:ea:12:1b:ab:35:9f:b0:01: 1b:98:3d:8b:48:29:c0:4c:a4:76:33:4c:cb:3b:de: 5b:91:02:55:9e:f2:2b:df:9b:c8:86:43:e3:0c:47: da:3c:81:f9:ac:9e:68:e6:80:9f:f2:60:71:83:69: 61:70:cd:e4:70:a6:3f:29:de:67:3b:ed:a1:bc:f5: e1:36:88:49:03:54:a7:b5:4f:5a:1f:a6:0b:70:e0: ff:25:0e:9f:2a:70:35:fd:35:3b:36:68:85:d0:ef: 34:97:8d:a9:42:9e:d3:4a:a2:24:9b:41:4e:08:07: 6e:4e:78:24:4b:79:0d:f7:a3:72:4e:2a:f2:88:11: 20:1b:a2:41:83:be:74:4c:e0:89:64:3a:bc:c8:c4: fc:3c:b8:80:47:d5:85:6a:29:cd:7e:12:29:ac:f8: 87:ab:d5:d6:6f:ad:dd:49:23:e3:71:6c:ca:3b:94: 77:4d:31:c1:6d:60:0c:e5:2d:a1:9b:8f:01:9e:42: 35:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C4:7A:B2:38:FE:84:E2:80:14:E2:B3:C3:3D:6D:85:65:32:A3:A4 X509v3 Authority Key Identifier: keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/HsR6sjj-hOKAFOKzwz1thWUyo6Q.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.213.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:c9:15:6f:8e:44:69:cf:f9:9a:ae:d1:04:38:a3:10:d9:dc: 35:64:89:be:c1:95:b1:88:bb:74:76:44:4a:c5:01:30:13:fc: c5:5a:16:42:3c:db:5b:8f:61:01:82:25:d0:19:95:f1:76:67: 68:4c:07:33:f9:8f:9d:21:e3:ba:88:a5:6a:b7:3b:2f:f6:f9: 7e:45:46:ec:c8:be:b7:b9:03:a6:79:43:2f:81:eb:8f:72:2b: 20:7e:77:f0:8f:5c:9a:64:c4:cb:33:7e:b9:28:7e:2d:d7:3d: 82:2d:b9:19:0f:1c:ab:64:29:ec:09:b0:0e:5b:88:96:42:68: 5a:1f:a7:d0:af:6a:52:3a:ef:52:50:4d:45:03:e4:03:f2:42: 1e:79:b3:72:f8:2d:3c:cf:01:3d:18:2a:a0:40:ed:a8:45:7a: 2f:7f:25:83:cc:ed:ce:78:9b:17:c0:c8:7b:4f:ec:59:76:f3: 7b:c8:8f:e9:d5:3c:fe:25:7e:13:fd:7e:de:9d:ae:a3:ff:6d: 1b:fd:51:e3:80:3e:2e:ee:98:06:fc:6d:c5:34:5f:2f:88:b3: 2f:ec:c4:4b:ad:4a:94:dc:c7:02:5f:1c:69:e3:81:3d:b8:46: ca:5e:34:89:3d:55:b5:23:58:a5:2d:ee:16:34:f6:f2:5b:5d: 36:31:1c:54 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNTAyMTAx NDEzNDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFQzQ3QUIyMzhGRTg0 RTI4MDE0RTJCM0MzM0Q2RDg1NjUzMkEzQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFLX1yW0I+wCCaf6Z38osLYm2f7vux6hNd5WpUGeoAB1vVt/ro HoKDBV64IL5qmmpriqA4wrKLeDukcjOm11R6pznqEhurNZ+wARuYPYtIKcBMpHYz TMs73luRAlWe8ivfm8iGQ+MMR9o8gfmsnmjmgJ/yYHGDaWFwzeRwpj8p3mc77aG8 9eE2iEkDVKe1T1ofpgtw4P8lDp8qcDX9NTs2aIXQ7zSXjalCntNKoiSbQU4IB25O eCRLeQ33o3JOKvKIESAbokGDvnRM4IlkOrzIxPw8uIBH1YVqKc1+Eims+Ier1dZv rd1JI+NxbMo7lHdNMcFtYAzlLaGbjwGeQjXbAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUHsR6sjj+hOKAFOKzwz1thWUyo6QwHwYDVR0jBBgwFoAUXNEK1bakd108UE1m EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvSHNSNnNqai1oT0tBRk9L end6MXRoV1V5bzZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGd31TANBgkqhkiG9w0BAQsFAAOCAQEAS8kVb45Eac/5mq7RBDijENncNWSJvsGV sYi7dHZESsUBMBP8xVoWQjzbW49hAYIl0BmV8XZnaEwHM/mPnSHjuoilarc7L/b5 fkVG7Mi+t7kDpnlDL4Hrj3IrIH538I9cmmTEyzN+uSh+Ldc9gi25GQ8cq2Qp7Amw DluIlkJoWh+n0K9qUjrvUlBNRQPkA/JCHnmzcvgtPM8BPRgqoEDtqEV6L38lg8zt znibF8DIe0/sWXbze8iP6dU8/iV+E/1+3p2uo/9tG/1R44A+Lu6YBvxtxTRfL4iz L+zES61KlNzHAl8caeOBPbhGyl40iT1VtSNYpS3uFjT28ltdNjEcVA== -----END CERTIFICATE-----Generated at Sat Apr 5 00:02:12 2025 by rpki-client