$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/ayX7S-hAoJsmlmwWTtwSq5RoDlU.roa File: ayX7S-hAoJsmlmwWTtwSq5RoDlU.roa (raw, json) Hash identifier: 5TL/DLkgo9WiVFYOBd+x6wtMBRKqx3007nglkn2f0pE= Subject key identifier: 6B:25:FB:4B:E8:40:A0:9B:26:96:6C:16:4E:DC:12:AB:94:68:0E:55 Certificate issuer: /CN=A082F5D992E6BC25E08997538616180702E857C3 Certificate serial: 041C Authority key identifier: A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/ayX7S-hAoJsmlmwWTtwSq5RoDlU.roa Signing time: Mon 10 Feb 2025 14:04:27 +0000 ROA not before: Mon 10 Feb 2025 14:04:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38839 IP address blocks: 103.159.176.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1052 (0x41c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A082F5D992E6BC25E08997538616180702E857C3 Validity Not Before: Feb 10 14:04:27 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=6B25FB4BE840A09B26966C164EDC12AB94680E55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:49:14:f6:7d:9c:74:7d:fe:37:07:3e:07:fd: dd:8e:e6:e2:a3:06:f5:a0:bd:68:ef:b8:9a:02:bb: ee:7f:2f:a8:1d:b0:06:7c:e3:6a:3b:4c:04:fa:fd: 22:44:93:12:5e:09:6b:33:2a:b2:4a:ef:60:42:04: be:68:6a:d4:34:63:cd:27:fd:ce:b8:0b:4b:76:d2: 89:d7:05:0a:32:ad:25:7b:b1:42:e0:8a:db:70:c3: 67:54:c5:9f:6d:a8:20:18:4e:f6:85:d5:dc:c6:ed: 23:33:64:e1:78:24:ab:75:71:07:b0:d2:d6:c1:bb: b3:1e:f7:ff:26:a3:15:7b:9a:46:ac:06:b4:0a:f9: e7:c0:69:cb:1d:c3:81:ce:6b:e4:c3:b5:af:b9:8f: b2:de:10:d7:f2:40:4a:99:f4:2e:a8:c5:c4:14:03: e9:e8:5b:e6:f1:0e:7a:51:7f:20:30:ed:c3:c0:b0: 9d:30:6f:d2:70:b5:bd:09:31:58:14:b1:6e:e6:0a: eb:32:ab:09:f0:50:54:4b:31:18:b8:12:4d:c0:e9: a0:c4:05:6b:a0:49:22:68:f1:b2:7c:6f:af:ec:47: 4e:31:03:bd:6f:34:2c:3d:cf:03:a2:b6:19:53:eb: 46:d5:53:09:62:8b:e1:1f:aa:f3:e2:f4:a8:74:e6: a2:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:25:FB:4B:E8:40:A0:9B:26:96:6C:16:4E:DC:12:AB:94:68:0E:55 X509v3 Authority Key Identifier: keyid:A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/ayX7S-hAoJsmlmwWTtwSq5RoDlU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.159.176.0/23 Signature Algorithm: sha256WithRSAEncryption 7c:2a:39:05:83:37:6a:33:1e:4d:f7:7b:14:1f:c9:89:17:5e: ce:5b:dd:42:20:0f:1d:89:57:56:fe:5c:4e:99:8d:13:29:06: bb:71:93:b2:b5:3c:82:67:54:b1:ba:aa:5e:f1:6f:4b:36:70: 9a:68:8a:73:3d:aa:93:fd:cd:db:e6:a0:13:4f:e5:7c:a6:5a: e4:b4:0f:69:7e:ee:0b:d1:cf:bd:d8:36:a9:12:0c:f7:80:94: f0:bb:e3:30:a5:ae:69:c7:06:11:d5:75:34:94:7b:e1:cc:d9: 89:27:23:9d:ed:c9:0f:d0:ed:85:e8:c3:c2:b8:0f:fc:a2:f2: 19:ac:e7:52:cf:e8:73:b5:bb:a8:65:54:28:6f:4e:33:04:e4: b5:77:11:0b:31:34:2b:55:87:03:8b:46:2f:f3:15:d9:62:d4: 44:50:be:37:86:a3:62:4a:8e:0b:c1:fd:6d:90:84:67:2a:8c: 98:3a:9c:71:d0:43:56:9a:4a:ad:02:f9:09:3f:6d:eb:3c:2c: db:ee:93:f1:ea:b8:59:d4:76:1d:fe:71:f7:0a:52:3a:d6:14: 45:20:f4:08:86:1d:20:4a:7d:6c:89:06:e6:df:f6:92:d6:2a: a4:2c:c7:d4:42:7c:34:7a:81:73:dc:d2:f2:3c:f7:da:78:9c: e3:66:fb:e9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICBBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTA4 MkY1RDk5MkU2QkMyNUUwODk5NzUzODYxNjE4MDcwMkU4NTdDMzAeFw0yNTAyMTAx NDA0MjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDZCMjVGQjRCRTg0MEEw OUIyNjk2NkMxNjRFREMxMkFCOTQ2ODBFNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVSRT2fZx0ff43Bz4H/d2O5uKjBvWgvWjvuJoCu+5/L6gdsAZ8 42o7TAT6/SJEkxJeCWszKrJK72BCBL5oatQ0Y80n/c64C0t20onXBQoyrSV7sULg ittww2dUxZ9tqCAYTvaF1dzG7SMzZOF4JKt1cQew0tbBu7Me9/8moxV7mkasBrQK +efAacsdw4HOa+TDta+5j7LeENfyQEqZ9C6oxcQUA+noW+bxDnpRfyAw7cPAsJ0w b9Jwtb0JMVgUsW7mCusyqwnwUFRLMRi4Ek3A6aDEBWugSSJo8bJ8b6/sR04xA71v NCw9zwOithlT60bVUwlii+EfqvPi9Kh05qLvAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUayX7S+hAoJsmlmwWTtwSq5RoDlUwHwYDVR0jBBgwFoAUoIL12ZLmvCXgiZdT hhYYBwLoV8MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVL L29JTDEyWkxtdkNYZ2laZFRoaFlZQndMb1Y4TS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0Evb0lMMTJaTG12Q1hnaVpkVGhoWVlCd0xvVjhNLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVLL2F5WDdTLWhBb0pzbWxtd1dU dHdTcTVSb0RsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn n7AwDQYJKoZIhvcNAQELBQADggEBAHwqOQWDN2ozHk33exQfyYkXXs5b3UIgDx2J V1b+XE6ZjRMpBrtxk7K1PIJnVLG6ql7xb0s2cJpoinM9qpP9zdvmoBNP5XymWuS0 D2l+7gvRz73YNqkSDPeAlPC74zClrmnHBhHVdTSUe+HM2YknI53tyQ/Q7YXow8K4 D/yi8hms51LP6HO1u6hlVChvTjME5LV3EQsxNCtVhwOLRi/zFdli1ERQvjeGo2JK jgvB/W2QhGcqjJg6nHHQQ1aaSq0C+Qk/bes8LNvuk/HquFnUdh3+cfcKUjrWFEUg 9AiGHSBKfWyJBubf9pLWKqQsx9RCfDR6gXPc0vI899p4nONm++k= -----END CERTIFICATE-----Generated at Wed Feb 19 22:04:10 2025 by rpki-client