$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CTII/CfMzlXn0j-5PFSfhljlQ374OUTM.roa File: CfMzlXn0j-5PFSfhljlQ374OUTM.roa (raw, json) Hash identifier: /sOPbpLCMzBTpOsGLidAqz8m/FW+KYc+0v+u+tpVU9s= Subject key identifier: 09:F3:33:95:79:F4:8F:EE:4F:15:27:E1:96:39:50:DF:BE:0E:51:33 Certificate issuer: /CN=FBD3AC9FC44C3DD2AB7B5D20BC158C82D83D260A Certificate serial: 12B6 Authority key identifier: FB:D3:AC:9F:C4:4C:3D:D2:AB:7B:5D:20:BC:15:8C:82:D8:3D:26:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-9Osn8RMPdKre10gvBWMgtg9Jgo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CTII/CfMzlXn0j-5PFSfhljlQ374OUTM.roa Signing time: Mon 10 Feb 2025 14:02:06 +0000 ROA not before: Mon 10 Feb 2025 14:02:06 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 984 IP address blocks: 103.130.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CTII/-9Osn8RMPdKre10gvBWMgtg9Jgo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CTII/-9Osn8RMPdKre10gvBWMgtg9Jgo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/-9Osn8RMPdKre10gvBWMgtg9Jgo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 08:07:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4790 (0x12b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FBD3AC9FC44C3DD2AB7B5D20BC158C82D83D260A Validity Not Before: Feb 10 14:02:06 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=09F3339579F48FEE4F1527E1963950DFBE0E5133 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:39:6c:d3:16:d7:6f:fa:9c:0d:1b:4c:a2:9a: 2e:0d:e2:e4:f9:5b:92:4d:ca:ae:d8:34:93:91:b4: f2:22:83:e4:6d:54:0d:28:56:cf:56:c9:47:e0:ae: 64:57:e0:27:cb:e9:35:2a:46:da:49:41:b1:42:5b: 87:38:c4:34:fd:e6:70:25:3d:a4:da:bc:26:1a:11: 0b:08:05:7b:d6:f8:b7:ef:e5:28:27:33:a6:b9:05: 2f:d4:e2:a5:22:e7:47:e3:74:3b:18:ee:3f:a2:72: 6b:8c:d9:4d:01:9d:47:f7:78:a2:5c:03:a3:75:5b: 12:46:ba:7d:e3:fd:51:c5:0e:79:f4:89:e9:4c:47: 8c:77:e2:28:c5:78:45:82:4a:e7:04:fd:8a:b8:63: 0d:a6:35:89:1e:9f:20:a1:92:be:2e:8b:7c:02:02: 34:7f:74:a3:18:68:bb:50:df:94:c3:e8:3b:35:86: a4:fc:bc:35:59:2c:03:e5:5b:eb:da:7d:fa:41:ab: 17:a5:4a:82:80:60:22:40:d9:63:73:8d:60:42:ab: b3:df:7a:44:af:d9:a0:4a:96:29:65:7a:05:b1:45: fd:6f:58:4c:47:aa:12:a4:73:b3:8a:74:51:a3:6e: cf:d6:57:dc:b6:9f:ab:c0:43:bc:83:37:57:d0:9e: 6c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:F3:33:95:79:F4:8F:EE:4F:15:27:E1:96:39:50:DF:BE:0E:51:33 X509v3 Authority Key Identifier: keyid:FB:D3:AC:9F:C4:4C:3D:D2:AB:7B:5D:20:BC:15:8C:82:D8:3D:26:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CTII/-9Osn8RMPdKre10gvBWMgtg9Jgo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-9Osn8RMPdKre10gvBWMgtg9Jgo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CTII/CfMzlXn0j-5PFSfhljlQ374OUTM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.130.248.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:13:07:f6:2f:cf:ca:14:0b:d3:7d:95:8d:54:36:79:1e:8f: 77:70:9b:2b:69:bf:d4:3a:53:15:4a:ed:6f:ac:2c:2f:72:fc: 91:b6:31:ef:6d:6f:cb:ca:0c:43:0a:37:31:90:1d:34:61:fd: 08:ad:62:38:fc:ee:65:65:fb:94:e8:f6:16:17:9a:c5:fa:69: c4:78:ca:be:1b:a9:e7:64:a9:fc:11:3e:7a:da:02:5d:bc:92: 21:24:c0:b6:a7:ff:58:59:c7:7c:6d:78:65:59:bd:26:b3:fa: 48:c3:38:66:7f:57:ca:23:7d:d8:a6:e6:51:3c:02:ab:3f:c6: 04:62:21:ff:04:fa:bd:e2:af:ff:ab:b6:cd:9a:43:d7:26:18: 58:7e:4e:23:45:5d:61:58:bc:56:98:5d:91:70:f9:7c:e8:02: 3b:38:e8:cc:5b:9a:18:6e:f6:38:e5:d1:38:48:01:85:fd:15: 25:56:5e:50:4b:7e:f8:11:9f:56:4e:2c:de:bb:11:21:ff:87: 07:b4:4a:a5:34:9b:7b:7b:f4:3d:d0:49:15:79:93:cf:1e:7c: 7a:55:d6:ab:4d:d3:49:3a:c3:19:e4:bc:d2:a8:ac:54:1e:cd: 7e:44:4d:b5:2f:36:92:07:a3:fc:01:42:5a:ae:59:40:64:fd: ea:0a:3a:29 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICErYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkJE M0FDOUZDNDRDM0REMkFCN0I1RDIwQkMxNThDODJEODNEMjYwQTAeFw0yNTAyMTAx NDAyMDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA5RjMzMzk1NzlGNDhG RUU0RjE1MjdFMTk2Mzk1MERGQkUwRTUxMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChOWzTFtdv+pwNG0yimi4N4uT5W5JNyq7YNJORtPIig+RtVA0o Vs9WyUfgrmRX4CfL6TUqRtpJQbFCW4c4xDT95nAlPaTavCYaEQsIBXvW+Lfv5Sgn M6a5BS/U4qUi50fjdDsY7j+icmuM2U0BnUf3eKJcA6N1WxJGun3j/VHFDnn0ielM R4x34ijFeEWCSucE/Yq4Yw2mNYkenyChkr4ui3wCAjR/dKMYaLtQ35TD6Ds1hqT8 vDVZLAPlW+vaffpBqxelSoKAYCJA2WNzjWBCq7PfekSv2aBKlillegWxRf1vWExH qhKkc7OKdFGjbs/WV9y2n6vAQ7yDN1fQnmyxAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUCfMzlXn0j+5PFSfhljlQ374OUTMwHwYDVR0jBBgwFoAU+9Osn8RMPdKre10g vBWMgtg9JgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1RJSS8t OU9zbjhSTVBkS3JlMTBndkJXTWd0ZzlKZ28uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB Ly05T3NuOFJNUGRLcmUxMGd2QldNZ3RnOUpnby5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0NUSUkvQ2ZNemxYbjBqLTVQRlNmaGxqbFEz NzRPVVRNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeC+DAN BgkqhkiG9w0BAQsFAAOCAQEAOhMH9i/PyhQL032VjVQ2eR6Pd3CbK2m/1DpTFUrt b6wsL3L8kbYx721vy8oMQwo3MZAdNGH9CK1iOPzuZWX7lOj2FheaxfppxHjKvhup 52Sp/BE+etoCXbySISTAtqf/WFnHfG14ZVm9JrP6SMM4Zn9XyiN92KbmUTwCqz/G BGIh/wT6veKv/6u2zZpD1yYYWH5OI0VdYVi8VphdkXD5fOgCOzjozFuaGG72OOXR OEgBhf0VJVZeUEt++BGfVk4s3rsRIf+HB7RKpTSbe3v0PdBJFXmTzx58elXWq03T STrDGeS80qisVB7NfkRNtS82kgej/AFCWq5ZQGT96go6KQ== -----END CERTIFICATE-----Generated at Sat Apr 12 06:11:52 2025 by rpki-client