$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CXT/v8bXGk6pI3vcRxqP3WCGAtq-yB8.roa File: v8bXGk6pI3vcRxqP3WCGAtq-yB8.roa (raw, json) Hash identifier: roY9TvtTmsFuUR10RzOSWhVlmDzV96rhGFGoHTluRIo= Subject key identifier: BF:C6:D7:1A:4E:A9:23:7B:DC:47:1A:8F:DD:60:86:02:DA:BE:C8:1F Certificate issuer: /CN=2716EBB895BC844795A684C9673EA981145775CE Certificate serial: 03F9 Authority key identifier: 27:16:EB:B8:95:BC:84:47:95:A6:84:C9:67:3E:A9:81:14:57:75:CE Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JxbruJW8hEeVpoTJZz6pgRRXdc4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CXT/v8bXGk6pI3vcRxqP3WCGAtq-yB8.roa Signing time: Mon 10 Feb 2025 14:13:50 +0000 ROA not before: Mon 10 Feb 2025 14:13:50 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 134823 IP address blocks: 103.129.180.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CXT/JxbruJW8hEeVpoTJZz6pgRRXdc4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CXT/JxbruJW8hEeVpoTJZz6pgRRXdc4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/JxbruJW8hEeVpoTJZz6pgRRXdc4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:26:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1017 (0x3f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2716EBB895BC844795A684C9673EA981145775CE Validity Not Before: Feb 10 14:13:50 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=BFC6D71A4EA9237BDC471A8FDD608602DABEC81F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:00:bd:63:f5:1a:5d:2c:8e:ed:12:28:ff:21: b8:f2:39:b5:c5:71:65:9a:5b:9c:88:14:e4:bf:cf: 21:b9:ef:ac:68:90:10:3d:ac:0f:a4:49:85:6a:b7: 86:72:32:67:4a:02:6b:9e:de:2a:4e:6d:dc:8f:6e: 56:f6:3c:78:da:24:6b:f6:c4:f3:fb:6f:23:91:97: cf:e9:6f:e3:c5:bb:cb:af:16:1c:c8:29:9e:60:d0: b8:95:0e:50:f6:8e:10:ad:c7:5a:5c:75:f4:dd:b0: f9:59:ed:24:e4:13:aa:9e:91:69:46:34:01:ee:f8: cd:31:21:64:5b:a8:7f:34:f5:97:8f:00:e8:dd:0f: f6:d1:d2:3a:1c:62:7b:ee:7b:3b:24:3f:31:e7:5e: 84:40:61:2d:b5:2d:96:ca:16:fb:91:33:d8:13:8d: a8:55:f3:4e:4f:52:72:1d:df:22:20:8a:3a:93:c3: 8a:07:9d:67:f7:d4:de:44:f1:77:bf:21:4c:94:f8: 37:06:71:65:86:88:05:d7:76:09:a5:3e:12:bf:09: 5c:cb:33:41:a2:e9:16:19:18:46:72:e3:64:07:26: 23:c0:86:b3:05:0f:8e:95:f7:44:8f:15:41:10:22: bc:40:1a:01:eb:88:21:d5:76:09:54:72:89:1a:bf: c8:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:C6:D7:1A:4E:A9:23:7B:DC:47:1A:8F:DD:60:86:02:DA:BE:C8:1F X509v3 Authority Key Identifier: keyid:27:16:EB:B8:95:BC:84:47:95:A6:84:C9:67:3E:A9:81:14:57:75:CE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CXT/JxbruJW8hEeVpoTJZz6pgRRXdc4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JxbruJW8hEeVpoTJZz6pgRRXdc4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CXT/v8bXGk6pI3vcRxqP3WCGAtq-yB8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.129.180.0/22 Signature Algorithm: sha256WithRSAEncryption 83:e0:7c:34:35:d8:71:04:59:d7:6a:1e:8d:7d:e5:69:5f:41: ca:88:97:a6:22:32:28:e6:16:bf:a8:99:9a:b7:3a:27:ec:92: 9b:06:75:e0:cc:fb:56:3c:27:68:75:e7:9b:53:af:83:63:18: 87:0d:7e:87:a2:09:af:66:ad:d2:1d:c0:f4:e2:09:d6:6e:30: f4:88:6f:d6:00:1a:f3:f3:4e:bc:f7:8e:3e:1c:9c:a4:a9:72: 5b:b7:dc:40:90:71:bc:88:1f:eb:aa:f2:0f:f6:cb:65:5e:de: 31:23:02:f4:d0:a8:4c:df:34:42:b2:7c:8a:89:ab:4b:3b:ab: f7:00:70:02:8b:c7:74:65:5a:1e:08:ab:dd:ce:02:f3:e3:ee: c1:d9:ab:d7:0e:a5:31:84:fb:20:8c:46:5d:69:a0:32:64:58: fd:1f:af:e6:42:7d:63:e0:3b:9d:31:a8:f5:b1:0d:7b:7f:d2: 5c:49:f3:53:80:0f:28:39:be:6b:af:05:69:31:9e:87:76:db: 32:35:ed:c2:4e:71:e0:55:8d:53:6a:6b:33:02:e5:83:e1:94: 21:bf:6c:7f:e0:95:56:7f:67:d8:20:83:64:ab:f9:56:0f:54: d6:6b:42:d0:f2:a0:37:55:04:6a:d9:9f:47:49:56:10:74:3d: bf:13:16:b8 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICA/kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjcx NkVCQjg5NUJDODQ0Nzk1QTY4NEM5NjczRUE5ODExNDU3NzVDRTAeFw0yNTAyMTAx NDEzNTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJGQzZENzFBNEVBOTIz N0JEQzQ3MUE4RkRENjA4NjAyREFCRUM4MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClAL1j9RpdLI7tEij/IbjyObXFcWWaW5yIFOS/zyG576xokBA9 rA+kSYVqt4ZyMmdKAmue3ipObdyPblb2PHjaJGv2xPP7byORl8/pb+PFu8uvFhzI KZ5g0LiVDlD2jhCtx1pcdfTdsPlZ7STkE6qekWlGNAHu+M0xIWRbqH809ZePAOjd D/bR0jocYnvuezskPzHnXoRAYS21LZbKFvuRM9gTjahV805PUnId3yIgijqTw4oH nWf31N5E8Xe/IUyU+DcGcWWGiAXXdgmlPhK/CVzLM0Gi6RYZGEZy42QHJiPAhrMF D46V90SPFUEQIrxAGgHriCHVdglUcokav8hdAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUv8bXGk6pI3vcRxqP3WCGAtq+yB8wHwYDVR0jBBgwFoAUJxbruJW8hEeVpoTJ Zz6pgRRXdc4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1hUL0p4 YnJ1Slc4aEVlVnBvVEpaejZwZ1JSWGRjNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev SnhicnVKVzhoRWVWcG9USlp6NnBnUlJYZGM0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvQ1hUL3Y4YlhHazZwSTN2Y1J4cVAzV0NHQXRx LXlCOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJngbQwDQYJ KoZIhvcNAQELBQADggEBAIPgfDQ12HEEWddqHo195WlfQcqIl6YiMijmFr+omZq3 OifskpsGdeDM+1Y8J2h155tTr4NjGIcNfoeiCa9mrdIdwPTiCdZuMPSIb9YAGvPz Trz3jj4cnKSpclu33ECQcbyIH+uq8g/2y2Ve3jEjAvTQqEzfNEKyfIqJq0s7q/cA cAKLx3RlWh4Iq93OAvPj7sHZq9cOpTGE+yCMRl1poDJkWP0fr+ZCfWPgO50xqPWx DXt/0lxJ81OADyg5vmuvBWkxnod22zI17cJOceBVjVNqazMC5YPhlCG/bH/glVZ/ Z9ggg2Sr+VYPVNZrQtDyoDdVBGrZn0dJVhB0Pb8TFrg= -----END CERTIFICATE-----Generated at Wed Feb 19 22:10:35 2025 by rpki-client