$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/iqP2c-9fV1oaC3TgAv3UIIopWls.roa File: iqP2c-9fV1oaC3TgAv3UIIopWls.roa (raw, json) Hash identifier: kuMvL6n6rtKCHpMdwc5LoIctDgq3IZrUt+at3QTdlDk= Subject key identifier: 8A:A3:F6:73:EF:5F:57:5A:1A:0B:74:E0:02:FD:D4:20:8A:29:5A:5B Certificate issuer: /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477 Certificate serial: 0CCF Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/iqP2c-9fV1oaC3TgAv3UIIopWls.roa Signing time: Mon 10 Feb 2025 13:49:55 +0000 ROA not before: Mon 10 Feb 2025 13:49:55 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 396982 IP address blocks: 103.123.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 23:36:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3279 (0xccf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477 Validity Not Before: Feb 10 13:49:55 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8AA3F673EF5F575A1A0B74E002FDD4208A295A5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ba:e7:f9:41:b9:0a:cf:76:23:89:50:3c:24: 2e:33:5e:8b:67:77:0f:ab:d6:62:e2:d3:82:ba:14: d6:86:14:d4:db:8f:17:f9:ea:28:60:d9:68:6e:d3: 84:90:d5:6c:c7:b9:2d:13:4b:9d:1e:74:26:34:2d: fe:a4:ab:a7:1d:a7:93:6b:cd:6e:2a:f0:b9:fe:d8: 32:fb:6e:3b:de:26:46:29:23:0c:98:1d:f0:06:5a: 0f:35:2b:a9:df:4f:ab:bd:d6:2e:5b:89:46:fc:b8: 30:43:18:57:96:d2:e3:bd:40:a6:92:67:89:b9:1e: 51:8c:a4:f9:c0:da:e2:29:65:62:05:6e:75:57:11: 48:50:06:7a:75:de:06:b3:44:0d:98:26:f7:00:20: c7:b6:d0:ec:31:cc:9a:ef:49:74:c0:97:5f:fe:cf: e6:81:90:b7:5a:20:3e:12:6e:70:90:53:e1:1a:e2: 8f:3d:0c:15:db:34:7c:e8:23:07:78:7b:3c:52:cd: 96:0c:30:42:b5:9c:96:47:b3:ca:bb:78:c8:23:d8: 19:cb:6f:48:80:8b:39:f6:31:45:06:6b:32:91:24: 33:df:9b:4c:ab:34:5a:ce:ac:d6:c7:94:f1:28:7b: 3b:ec:7a:51:8a:07:c0:5e:47:dd:a5:67:23:fe:33: dd:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:A3:F6:73:EF:5F:57:5A:1A:0B:74:E0:02:FD:D4:20:8A:29:5A:5B X509v3 Authority Key Identifier: keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/iqP2c-9fV1oaC3TgAv3UIIopWls.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.123.131.0/24 Signature Algorithm: sha256WithRSAEncryption a9:94:fe:0d:30:2c:4a:2b:60:3c:db:ef:60:1d:70:04:52:67: 8a:ab:2a:d8:18:58:81:80:30:0a:d9:36:45:c4:c3:8e:32:c7: 4f:7f:5a:e2:2f:9f:d7:88:84:2c:bb:6f:8b:bb:d3:35:e3:bb: 8c:28:41:e0:c6:45:1c:05:4d:51:ab:d5:2b:fe:c3:75:7c:c5: 06:34:b4:39:7b:70:60:24:e2:bb:7b:9e:1e:25:4a:9c:b5:75: f3:8f:43:2b:5e:37:b2:26:c9:09:22:45:63:0a:f9:f3:3a:a6: 16:38:f3:0b:a9:32:40:46:24:e7:c5:62:a7:a2:ac:28:27:68: e3:11:6c:35:27:ba:61:fe:e7:3b:8f:06:b6:7d:36:96:10:5a: 0b:c6:10:91:c2:f1:3b:b5:2d:48:5c:65:0d:f2:12:37:f3:82: 41:86:eb:10:f1:6f:0d:4e:59:eb:83:1c:ea:42:0b:7b:20:a7: 17:a1:03:19:56:df:8a:a7:e6:f3:95:0e:20:5c:cf:dc:d7:c2: e6:cf:21:14:1c:ef:f8:5c:12:83:ed:b8:56:9b:ef:7c:84:fa: 9f:ab:22:8a:7e:23:63:0f:e0:8c:0c:4f:ee:10:e7:65:63:4d: 41:08:fc:19:96:a3:55:12:a6:48:a8:f2:72:e4:ab:08:68:63: ae:bd:62:f2 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yNTAyMTAx MzQ5NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhBQTNGNjczRUY1RjU3 NUExQTBCNzRFMDAyRkRENDIwOEEyOTVBNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeuuf5QbkKz3YjiVA8JC4zXotndw+r1mLi04K6FNaGFNTbjxf5 6ihg2Whu04SQ1WzHuS0TS50edCY0Lf6kq6cdp5NrzW4q8Ln+2DL7bjveJkYpIwyY HfAGWg81K6nfT6u91i5biUb8uDBDGFeW0uO9QKaSZ4m5HlGMpPnA2uIpZWIFbnVX EUhQBnp13gazRA2YJvcAIMe20OwxzJrvSXTAl1/+z+aBkLdaID4SbnCQU+Ea4o89 DBXbNHzoIwd4ezxSzZYMMEK1nJZHs8q7eMgj2BnLb0iAizn2MUUGazKRJDPfm0yr NFrOrNbHlPEoezvselGKB8BeR92lZyP+M91XAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUiqP2c+9fV1oaC3TgAv3UIIopWlswHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vaXFQMmMtOWZWMW9hQzNU Z0F2M1VJSW9wV2xzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGd7gzANBgkqhkiG9w0BAQsFAAOCAQEAqZT+DTAsSitgPNvvYB1wBFJniqsq2BhY gYAwCtk2RcTDjjLHT39a4i+f14iELLtvi7vTNeO7jChB4MZFHAVNUavVK/7DdXzF BjS0OXtwYCTiu3ueHiVKnLV1849DK143sibJCSJFYwr58zqmFjjzC6kyQEYk58Vi p6KsKCdo4xFsNSe6Yf7nO48Gtn02lhBaC8YQkcLxO7UtSFxlDfISN/OCQYbrEPFv DU5Z64Mc6kILeyCnF6EDGVbfiqfm85UOIFzP3NfC5s8hFBzv+FwSg+24VpvvfIT6 n6siin4jYw/gjAxP7hDnZWNNQQj8GZajVRKmSKjycuSrCGhjrr1i8g== -----END CERTIFICATE-----Generated at Fri Apr 4 22:42:55 2025 by rpki-client