$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/5kLVt5wiwHNeH9Mid1exm_G1yVM.roa File: 5kLVt5wiwHNeH9Mid1exm_G1yVM.roa (raw, json) Hash identifier: lzMUOTnYdsjGx5KRwfV8XxKaTN4xWAD2dIU0x2nQ12g= Subject key identifier: E6:42:D5:B7:9C:22:C0:73:5E:1F:D3:22:77:57:B1:9B:F1:B5:C9:53 Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB Certificate serial: 0D21 Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/5kLVt5wiwHNeH9Mid1exm_G1yVM.roa Signing time: Mon 10 Feb 2025 14:04:36 +0000 ROA not before: Mon 10 Feb 2025 14:04:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18046 IP address blocks: 150.107.56.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 21:36:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3361 (0xd21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB Validity Not Before: Feb 10 14:04:36 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E642D5B79C22C0735E1FD3227757B19BF1B5C953 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:53:ec:fe:30:32:c7:41:21:ee:ff:32:82:ec: 7f:e4:49:13:b3:1e:f2:56:cc:40:0f:ae:29:7c:61: 4e:c9:09:22:06:ae:26:f3:ca:2a:3a:0c:0d:0a:eb: 2d:cb:d0:67:bb:1f:35:44:23:f9:54:23:da:79:bf: 41:9a:40:29:d6:b2:2f:72:ef:ba:ac:21:21:69:ae: 74:bb:62:63:af:42:6c:7a:62:ef:90:66:f6:1e:07: f7:38:06:9c:74:e6:dc:69:9f:4c:47:5e:15:ca:64: 6b:10:1c:95:f0:75:ac:e0:7a:34:df:6b:28:d2:19: ed:68:86:f3:cf:54:66:09:8d:fa:a7:f3:08:4f:b6: d0:d1:ad:cf:4d:dd:c9:c5:ca:a6:32:d7:9a:93:89: 25:4a:20:67:02:c6:3e:d1:d2:08:68:db:ea:b9:c0: 8f:96:39:31:8c:cf:7e:a4:76:87:54:cf:53:50:37: 4f:bd:5f:7c:1b:9c:90:d1:17:f2:ef:ef:01:b3:cb: d2:70:1d:66:1c:42:f5:74:fd:51:12:97:94:3e:91: 4d:6a:54:c5:2b:59:4a:cd:12:2f:ed:28:0a:ef:60: 99:43:4a:4d:ab:41:9a:f5:4d:d9:4e:eb:0d:7f:e9: d6:fd:b2:88:5a:aa:92:f4:27:65:00:22:25:96:0b: 43:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:42:D5:B7:9C:22:C0:73:5E:1F:D3:22:77:57:B1:9B:F1:B5:C9:53 X509v3 Authority Key Identifier: keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/5kLVt5wiwHNeH9Mid1exm_G1yVM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.107.56.0/22 Signature Algorithm: sha256WithRSAEncryption a8:3e:2b:8e:8a:b3:0c:f8:87:05:61:c6:b3:a0:10:84:60:42: 85:ca:aa:88:2f:97:38:6c:f0:b7:f1:9d:68:96:e3:ce:c0:53: 6b:45:c7:29:8e:08:d3:98:22:01:12:84:c1:59:0d:3a:91:a7: 66:1e:80:da:88:65:17:d2:e6:98:dd:87:e7:89:4c:0c:bc:6f: 4b:0a:96:b9:6a:8e:43:fb:c5:f4:be:11:59:fc:7f:73:77:88: f9:c0:ac:6a:df:be:26:e6:d0:1e:38:a7:c8:64:6e:ac:39:ff: 46:c4:86:92:31:ff:94:b8:23:ca:1b:72:ff:e8:02:6e:4f:21: 08:f1:2b:01:39:10:92:cf:75:e6:bb:ef:f1:e4:a9:22:62:c7: 81:dc:5f:b0:ca:bb:80:4e:58:69:02:57:4a:af:2c:fb:04:94: c5:ff:5d:23:3e:45:64:0a:5b:20:f0:94:1b:dc:a4:a8:dc:4d: 72:fd:5b:7f:05:1a:6d:cc:51:53:ac:8b:14:d2:22:32:54:6b: e9:ef:8d:3b:aa:f4:23:93:0a:f3:d3:1f:3c:75:ee:a2:b5:86: 54:4e:74:23:1e:06:40:38:26:91:34:3f:5b:a2:20:83:bd:0a: fa:0c:70:e3:40:f9:69:88:13:c8:fd:1a:4a:d3:12:65:d6:0e: dd:ff:a9:7a -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3 ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNTAyMTAx NDA0MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEU2NDJENUI3OUMyMkMw NzM1RTFGRDMyMjc3NTdCMTlCRjFCNUM5NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQU+z+MDLHQSHu/zKC7H/kSROzHvJWzEAPril8YU7JCSIGribz yio6DA0K6y3L0Ge7HzVEI/lUI9p5v0GaQCnWsi9y77qsISFprnS7YmOvQmx6Yu+Q ZvYeB/c4Bpx05txpn0xHXhXKZGsQHJXwdazgejTfayjSGe1ohvPPVGYJjfqn8whP ttDRrc9N3cnFyqYy15qTiSVKIGcCxj7R0gho2+q5wI+WOTGMz36kdodUz1NQN0+9 X3wbnJDRF/Lv7wGzy9JwHWYcQvV0/VESl5Q+kU1qVMUrWUrNEi/tKArvYJlDSk2r QZr1TdlO6w1/6db9sohaqpL0J2UAIiWWC0OPAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU5kLVt5wiwHNeH9Mid1exm/G1yVMwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy81a0xWdDV3aXdITmVI OU1pZDFleG1fRzF5Vk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQClms4MA0GCSqGSIb3DQEBCwUAA4IBAQCoPiuOirMM+IcFYcazoBCEYEKFyqqI L5c4bPC38Z1oluPOwFNrRccpjgjTmCIBEoTBWQ06kadmHoDaiGUX0uaY3YfniUwM vG9LCpa5ao5D+8X0vhFZ/H9zd4j5wKxq374m5tAeOKfIZG6sOf9GxIaSMf+UuCPK G3L/6AJuTyEI8SsBORCSz3Xmu+/x5KkiYseB3F+wyruATlhpAldKryz7BJTF/10j PkVkClsg8JQb3KSo3E1y/Vt/BRptzFFTrIsU0iIyVGvp7407qvQjkwrz0x88de6i tYZUTnQjHgZAOCaRND9boiCDvQr6DHDjQPlpiBPI/RpK0xJl1g7d/6l6 -----END CERTIFICATE-----Generated at Sun Apr 6 19:57:09 2025 by rpki-client