$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/KBcVpY_CUF8y7WXpAnTF3_XTOpg.roa File: KBcVpY_CUF8y7WXpAnTF3_XTOpg.roa (raw, json) Hash identifier: l/LJUxoIUGeR4r8qN5dNCGsj34MgOGO4vfg/pKbBC8g= Subject key identifier: 28:17:15:A5:8F:C2:50:5F:32:ED:65:E9:02:74:C5:DF:F5:D3:3A:98 Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB Certificate serial: 0D1A Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/KBcVpY_CUF8y7WXpAnTF3_XTOpg.roa Signing time: Mon 10 Feb 2025 14:04:34 +0000 ROA not before: Mon 10 Feb 2025 14:04:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18046 IP address blocks: 116.50.32.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 21:36:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3354 (0xd1a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB Validity Not Before: Feb 10 14:04:34 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=281715A58FC2505F32ED65E90274C5DFF5D33A98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:97:9b:91:ec:2f:5f:d3:12:f7:01:5b:51:75: 57:0a:e8:1a:94:cb:78:54:e6:22:b4:23:1b:9b:fe: 49:9a:4c:53:6a:5b:5b:f1:f4:05:33:83:a2:21:95: c6:0c:96:ac:d6:4c:ac:3f:13:39:b0:cd:84:7d:35: ae:3f:8b:fb:0e:69:5b:06:01:ca:f1:8b:70:44:59: 6e:ba:bb:d9:6e:97:7e:e5:7a:26:48:37:4b:d2:f8: 9a:97:56:de:36:cb:b0:7a:98:74:be:2f:18:c4:12: 70:e5:39:7a:18:65:37:13:5f:57:ec:fe:57:cc:2e: 47:e2:b9:d8:17:83:78:02:44:fd:37:ba:89:51:9b: 67:8d:3b:cb:2e:13:72:53:a6:27:30:d2:c9:c2:44: 6b:1e:06:17:d7:dd:9a:59:96:75:83:b1:0a:f3:40: 74:30:75:fe:54:79:55:f0:c1:ed:2b:63:3b:67:71: d8:02:9d:43:be:06:ba:10:ff:28:ad:bd:09:7f:0a: c0:dd:48:cd:a7:f3:45:70:18:34:55:66:10:f9:a9: ee:6c:87:2c:cc:b7:78:ad:52:a2:6b:35:36:3f:6f: 2f:53:31:20:04:60:f3:f9:0b:2b:04:88:16:a7:ea: f7:cd:ac:c7:8c:b7:a2:16:77:fc:b5:56:a9:05:60: 81:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:17:15:A5:8F:C2:50:5F:32:ED:65:E9:02:74:C5:DF:F5:D3:3A:98 X509v3 Authority Key Identifier: keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/KBcVpY_CUF8y7WXpAnTF3_XTOpg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 116.50.32.0/20 Signature Algorithm: sha256WithRSAEncryption a1:1b:41:9e:b3:81:eb:0f:1f:8c:e3:e2:86:62:11:58:f0:56: 69:06:a0:84:61:19:f3:25:c7:a8:72:65:57:48:c6:e2:62:f1: 5e:96:fe:ab:9a:38:59:75:4f:b0:d3:50:58:fe:d5:0c:84:53: 1d:07:1f:c9:54:b6:bd:12:1a:54:8d:0e:92:9f:67:b6:9d:02: 1b:09:a3:d4:4a:96:6c:ae:5f:4e:f6:0f:83:94:56:68:db:e0: 1a:51:42:90:d5:17:48:3c:6a:fa:17:9b:1c:17:80:bb:71:b2: 43:6f:89:42:aa:f4:3f:ab:72:f6:5e:26:f9:a6:81:75:20:50: f7:7b:c5:a0:4a:18:76:a3:31:79:1a:1b:71:ac:c6:ff:24:b6: c1:5d:58:6a:14:b9:dd:ad:cb:d5:80:fb:97:6f:6b:a0:8f:14: 9e:a3:58:bf:3e:92:06:be:4e:9f:c5:64:4f:e3:2b:b0:0f:7a: a1:15:70:bb:bc:b1:f6:bd:32:a0:e5:bc:f2:ea:1c:1a:10:6a: 37:41:dc:31:fe:00:bd:f7:c2:2d:ed:f0:2b:4d:97:33:ab:73: f4:aa:ca:d0:bd:3e:58:ca:19:af:63:d8:c2:16:3f:18:3f:83: 86:27:4a:cd:df:51:d4:93:81:48:82:04:e1:09:ee:fb:8c:2f: e1:b6:d2:2d -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDRowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3 ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNTAyMTAx NDA0MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI4MTcxNUE1OEZDMjUw NUYzMkVENjVFOTAyNzRDNURGRjVEMzNBOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUl5uR7C9f0xL3AVtRdVcK6BqUy3hU5iK0Ixub/kmaTFNqW1vx 9AUzg6IhlcYMlqzWTKw/EzmwzYR9Na4/i/sOaVsGAcrxi3BEWW66u9lul37leiZI N0vS+JqXVt42y7B6mHS+LxjEEnDlOXoYZTcTX1fs/lfMLkfiudgXg3gCRP03uolR m2eNO8suE3JTpicw0snCRGseBhfX3ZpZlnWDsQrzQHQwdf5UeVXwwe0rYztncdgC nUO+BroQ/yitvQl/CsDdSM2n80VwGDRVZhD5qe5shyzMt3itUqJrNTY/by9TMSAE YPP5CysEiBan6vfNrMeMt6IWd/y1VqkFYIF5AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUKBcVpY/CUF8y7WXpAnTF3/XTOpgwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9LQmNWcFlfQ1VGOHk3 V1hwQW5URjNfWFRPcGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQEdDIgMA0GCSqGSIb3DQEBCwUAA4IBAQChG0Ges4HrDx+M4+KGYhFY8FZpBqCE YRnzJceocmVXSMbiYvFelv6rmjhZdU+w01BY/tUMhFMdBx/JVLa9EhpUjQ6Sn2e2 nQIbCaPUSpZsrl9O9g+DlFZo2+AaUUKQ1RdIPGr6F5scF4C7cbJDb4lCqvQ/q3L2 Xib5poF1IFD3e8WgShh2ozF5GhtxrMb/JLbBXVhqFLndrcvVgPuXb2ugjxSeo1i/ PpIGvk6fxWRP4yuwD3qhFXC7vLH2vTKg5bzy6hwaEGo3Qdwx/gC998It7fArTZcz q3P0qsrQvT5YyhmvY9jCFj8YP4OGJ0rN31HUk4FIggThCe77jC/httIt -----END CERTIFICATE-----Generated at Sun Apr 6 19:54:33 2025 by rpki-client