$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/iUv9_WKZnnKO1LrJjOFge-ueXCU.roa File: iUv9_WKZnnKO1LrJjOFge-ueXCU.roa (raw, json) Hash identifier: xGKLcVSQpMXj9CPj5AclUmYYElMlKOlPw/NOLDN07gQ= Subject key identifier: 89:4B:FD:FD:62:99:9E:72:8E:D4:BA:C9:8C:E1:60:7B:EB:9E:5C:25 Certificate issuer: /CN=F858D0000C7C46A986B2EB96815F06AE2693A9D0 Certificate serial: 0CBD Authority key identifier: F8:58:D0:00:0C:7C:46:A9:86:B2:EB:96:81:5F:06:AE:26:93:A9:D0 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-FjQAAx8RqmGsuuWgV8GriaTqdA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/iUv9_WKZnnKO1LrJjOFge-ueXCU.roa Signing time: Mon 10 Feb 2025 14:04:32 +0000 ROA not before: Mon 10 Feb 2025 14:04:32 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18046 IP address blocks: 159.117.84.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/-FjQAAx8RqmGsuuWgV8GriaTqdA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/-FjQAAx8RqmGsuuWgV8GriaTqdA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/-FjQAAx8RqmGsuuWgV8GriaTqdA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 20:36:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3261 (0xcbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F858D0000C7C46A986B2EB96815F06AE2693A9D0 Validity Not Before: Feb 10 14:04:32 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=894BFDFD62999E728ED4BAC98CE1607BEB9E5C25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:e6:f9:dc:01:8a:2d:8f:c6:5a:fb:17:87:9e: 71:0a:dc:09:e1:85:c3:ae:2a:40:12:73:4e:47:16: dd:c8:d4:13:20:17:85:ca:7b:8f:56:78:71:85:08: 4e:2e:99:4f:43:bf:11:66:45:96:7b:bd:e9:c1:10: 76:a9:09:d7:ee:c4:d1:83:d2:ea:83:8d:b8:bd:1c: 15:aa:55:33:e1:2b:35:b8:f4:e2:a7:fd:09:2d:e9: c4:dd:51:8b:86:8c:f1:65:9b:08:4c:a1:ae:0c:d4: 8a:88:9a:4d:03:f1:f5:ba:87:d4:23:e5:fc:cd:71: 67:20:cf:5e:99:cb:20:75:4d:37:8c:f0:af:ec:66: 43:ab:47:e1:9d:87:b1:28:69:84:46:fe:61:2f:39: b0:9b:1b:60:63:d7:33:6c:80:2b:d9:3d:bd:78:5a: f8:ba:a9:76:53:92:80:95:4f:9a:e1:f3:56:5a:6e: d6:c7:c1:2d:78:9a:78:e7:1a:95:56:10:81:be:9a: 4a:ec:45:a9:04:2f:4a:6a:a4:a1:bd:ef:99:4c:a1: ac:4f:94:4b:23:46:2d:ee:b9:35:19:ce:fc:4c:cf: 4d:ff:85:5e:6c:d9:67:e0:ad:ab:ba:8b:81:ab:a5: ae:f9:72:bd:ce:8b:f9:d6:8b:33:66:57:56:17:0f: 9a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:4B:FD:FD:62:99:9E:72:8E:D4:BA:C9:8C:E1:60:7B:EB:9E:5C:25 X509v3 Authority Key Identifier: keyid:F8:58:D0:00:0C:7C:46:A9:86:B2:EB:96:81:5F:06:AE:26:93:A9:D0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/-FjQAAx8RqmGsuuWgV8GriaTqdA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-FjQAAx8RqmGsuuWgV8GriaTqdA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/iUv9_WKZnnKO1LrJjOFge-ueXCU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 159.117.84.0/24 Signature Algorithm: sha256WithRSAEncryption 72:6e:0e:c2:f5:04:d1:11:48:91:af:c4:37:4b:d5:2a:1b:ec: 46:2f:36:f6:5d:67:8d:19:bc:c7:e8:a1:9d:30:69:1e:69:ef: 99:6e:45:25:59:72:8d:7b:16:a2:f3:2b:db:3c:bc:c9:3d:66: bf:3c:f7:04:8e:e2:d8:27:28:1f:77:b0:23:81:c6:01:1b:46: ed:39:5a:c1:f6:dd:2a:6c:13:67:c3:74:a6:75:5a:ef:d3:00: 4c:80:fe:ca:07:70:13:73:a5:a5:f2:1c:30:f2:21:71:fe:22: fe:a0:7f:ad:55:9f:e8:1d:81:ee:d1:be:87:4b:ad:f9:8d:8c: d5:83:b9:72:9a:9d:a2:06:af:aa:5c:e3:b0:de:33:b8:79:39: bd:48:7f:22:1f:c9:9d:58:dd:e6:58:bf:fa:e4:7f:e6:49:24: 11:4c:6c:5b:1e:31:58:92:e3:5f:f7:5c:ec:c7:81:a7:a8:9d: 19:a7:5e:b8:58:b0:97:a4:d5:4d:42:e3:21:37:64:87:53:24: ef:91:22:1e:44:09:2d:16:02:a5:5d:fc:c1:d6:ea:e9:7c:7d: 74:04:05:3f:1b:c6:fa:50:c2:f1:e7:b2:b4:76:d3:59:73:24: c9:91:97:37:c6:9d:9c:a3:88:a0:00:31:66:8c:65:5f:f0:48: bf:72:37:50 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjg1 OEQwMDAwQzdDNDZBOTg2QjJFQjk2ODE1RjA2QUUyNjkzQTlEMDAeFw0yNTAyMTAx NDA0MzJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5NEJGREZENjI5OTlF NzI4RUQ0QkFDOThDRTE2MDdCRUI5RTVDMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDm5vncAYotj8Za+xeHnnEK3AnhhcOuKkASc05HFt3I1BMgF4XK e49WeHGFCE4umU9DvxFmRZZ7venBEHapCdfuxNGD0uqDjbi9HBWqVTPhKzW49OKn /Qkt6cTdUYuGjPFlmwhMoa4M1IqImk0D8fW6h9Qj5fzNcWcgz16ZyyB1TTeM8K/s ZkOrR+Gdh7EoaYRG/mEvObCbG2Bj1zNsgCvZPb14Wvi6qXZTkoCVT5rh81ZabtbH wS14mnjnGpVWEIG+mkrsRakEL0pqpKG975lMoaxPlEsjRi3uuTUZzvxMz03/hV5s 2Wfgrau6i4Grpa75cr3Oi/nWizNmV1YXD5opAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUiUv9/WKZnnKO1LrJjOFge+ueXCUwHwYDVR0jBBgwFoAU+FjQAAx8RqmGsuuW gV8GriaTqdAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP TkcvLUZqUUFBeDhScW1Hc3V1V2dWOEdyaWFUcWRBLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS8tRmpRQUF4OFJxbUdzdXVXZ1Y4R3JpYVRxZEEuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9pVXY5X1dLWm5uS08x THJKak9GZ2UtdWVYQ1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAn3VUMA0GCSqGSIb3DQEBCwUAA4IBAQBybg7C9QTREUiRr8Q3S9UqG+xGLzb2 XWeNGbzH6KGdMGkeae+ZbkUlWXKNexai8yvbPLzJPWa/PPcEjuLYJygfd7AjgcYB G0btOVrB9t0qbBNnw3SmdVrv0wBMgP7KB3ATc6Wl8hww8iFx/iL+oH+tVZ/oHYHu 0b6HS635jYzVg7lymp2iBq+qXOOw3jO4eTm9SH8iH8mdWN3mWL/65H/mSSQRTGxb HjFYkuNf91zsx4GnqJ0Zp164WLCXpNVNQuMhN2SHUyTvkSIeRAktFgKlXfzB1urp fH10BAU/G8b6UMLx57K0dtNZcyTJkZc3xp2co4igADFmjGVf8Ei/cjdQ -----END CERTIFICATE-----Generated at Sun Apr 6 19:49:55 2025 by rpki-client