$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/3D1pUcXq2r6ofEsgOPaMj_3JJ1s.roa File: 3D1pUcXq2r6ofEsgOPaMj_3JJ1s.roa (raw, json) Hash identifier: RQcJuyrw1A7oaa5f/ury4rGBvIVmlVTjUcELAFTvGzw= Subject key identifier: DC:3D:69:51:C5:EA:DA:BE:A8:7C:4B:20:38:F6:8C:8F:FD:C9:27:5B Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 17C8 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/3D1pUcXq2r6ofEsgOPaMj_3JJ1s.roa Signing time: Wed 12 Feb 2025 01:37:03 +0000 ROA not before: Wed 12 Feb 2025 01:37:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 203.160.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 06:36:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6088 (0x17c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:37:03 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DC3D6951C5EADABEA87C4B2038F68C8FFDC9275B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:92:45:3d:5c:f1:f4:6e:98:ea:8a:3b:5e:aa: 85:89:99:37:eb:57:3b:f8:be:a4:40:dc:84:6e:26: c0:1b:cf:e0:17:bf:5d:36:38:94:2f:35:4e:6b:57: 7e:7e:67:8d:00:c2:52:70:df:01:cf:24:9b:bb:47: 5e:1c:df:1e:98:5b:7b:d0:62:fb:51:f2:23:2f:eb: c8:99:6d:97:70:f2:1a:2f:cb:e8:eb:f8:12:7e:0f: 00:05:85:1d:26:3a:29:8c:80:84:76:d8:ed:57:ae: 9e:45:e4:bb:a4:6d:29:d6:8c:28:62:d8:e9:5e:de: 7f:3a:3b:29:b2:f7:29:6f:d6:ad:0f:4e:df:f3:6d: b9:54:cb:1b:e6:7b:52:c6:44:27:04:7b:b4:05:af: c9:bd:82:16:98:e9:41:e5:48:3d:2a:80:3d:04:2e: 76:00:db:1e:80:ce:0e:b5:1f:a6:cf:17:af:fe:6f: a8:53:15:11:ca:ff:11:c3:ce:71:86:f6:ba:6c:30: 7c:87:e8:ff:1a:73:4e:33:59:4f:12:75:7d:ec:6d: 1a:53:70:16:0d:d4:8c:b6:0d:87:7e:40:ea:51:e5: 6a:6d:80:a3:f5:a9:8b:38:e1:27:e5:32:f8:5c:f3: c1:c2:4e:aa:49:db:4d:2c:fa:62:27:73:f2:b9:a8: 3b:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:3D:69:51:C5:EA:DA:BE:A8:7C:4B:20:38:F6:8C:8F:FD:C9:27:5B X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/3D1pUcXq2r6ofEsgOPaMj_3JJ1s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.160.253.0/24 Signature Algorithm: sha256WithRSAEncryption c5:55:3e:08:14:a8:d5:b0:b9:f6:5b:64:5b:0d:b0:0f:65:54: f4:43:de:50:9d:64:76:be:a4:47:ad:f5:8c:40:83:5d:e4:e9: 84:b3:d6:85:df:eb:57:30:a9:b4:aa:61:34:f7:bd:94:82:c9: 1f:26:ac:30:f8:60:35:a5:25:94:1c:33:21:c9:46:58:81:b1: c7:eb:98:6d:d0:5d:6b:d9:30:0a:ce:6a:5b:de:29:d8:4d:66: 4e:a3:f7:e8:0d:10:96:3a:e7:b3:fb:c8:8d:59:a8:53:de:48: 79:9b:b0:ea:04:0a:8c:42:93:c9:81:05:93:25:9a:c9:8c:ee: 32:73:30:f1:6b:e9:2d:eb:8a:2a:6e:89:75:98:98:13:7d:5b: 7e:1a:26:72:64:78:f0:34:4c:3e:ce:98:47:27:d5:7d:72:b5: 45:16:6c:43:84:5f:73:25:0b:6d:af:01:a4:55:db:56:96:e6: 1d:7e:da:e3:8d:fb:0a:cc:f5:a7:f5:c3:ee:3a:d2:6b:ce:1b: 54:28:ce:e4:6e:f6:8b:38:ea:73:19:a5:3c:c0:49:c7:44:67: 48:c5:36:e6:21:87:4b:88:0d:4e:6d:3b:5b:94:13:cf:fe:d6: e3:4f:bb:b8:af:61:fa:57:18:ee:b1:f4:08:36:f2:7c:1c:ca: 42:82:0d:f0 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICF8gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM3MDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDM0Q2OTUxQzVFQURB QkVBODdDNEIyMDM4RjY4QzhGRkRDOTI3NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD1kkU9XPH0bpjqijteqoWJmTfrVzv4vqRA3IRuJsAbz+AXv102 OJQvNU5rV35+Z40AwlJw3wHPJJu7R14c3x6YW3vQYvtR8iMv68iZbZdw8hovy+jr +BJ+DwAFhR0mOimMgIR22O1Xrp5F5LukbSnWjChi2Ole3n86Oymy9ylv1q0PTt/z bblUyxvme1LGRCcEe7QFr8m9ghaY6UHlSD0qgD0ELnYA2x6Azg61H6bPF6/+b6hT FRHK/xHDznGG9rpsMHyH6P8ac04zWU8SdX3sbRpTcBYN1Iy2DYd+QOpR5WptgKP1 qYs44SflMvhc88HCTqpJ200s+mInc/K5qDsPAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU3D1pUcXq2r6ofEsgOPaMj/3JJ1swHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8zRDFwVWNYcTJyNm9mRXNnT1Bh TWpfM0pKMXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy6D9 MA0GCSqGSIb3DQEBCwUAA4IBAQDFVT4IFKjVsLn2W2RbDbAPZVT0Q95QnWR2vqRH rfWMQINd5OmEs9aF3+tXMKm0qmE0972UgskfJqww+GA1pSWUHDMhyUZYgbHH65ht 0F1r2TAKzmpb3inYTWZOo/foDRCWOuez+8iNWahT3kh5m7DqBAqMQpPJgQWTJZrJ jO4yczDxa+kt64oqbol1mJgTfVt+GiZyZHjwNEw+zphHJ9V9crVFFmxDhF9zJQtt rwGkVdtWluYdftrjjfsKzPWn9cPuOtJrzhtUKM7kbvaLOOpzGaU8wEnHRGdIxTbm IYdLiA1ObTtblBPP/tbjT7u4r2H6VxjusfQINvJ8HMpCgg3w -----END CERTIFICATE-----Generated at Mon Apr 7 02:07:59 2025 by rpki-client