$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Aa0QPMe12VxI5qEZCMEFgfI9DJM.roa File: Aa0QPMe12VxI5qEZCMEFgfI9DJM.roa (raw, json) Hash identifier: xYkIJ+9GVaxkAfOU+fBdyfnUNRIC6awCckOabJSY0k0= Subject key identifier: 01:AD:10:3C:C7:B5:D9:5C:48:E6:A1:19:08:C1:05:81:F2:3D:0C:93 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 17A9 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Aa0QPMe12VxI5qEZCMEFgfI9DJM.roa Signing time: Wed 12 Feb 2025 01:36:56 +0000 ROA not before: Wed 12 Feb 2025 01:36:56 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17714 IP address blocks: 203.78.180.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6057 (0x17a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:36:56 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=01AD103CC7B5D95C48E6A11908C10581F23D0C93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:08:eb:3d:2f:9f:94:0e:b4:0e:45:79:fc:ee: d0:c2:74:7f:80:42:ee:42:82:73:d7:80:04:4f:78: c4:69:57:71:87:e8:73:b7:f2:71:5b:6e:48:84:d5: 0e:ed:b6:c5:a2:44:14:9c:35:b6:c4:6a:45:c0:34: 91:0a:ca:95:5b:4a:e0:e7:1c:e2:9f:f8:1e:9f:96: 4b:57:46:79:de:47:a0:ce:16:c4:c0:5c:d7:ef:e6: c0:ba:67:ce:8d:b6:91:1f:22:46:26:3f:30:b0:a8: a0:58:ee:bf:ea:f3:63:78:5e:58:ef:3f:d7:c0:9e: ac:ef:cc:3b:08:83:eb:96:ff:e9:af:d1:ff:a3:76: ce:f6:e7:71:60:73:f9:37:e7:42:a1:18:2d:ab:c7: 58:e5:e5:2d:5e:19:6d:fd:ec:98:e1:3e:a7:4e:8a: 5c:96:7f:87:c8:ab:4d:67:b7:66:1a:0f:7e:91:b6: dc:5e:c5:43:e7:35:9c:c6:58:1b:41:20:19:f2:52: ed:67:7f:2d:76:e2:3f:7d:8f:65:ac:2f:08:73:14: 49:d1:44:9b:5e:b3:de:40:9f:83:a3:38:fa:03:9a: 23:75:b7:3d:f3:1f:4f:77:b1:c4:10:89:9a:07:da: ef:a7:ef:6d:ac:a1:ed:01:48:17:f1:e5:d1:8d:6b: ca:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:AD:10:3C:C7:B5:D9:5C:48:E6:A1:19:08:C1:05:81:F2:3D:0C:93 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Aa0QPMe12VxI5qEZCMEFgfI9DJM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.78.180.0/24 Signature Algorithm: sha256WithRSAEncryption 09:b7:43:18:ed:6d:92:68:83:9e:19:6a:4e:b3:c9:00:62:21: 1e:36:3d:85:22:2c:b1:52:d0:a0:4e:fa:7d:ea:58:76:19:83: 66:9d:aa:5e:25:79:e9:52:67:38:59:e9:2c:d5:59:4c:03:8d: b9:2f:d0:ca:7c:8a:21:92:41:8a:7e:f7:49:c6:05:b2:09:31: 6e:95:b2:9e:1b:47:f8:36:8c:c7:0a:0b:bf:9c:d9:75:21:53: 40:f9:ac:fc:c0:3e:c1:5c:75:2f:d8:1d:93:ad:a4:df:8d:d4: 21:0d:db:8e:01:56:f7:84:cd:da:23:a4:a8:c3:45:04:89:3c: 59:21:a4:b4:79:fd:28:c9:b2:67:91:4a:23:f2:b6:61:c8:91: 33:87:a9:6c:d5:79:d2:da:30:92:09:43:77:d4:80:5d:1f:72: dd:ac:16:0a:e3:a6:4d:a5:ec:1f:23:91:08:e7:45:81:52:81: fd:a1:25:4b:48:39:2d:5d:d4:89:b8:dc:d0:06:c0:fa:e2:e4: d4:7c:ce:ed:09:92:df:2e:a7:67:2a:4e:58:bc:1f:f9:9f:1f: 7e:f1:c1:8a:79:5d:da:4d:96:60:7c:27:10:d5:1a:36:a6:b4: 7e:8d:68:9c:f4:cf:3a:43:56:23:f1:58:ec:14:c6:17:fc:83: 61:ef:a5:6b -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICF6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM2NTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDAxQUQxMDNDQzdCNUQ5 NUM0OEU2QTExOTA4QzEwNTgxRjIzRDBDOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD0COs9L5+UDrQORXn87tDCdH+AQu5CgnPXgARPeMRpV3GH6HO3 8nFbbkiE1Q7ttsWiRBScNbbEakXANJEKypVbSuDnHOKf+B6flktXRnneR6DOFsTA XNfv5sC6Z86NtpEfIkYmPzCwqKBY7r/q82N4XljvP9fAnqzvzDsIg+uW/+mv0f+j ds7253Fgc/k350KhGC2rx1jl5S1eGW397JjhPqdOilyWf4fIq01nt2YaD36Rttxe xUPnNZzGWBtBIBnyUu1nfy124j99j2WsLwhzFEnRRJtes95An4OjOPoDmiN1tz3z H093scQQiZoH2u+n722soe0BSBfx5dGNa8rHAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUAa0QPMe12VxI5qEZCMEFgfI9DJMwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9BYTBRUE1lMTJWeEk1cUVaQ01F RmdmSTlESk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy060 MA0GCSqGSIb3DQEBCwUAA4IBAQAJt0MY7W2SaIOeGWpOs8kAYiEeNj2FIiyxUtCg Tvp96lh2GYNmnapeJXnpUmc4Weks1VlMA425L9DKfIohkkGKfvdJxgWyCTFulbKe G0f4NozHCgu/nNl1IVNA+az8wD7BXHUv2B2TraTfjdQhDduOAVb3hM3aI6Sow0UE iTxZIaS0ef0oybJnkUoj8rZhyJEzh6ls1XnS2jCSCUN31IBdH3LdrBYK46ZNpewf I5EI50WBUoH9oSVLSDktXdSJuNzQBsD64uTUfM7tCZLfLqdnKk5YvB/5nx9+8cGK eV3aTZZgfCcQ1Ro2prR+jWic9M86Q1Yj8VjsFMYX/INh76Vr -----END CERTIFICATE-----Generated at Mon Apr 7 17:49:55 2025 by rpki-client