$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/LsI4SzqikQ5v4EdyJMJ0rZceILQ.roa File: LsI4SzqikQ5v4EdyJMJ0rZceILQ.roa (raw, json) Hash identifier: 5+eiCtzr3Q1NUdCOBiIYgfeHBByy0vZbKK/0/1K9oYE= Subject key identifier: 2E:C2:38:4B:3A:A2:91:0E:6F:E0:47:72:24:C2:74:AD:97:1E:20:B4 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 174D Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LsI4SzqikQ5v4EdyJMJ0rZceILQ.roa Signing time: Wed 12 Feb 2025 01:36:34 +0000 ROA not before: Wed 12 Feb 2025 01:36:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 23675 IP address blocks: 203.66.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5965 (0x174d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:36:34 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2EC2384B3AA2910E6FE0477224C274AD971E20B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c0:ab:61:f1:1b:21:cb:52:ca:68:80:3e:d8: 09:c6:6a:3f:b0:eb:33:18:b4:d1:46:04:4d:9d:20: c3:46:37:3e:05:ce:39:30:ea:05:2e:65:80:c0:fd: 57:32:a8:62:f9:ff:60:bf:c0:20:c5:14:4e:98:dc: c9:38:c0:d2:f6:f0:00:9c:c8:26:0e:ca:fa:16:23: 71:46:f1:2b:76:4c:ae:8d:05:47:e0:3c:03:26:6b: 9b:33:b8:2b:8f:e5:25:79:01:a6:eb:f1:dc:88:06: 9a:8d:bd:87:6b:70:b9:3a:9b:13:9e:ce:b5:67:87: 7c:fd:a0:6d:8f:0c:36:ef:39:d5:0d:f1:df:29:45: ba:96:ec:14:bf:1c:47:f8:d8:eb:6d:91:84:f3:03: e5:69:50:31:dd:e1:98:a6:01:96:97:72:5f:ba:2c: fa:46:b2:5c:63:73:11:d3:0c:26:dc:58:a0:b7:23: 09:7a:32:24:ea:4f:a4:09:c1:8b:f4:6d:31:c9:53: b5:96:94:13:d2:a9:a8:a1:c0:bf:fa:81:cb:2e:8d: f1:e0:a5:91:46:e1:f9:53:73:96:90:5e:16:95:bd: 82:92:ae:72:1b:74:ee:fb:52:e1:64:2c:ee:d1:1f: 37:32:76:34:a6:5c:0a:76:c9:28:3b:8f:7f:3b:8e: d9:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:C2:38:4B:3A:A2:91:0E:6F:E0:47:72:24:C2:74:AD:97:1E:20:B4 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LsI4SzqikQ5v4EdyJMJ0rZceILQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.66.100.0/24 Signature Algorithm: sha256WithRSAEncryption 69:ed:f6:3d:60:f7:57:55:fb:b5:81:21:a8:f6:1b:b7:bb:23: 55:6d:82:78:7b:36:48:97:6c:42:92:73:88:08:14:4b:c1:22: ab:fc:1b:ff:bc:ce:4d:01:30:79:e1:5c:db:0b:6b:2b:54:28: 4e:55:8a:9f:f0:59:30:6d:0e:d2:23:f0:4f:f1:f9:67:74:c3: f5:2f:16:33:3d:51:27:ac:17:26:72:1c:d5:49:45:dd:73:46: 83:ac:6d:94:d7:4e:fa:d2:9d:f8:29:b1:38:cc:09:8a:43:8e: 16:8e:1f:37:15:dd:5c:59:15:7e:e3:12:48:14:4f:d3:b9:8f: 36:78:62:52:bf:c1:7f:6c:2b:7b:8d:d3:89:3e:46:3a:35:a7: 9f:5e:86:cb:9c:68:dc:95:9a:bb:ef:53:5a:bf:e4:bd:8f:86: 6c:40:23:cd:a9:07:f2:2b:f9:40:53:20:b0:94:40:c5:36:c0: 17:67:d5:ca:ef:38:c8:f7:7c:b1:69:bb:b0:d6:09:12:14:a0: ef:58:9e:ba:c1:3a:c5:3f:e2:8c:a3:4a:95:93:6a:d9:de:ac: d4:ad:3d:1c:d3:e3:dd:bc:f5:9b:bc:9a:84:30:10:eb:de:2c: 9a:34:ad:3f:87:79:f4:bc:df:b9:53:6f:f3:80:c1:15:f8:b8: d2:e8:13:0e -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICF00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM2MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJFQzIzODRCM0FBMjkx MEU2RkUwNDc3MjI0QzI3NEFEOTcxRTIwQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+wKth8Rshy1LKaIA+2AnGaj+w6zMYtNFGBE2dIMNGNz4Fzjkw 6gUuZYDA/VcyqGL5/2C/wCDFFE6Y3Mk4wNL28ACcyCYOyvoWI3FG8St2TK6NBUfg PAMma5szuCuP5SV5Aabr8dyIBpqNvYdrcLk6mxOezrVnh3z9oG2PDDbvOdUN8d8p RbqW7BS/HEf42OttkYTzA+VpUDHd4ZimAZaXcl+6LPpGslxjcxHTDCbcWKC3Iwl6 MiTqT6QJwYv0bTHJU7WWlBPSqaihwL/6gcsujfHgpZFG4flTc5aQXhaVvYKSrnIb dO77UuFkLO7RHzcydjSmXAp2ySg7j387jtnDAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQULsI4SzqikQ5v4EdyJMJ0rZceILQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Mc0k0U3pxaWtRNXY0RWR5Sk1K MHJaY2VJTFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0Jk MA0GCSqGSIb3DQEBCwUAA4IBAQBp7fY9YPdXVfu1gSGo9hu3uyNVbYJ4ezZIl2xC knOICBRLwSKr/Bv/vM5NATB54VzbC2srVChOVYqf8FkwbQ7SI/BP8flndMP1LxYz PVEnrBcmchzVSUXdc0aDrG2U10760p34KbE4zAmKQ44Wjh83Fd1cWRV+4xJIFE/T uY82eGJSv8F/bCt7jdOJPkY6NaefXobLnGjclZq771Nav+S9j4ZsQCPNqQfyK/lA UyCwlEDFNsAXZ9XK7zjI93yxabuw1gkSFKDvWJ66wTrFP+KMo0qVk2rZ3qzUrT0c 0+PdvPWbvJqEMBDr3iyaNK0/h3n0vN+5U2/zgMEV+LjS6BMO -----END CERTIFICATE-----Generated at Mon Apr 7 17:47:11 2025 by rpki-client