$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/QKZqGoHiK1HzNLwkvs06cQBEnmw.roa File: QKZqGoHiK1HzNLwkvs06cQBEnmw.roa (raw, json) Hash identifier: 4yJfs3sImlCw49W8mvXbOQfr9SqTRC41U6mBTqLwTs8= Subject key identifier: 40:A6:6A:1A:81:E2:2B:51:F3:34:BC:24:BE:CD:3A:71:00:44:9E:6C Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1786 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/QKZqGoHiK1HzNLwkvs06cQBEnmw.roa Signing time: Wed 12 Feb 2025 01:36:47 +0000 ROA not before: Wed 12 Feb 2025 01:36:47 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131660 IP address blocks: 2001:b000:59c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 22:36:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6022 (0x1786) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:36:47 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=40A66A1A81E22B51F334BC24BECD3A7100449E6C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:99:ea:2c:89:bc:b6:e1:1d:03:b6:1c:42:e7: e2:67:5b:85:98:60:9a:ad:89:6b:ac:0b:73:d9:d1: cd:63:72:37:8f:32:29:31:89:e6:43:fa:ae:a4:72: c9:c9:da:eb:a0:51:88:df:88:9d:15:34:28:ba:3f: dd:75:6f:0b:c9:9f:3d:05:a3:d7:f4:14:e3:7f:ee: 86:3f:74:57:ff:84:5d:e4:0b:1f:3a:2e:c3:b4:0e: ee:a2:23:46:f8:6a:ab:8a:63:c6:81:03:09:ca:0a: 0a:4a:b3:8f:1f:d6:43:12:c1:20:0c:bd:40:0f:c5: 36:31:ad:37:7b:ed:09:b8:95:d9:4d:4b:29:94:48: 0a:9c:5f:41:9a:39:af:62:e4:b6:71:9a:03:e4:2e: d4:16:ba:63:86:d8:55:b8:1d:b2:36:56:a5:33:62: 9b:a1:d0:10:8b:e8:ce:f9:95:c2:7f:78:3d:e2:32: 54:b8:40:15:ca:7d:00:6b:1b:b9:ef:38:ac:94:75: c5:d5:71:ce:bd:9a:3d:bb:b6:56:42:17:ad:69:b0: c8:c8:c1:40:15:9d:2f:b3:10:78:2d:79:3c:ca:3a: 8e:64:88:20:52:6a:19:6f:a9:c1:29:1a:94:6d:cd: 1a:51:51:97:44:02:00:b9:4c:fe:00:f8:42:92:bf: 0a:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:A6:6A:1A:81:E2:2B:51:F3:34:BC:24:BE:CD:3A:71:00:44:9E:6C X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/QKZqGoHiK1HzNLwkvs06cQBEnmw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:b000:59c::/48 Signature Algorithm: sha256WithRSAEncryption 99:51:26:2f:4e:91:da:9d:92:1a:b1:4e:e8:2a:f9:9d:e6:eb: e1:59:db:63:42:af:19:6e:db:53:a7:10:97:b0:16:f5:55:74: 60:01:85:9b:8f:bf:08:25:d3:80:2e:d2:10:02:cf:b1:27:bd: ec:c5:9e:09:d6:be:dc:c2:14:03:47:ef:f8:84:7f:37:b3:2f: a7:58:6d:92:6a:4d:b5:a1:eb:db:13:53:8f:0f:d9:07:7b:16: fd:24:05:b9:04:c1:f2:8f:14:e6:ed:a9:b9:0f:0f:c8:c2:81: e4:64:fc:36:7c:f5:48:1a:f6:d2:7c:91:a4:ed:f2:01:e1:ab: e3:8c:3a:05:6f:b8:fc:4b:4a:bf:1c:be:56:87:64:98:ea:4c: 94:86:38:f5:08:9e:30:ff:e2:1e:41:4d:44:e8:8e:2e:07:a2: 2b:ec:ce:2a:4d:46:96:fb:d0:a8:ec:09:d0:68:c0:81:f4:f0: a7:11:0e:0b:b0:dc:46:71:b7:7b:4e:89:67:26:3a:7a:2d:c2: 6f:a9:62:e4:fd:15:5d:5f:c0:3d:b3:f2:f6:f1:c0:63:10:f2: 47:1e:fd:c6:6c:22:a7:ea:ca:dd:0c:70:f9:2c:8e:5a:52:7c: 12:1d:de:29:ba:aa:cb:39:20:04:1c:9c:e7:4c:51:3d:68:44: 04:ee:a0:e1 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICF4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM2NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQwQTY2QTFBODFFMjJC NTFGMzM0QkMyNEJFQ0QzQTcxMDA0NDlFNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDmeosiby24R0DthxC5+JnW4WYYJqtiWusC3PZ0c1jcjePMikx ieZD+q6kcsnJ2uugUYjfiJ0VNCi6P911bwvJnz0Fo9f0FON/7oY/dFf/hF3kCx86 LsO0Du6iI0b4aquKY8aBAwnKCgpKs48f1kMSwSAMvUAPxTYxrTd77Qm4ldlNSymU SAqcX0GaOa9i5LZxmgPkLtQWumOG2FW4HbI2VqUzYpuh0BCL6M75lcJ/eD3iMlS4 QBXKfQBrG7nvOKyUdcXVcc69mj27tlZCF61psMjIwUAVnS+zEHgteTzKOo5kiCBS ahlvqcEpGpRtzRpRUZdEAgC5TP4A+EKSvwpFAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUQKZqGoHiK1HzNLwkvs06cQBEnmwwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9RS1pxR29IaUsxSHpOTHdrdnMw NmNRQkVubXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw AAWcMA0GCSqGSIb3DQEBCwUAA4IBAQCZUSYvTpHanZIasU7oKvmd5uvhWdtjQq8Z bttTpxCXsBb1VXRgAYWbj78IJdOALtIQAs+xJ73sxZ4J1r7cwhQDR+/4hH83sy+n WG2Sak21oevbE1OPD9kHexb9JAW5BMHyjxTm7am5Dw/IwoHkZPw2fPVIGvbSfJGk 7fIB4avjjDoFb7j8S0q/HL5Wh2SY6kyUhjj1CJ4w/+IeQU1E6I4uB6Ir7M4qTUaW +9Co7AnQaMCB9PCnEQ4LsNxGcbd7TolnJjp6LcJvqWLk/RVdX8A9s/L28cBjEPJH Hv3GbCKn6srdDHD5LI5aUnwSHd4puqrLOSAEHJznTFE9aEQE7qDh -----END CERTIFICATE-----Generated at Mon Apr 7 20:47:40 2025 by rpki-client