$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/UYX2jiaUjUQodbB1lnrB8ZMviV0.roa File: UYX2jiaUjUQodbB1lnrB8ZMviV0.roa (raw, json) Hash identifier: EahGb6ki5qWDeIL2+fVmFSeucm9TAG6zEeie7BdCV2M= Subject key identifier: 51:85:F6:8E:26:94:8D:44:28:75:B0:75:96:7A:C1:F1:93:2F:89:5D Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1760 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/UYX2jiaUjUQodbB1lnrB8ZMviV0.roa Signing time: Wed 12 Feb 2025 01:36:38 +0000 ROA not before: Wed 12 Feb 2025 01:36:38 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17421 IP address blocks: 223.136.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5984 (0x1760) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:36:38 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5185F68E26948D442875B075967AC1F1932F895D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:61:2f:fd:cd:a7:cf:e6:ae:93:51:91:73:e9: 6d:22:85:64:7c:ec:f0:22:d2:71:a7:da:b5:be:b4: 02:70:aa:30:84:9b:94:ba:b4:4f:44:ba:c3:f8:37: b2:2d:e8:b2:93:a5:14:40:2d:a5:c2:40:46:13:8e: 76:56:b5:9c:82:4a:06:47:a0:d6:b8:89:21:b7:87: 36:4d:2d:42:43:1e:2c:fa:8c:b2:08:64:9c:cd:c3: 7b:99:33:f9:a0:86:de:33:22:5b:2b:7c:36:fd:ef: 6f:cf:77:8f:a7:fa:00:c4:82:1b:41:6b:ac:11:09: 0d:15:61:cb:7e:83:56:ae:29:62:8a:b3:e3:82:6f: 92:c8:c2:a9:8c:b3:69:71:85:dc:f0:0a:b1:6c:1a: 8c:dc:6e:00:9e:88:d5:dd:9d:19:e1:a8:96:11:d1: d2:b4:95:25:1e:23:5a:7f:12:5c:3e:83:d0:d8:3d: 5e:e4:44:55:b9:5f:4f:32:35:8e:5a:2a:49:af:5d: f7:c6:58:a4:b2:dc:e9:70:dc:3e:03:13:a2:65:da: 24:2a:e7:02:33:e8:5c:fc:12:95:57:82:d5:8c:e2: 54:42:9b:78:78:de:41:2a:56:ed:64:73:40:4e:e1: 31:f2:b0:f1:61:4f:c6:b0:8f:f4:21:3b:51:27:05: 38:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:85:F6:8E:26:94:8D:44:28:75:B0:75:96:7A:C1:F1:93:2F:89:5D X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/UYX2jiaUjUQodbB1lnrB8ZMviV0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.136.0.0/13 Signature Algorithm: sha256WithRSAEncryption 4c:5c:e7:7a:25:be:61:b3:a0:27:61:39:7f:f3:79:39:6b:8a: 70:2d:d9:14:d7:6c:31:7e:30:cc:95:bd:3a:be:71:95:ac:0f: f0:01:a8:b6:5c:b4:15:d5:d6:85:8d:81:ae:e4:7b:03:7c:b6: 2d:6e:e2:8d:b8:65:80:3a:56:f6:36:1f:4d:c5:50:30:ef:41: 80:06:99:62:2b:92:81:3f:f0:3b:f8:1e:13:11:52:78:24:e9: 51:c0:72:7c:25:51:f7:3c:48:97:11:b6:e9:63:07:cd:2e:ff: da:c5:92:bd:de:7f:02:27:bc:14:b8:aa:df:1b:a2:18:f8:59: 30:b9:92:f8:37:19:9d:63:1b:e7:60:4f:b1:f0:0e:98:c8:a3: cb:eb:47:c3:c2:eb:45:a6:f6:90:1f:46:2e:bd:78:ce:f6:13: e1:46:50:0b:2a:b6:af:59:ad:77:a6:41:98:d4:d3:03:f5:a4: 05:12:98:bf:29:fe:40:f2:5c:af:13:f4:96:a4:1d:b1:ea:af: c1:e7:36:74:5f:38:af:7c:87:02:9b:4b:bd:2e:b6:ea:20:25: de:9d:70:12:c5:a5:a7:52:c5:e7:c7:02:aa:13:ef:6a:5a:ac: d7:bf:9a:41:f1:3e:87:d6:f7:f8:54:a5:61:36:fc:31:cd:77: 9a:b4:d6:32 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICF2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM2MzhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUxODVGNjhFMjY5NDhE NDQyODc1QjA3NTk2N0FDMUYxOTMyRjg5NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCZYS/9zafP5q6TUZFz6W0ihWR87PAi0nGn2rW+tAJwqjCEm5S6 tE9EusP4N7It6LKTpRRALaXCQEYTjnZWtZyCSgZHoNa4iSG3hzZNLUJDHiz6jLII ZJzNw3uZM/mght4zIlsrfDb972/Pd4+n+gDEghtBa6wRCQ0VYct+g1auKWKKs+OC b5LIwqmMs2lxhdzwCrFsGozcbgCeiNXdnRnhqJYR0dK0lSUeI1p/Elw+g9DYPV7k RFW5X08yNY5aKkmvXffGWKSy3Olw3D4DE6Jl2iQq5wIz6Fz8EpVXgtWM4lRCm3h4 3kEqVu1kc0BO4THysPFhT8awj/QhO1EnBTjLAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUUYX2jiaUjUQodbB1lnrB8ZMviV0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9VWVgyamlhVWpVUW9kYkIxbG5y QjhaTXZpVjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD34gw DQYJKoZIhvcNAQELBQADggEBAExc53olvmGzoCdhOX/zeTlrinAt2RTXbDF+MMyV vTq+cZWsD/ABqLZctBXV1oWNga7kewN8ti1u4o24ZYA6VvY2H03FUDDvQYAGmWIr koE/8Dv4HhMRUngk6VHAcnwlUfc8SJcRtuljB80u/9rFkr3efwInvBS4qt8bohj4 WTC5kvg3GZ1jG+dgT7HwDpjIo8vrR8PC60Wm9pAfRi69eM72E+FGUAsqtq9ZrXem QZjU0wP1pAUSmL8p/kDyXK8T9JakHbHqr8HnNnRfOK98hwKbS70utuogJd6dcBLF padSxefHAqoT72parNe/mkHxPofW9/hUpWE2/DHNd5q01jI= -----END CERTIFICATE-----Generated at Mon Apr 7 17:39:51 2025 by rpki-client