$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/cTRvqJpMLoHVWvO9Mkvtna3IGvk.roa File: cTRvqJpMLoHVWvO9Mkvtna3IGvk.roa (raw, json) Hash identifier: 8Bf0ctbgIgGqM/731p24AVILltM8Q4uFpcD18MhXgXs= Subject key identifier: 71:34:6F:A8:9A:4C:2E:81:D5:5A:F3:BD:32:4B:ED:9D:AD:C8:1A:F9 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1791 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/cTRvqJpMLoHVWvO9Mkvtna3IGvk.roa Signing time: Wed 12 Feb 2025 01:36:50 +0000 ROA not before: Wed 12 Feb 2025 01:36:50 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 210.62.248.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 02:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6033 (0x1791) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:36:50 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=71346FA89A4C2E81D55AF3BD324BED9DADC81AF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:1e:ae:46:34:cc:4e:07:3e:2c:49:ac:a8:fb: ad:37:96:9c:0a:85:28:91:46:54:64:a7:a7:29:95: 52:f6:c7:f7:d0:8d:d4:c9:02:36:1a:06:a8:e3:17: 14:06:20:78:61:c9:ee:33:63:59:f9:3b:9e:17:7f: d3:7b:69:11:ae:77:c1:f9:de:80:d7:c0:fc:3d:d1: 65:d8:12:30:5a:f8:a4:fa:6d:bc:ce:3a:78:db:8a: 62:1b:65:f7:11:4f:b6:83:84:0d:61:76:c9:ff:67: 42:64:e7:7e:32:4b:9d:32:31:21:b5:a9:40:33:7f: 6b:b1:08:67:bc:c2:24:87:c4:aa:4b:b6:9f:f5:18: c5:33:81:16:5a:19:1a:c1:a5:dc:ee:95:e6:9a:53: 2c:f2:8b:7e:63:81:e2:d0:2d:e1:e7:3b:f7:5a:67: d4:05:64:79:76:e8:33:38:8a:50:be:9d:89:1f:d9: 56:b4:6c:33:e6:d0:0b:e2:d7:f3:ec:9d:33:cf:c2: f5:68:02:3f:39:87:00:83:af:74:2f:cf:1c:c0:c7: e0:d7:d6:e7:4e:48:63:94:6a:32:79:ea:0d:a1:01: a2:26:7b:97:09:c7:33:54:b8:89:d6:0e:a2:1a:9e: de:78:e8:74:3f:08:ae:c0:a1:4d:b4:df:c2:77:45: b6:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:34:6F:A8:9A:4C:2E:81:D5:5A:F3:BD:32:4B:ED:9D:AD:C8:1A:F9 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/cTRvqJpMLoHVWvO9Mkvtna3IGvk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.62.248.0/21 Signature Algorithm: sha256WithRSAEncryption 60:8b:43:2b:80:e6:0b:d9:68:46:d7:62:ee:bc:53:9b:c8:95: db:fb:a5:5e:0b:61:67:8a:6f:ad:2d:30:f5:3b:ce:22:20:65: 2b:48:39:d4:37:2a:81:87:18:59:2c:09:87:63:c2:2d:e3:28: fe:c8:94:b6:db:ee:da:6a:71:14:45:c9:b9:cc:25:2b:a4:e3: 82:49:63:de:94:d0:1e:18:90:1b:28:a4:81:ca:37:ad:f9:6b: 53:7a:58:e7:cf:f1:04:f5:0d:b3:18:5c:74:15:d7:17:d6:14: 44:e8:cc:1e:3f:f4:9c:69:86:63:2e:62:45:13:6e:10:20:58: a6:f0:5c:72:45:93:72:5b:58:16:bc:9a:d4:c5:0d:24:a9:74: 29:62:f5:fe:99:7d:2c:37:a3:5e:63:6b:b2:2f:dc:fe:34:3d: 7c:02:e7:0c:07:e3:43:24:44:23:9f:86:22:43:80:81:81:bd: 38:3c:7c:d0:c2:7f:78:dc:73:45:66:67:13:87:5c:4b:54:3c: 04:76:00:98:22:20:10:08:c3:19:1c:c7:c3:1a:5e:85:76:ae: 6b:11:fb:cb:99:28:cd:00:b9:23:1b:3f:22:be:56:33:6c:e3: ba:b1:25:4c:12:21:a2:fb:1c:ce:c1:73:6b:3d:03:2f:1b:16: b1:1d:a6:6a -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICF5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM2NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcxMzQ2RkE4OUE0QzJF ODFENTVBRjNCRDMyNEJFRDlEQURDODFBRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDzHq5GNMxOBz4sSayo+603lpwKhSiRRlRkp6cplVL2x/fQjdTJ AjYaBqjjFxQGIHhhye4zY1n5O54Xf9N7aRGud8H53oDXwPw90WXYEjBa+KT6bbzO OnjbimIbZfcRT7aDhA1hdsn/Z0Jk534yS50yMSG1qUAzf2uxCGe8wiSHxKpLtp/1 GMUzgRZaGRrBpdzuleaaUyzyi35jgeLQLeHnO/daZ9QFZHl26DM4ilC+nYkf2Va0 bDPm0Avi1/PsnTPPwvVoAj85hwCDr3QvzxzAx+DX1udOSGOUajJ56g2hAaIme5cJ xzNUuInWDqIant546HQ/CK7AoU2038J3RbZNAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUcTRvqJpMLoHVWvO9Mkvtna3IGvkwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9jVFJ2cUpwTUxvSFZXdk85TWt2 dG5hM0lHdmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD0j74 MA0GCSqGSIb3DQEBCwUAA4IBAQBgi0MrgOYL2WhG12LuvFObyJXb+6VeC2Fnim+t LTD1O84iIGUrSDnUNyqBhxhZLAmHY8It4yj+yJS22+7aanEURcm5zCUrpOOCSWPe lNAeGJAbKKSByjet+WtTeljnz/EE9Q2zGFx0FdcX1hRE6MweP/ScaYZjLmJFE24Q IFim8FxyRZNyW1gWvJrUxQ0kqXQpYvX+mX0sN6NeY2uyL9z+ND18AucMB+NDJEQj n4YiQ4CBgb04PHzQwn943HNFZmcTh1xLVDwEdgCYIiAQCMMZHMfDGl6Fdq5rEfvL mSjNALkjGz8ivlYzbOO6sSVMEiGi+xzOwXNrPQMvGxaxHaZq -----END CERTIFICATE-----Generated at Mon Apr 7 01:55:35 2025 by rpki-client