$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/cWxmW3kwyKVpxdDQGfrXMcwYTMg.roa File: cWxmW3kwyKVpxdDQGfrXMcwYTMg.roa (raw, json) Hash identifier: T/mMijY5eumhkxVy2o8J855xsnDgMU61KlkWBxawoaQ= Subject key identifier: 71:6C:66:5B:79:30:C8:A5:69:C5:D0:D0:19:FA:D7:31:CC:18:4C:C8 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 17C1 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/cWxmW3kwyKVpxdDQGfrXMcwYTMg.roa Signing time: Wed 12 Feb 2025 01:37:02 +0000 ROA not before: Wed 12 Feb 2025 01:37:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 23675 IP address blocks: 203.66.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6081 (0x17c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:37:02 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=716C665B7930C8A569C5D0D019FAD731CC184CC8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:11:48:27:15:e7:07:1d:75:e3:e9:50:ab:2d: 6a:d8:69:35:e7:c5:95:c8:c4:ea:99:51:7c:99:36: 30:14:6c:f4:fe:e7:e5:e1:af:d3:52:78:45:28:87: e6:a4:59:13:fd:cd:0d:03:9a:e4:73:f7:90:04:d7: 45:af:d9:c5:5d:7e:e9:2f:12:c2:f2:c5:83:17:64: 2e:bd:47:b0:eb:ab:53:cc:24:6c:da:4a:9d:94:dc: cc:39:4f:3d:bc:83:3e:8d:25:65:1c:a6:ea:39:61: df:b7:bd:27:9a:70:f9:c9:dd:ed:d5:74:65:47:d8: 40:1c:3a:b6:e7:3c:3b:ad:5b:2a:fc:a2:77:39:33: 73:8f:15:7f:0a:f1:df:13:e0:87:ce:94:f9:dd:c4: 89:2b:e9:d0:8e:c0:9a:dd:1a:84:08:b7:3a:a6:21: f8:2b:e4:7c:37:fd:8c:5b:72:13:a4:eb:2b:8c:ff: 5a:74:79:08:66:1c:d3:ce:da:25:70:f3:e5:3b:34: dd:61:10:34:df:99:83:62:45:48:2f:b4:f1:81:da: fd:a4:78:03:24:09:98:1c:32:73:76:29:6e:93:46: c3:88:a1:52:ef:b9:1a:f3:8d:a8:f1:7c:a7:6a:4b: b5:4c:51:76:de:50:85:ad:99:a6:37:af:2f:a7:72: c8:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:6C:66:5B:79:30:C8:A5:69:C5:D0:D0:19:FA:D7:31:CC:18:4C:C8 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/cWxmW3kwyKVpxdDQGfrXMcwYTMg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.66.101.0/24 Signature Algorithm: sha256WithRSAEncryption 02:18:2d:d2:b6:dc:52:72:7d:fb:25:d0:1d:ec:a3:72:6d:0d: 70:7f:2b:a4:b0:3d:6c:3f:e5:fc:7b:52:e9:a7:d1:d8:d0:16: 86:2c:c1:15:03:9a:55:89:33:70:da:27:06:fc:1f:de:1b:a6: 91:ac:11:17:ef:3e:33:87:a5:b8:60:0a:cc:b0:06:c7:cf:37: 43:fe:aa:7e:e6:07:57:dc:5c:73:be:a3:56:ae:bb:6a:21:33: ef:11:c4:ae:dd:f1:2f:99:47:6f:c9:4a:e5:a0:bf:65:6e:07: df:37:98:56:b0:d2:1f:56:a2:c5:15:e2:c8:c9:dd:d1:08:27: ec:3f:09:db:ec:3d:d3:2f:06:b2:bd:e4:32:61:c2:5c:e3:e3: 15:09:8c:51:64:41:2f:7f:91:d7:68:13:da:3f:51:98:b7:dc: f5:95:18:be:0b:01:07:3f:60:6a:cc:3f:79:25:6a:ec:f3:60: 2b:fa:db:09:6d:71:9d:e5:1b:f8:fc:0e:77:66:b6:a5:a7:fb: ab:e5:87:b5:cf:4e:6b:f0:9e:80:74:e8:ca:d6:1d:00:0b:ac: eb:7f:d7:d3:8e:40:bf:2c:0f:50:69:7e:98:72:85:22:6e:4d: 12:30:0c:19:72:09:8f:a8:82:23:57:8b:50:23:dc:b8:e4:0c: 30:ea:b2:a6 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICF8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM3MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcxNkM2NjVCNzkzMEM4 QTU2OUM1RDBEMDE5RkFENzMxQ0MxODRDQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBEUgnFecHHXXj6VCrLWrYaTXnxZXIxOqZUXyZNjAUbPT+5+Xh r9NSeEUoh+akWRP9zQ0DmuRz95AE10Wv2cVdfukvEsLyxYMXZC69R7Drq1PMJGza Sp2U3Mw5Tz28gz6NJWUcpuo5Yd+3vSeacPnJ3e3VdGVH2EAcOrbnPDutWyr8onc5 M3OPFX8K8d8T4IfOlPndxIkr6dCOwJrdGoQItzqmIfgr5Hw3/YxbchOk6yuM/1p0 eQhmHNPO2iVw8+U7NN1hEDTfmYNiRUgvtPGB2v2keAMkCZgcMnN2KW6TRsOIoVLv uRrzjajxfKdqS7VMUXbeUIWtmaY3ry+ncshjAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUcWxmW3kwyKVpxdDQGfrXMcwYTMgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9jV3htVzNrd3lLVnB4ZERRR2Zy WE1jd1lUTWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0Jl MA0GCSqGSIb3DQEBCwUAA4IBAQACGC3SttxScn37JdAd7KNybQ1wfyuksD1sP+X8 e1Lpp9HY0BaGLMEVA5pViTNw2icG/B/eG6aRrBEX7z4zh6W4YArMsAbHzzdD/qp+ 5gdX3FxzvqNWrrtqITPvEcSu3fEvmUdvyUrloL9lbgffN5hWsNIfVqLFFeLIyd3R CCfsPwnb7D3TLwayveQyYcJc4+MVCYxRZEEvf5HXaBPaP1GYt9z1lRi+CwEHP2Bq zD95JWrs82Ar+tsJbXGd5Rv4/A53Zralp/ur5Ye1z05r8J6AdOjK1h0AC6zrf9fT jkC/LA9QaX6YcoUibk0SMAwZcgmPqIIjV4tQI9y45Aww6rKm -----END CERTIFICATE-----Generated at Mon Apr 7 17:44:30 2025 by rpki-client