$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/xwv6W-sSPbkSMnZ17nEzZZKHtQQ.roa File: xwv6W-sSPbkSMnZ17nEzZZKHtQQ.roa (raw, json) Hash identifier: 0GiClcAnjYe5aGWPDtZm2ee46UCEppI0cNRqKGiDdro= Subject key identifier: C7:0B:FA:5B:EB:12:3D:B9:12:32:76:75:EE:71:33:65:92:87:B5:04 Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73 Certificate serial: 07AF Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/xwv6W-sSPbkSMnZ17nEzZZKHtQQ.roa Signing time: Mon 10 Feb 2025 13:44:39 +0000 ROA not before: Mon 10 Feb 2025 13:44:39 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131657 IP address blocks: 103.122.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1967 (0x7af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73 Validity Not Before: Feb 10 13:44:39 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C70BFA5BEB123DB912327675EE7133659287B504 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ef:fa:90:0f:74:74:be:ec:e3:96:30:7a:f7: f7:4d:3c:cc:d9:4b:d0:9b:37:b4:a2:5a:d2:f1:06: 21:64:6c:aa:a0:ce:75:13:eb:e4:f0:e1:b7:88:f5: 75:7d:8d:9f:c6:c6:59:52:9a:97:20:8e:63:a4:de: 37:cd:18:16:b9:d8:57:2a:87:86:7e:da:d2:e7:28: 99:10:f4:fb:2b:ac:bf:e2:d4:59:97:5b:7d:a6:51: f8:c3:a4:38:f3:3b:55:53:c7:07:c5:c9:96:9e:8e: 1c:23:94:42:79:9f:91:29:b2:fa:be:94:50:ad:6b: 45:30:e4:da:63:a1:28:66:99:b6:47:2e:64:42:7b: 7b:5d:2c:89:c7:0a:79:a6:81:d3:cb:b7:66:0c:bd: 9f:57:98:62:69:54:8f:a9:c1:cc:b5:7a:18:02:4b: 66:cb:c4:ef:8a:8d:66:0d:ac:0f:86:34:64:05:0d: 6a:33:e8:b4:fb:2a:8b:09:29:dc:3f:2e:1b:40:07: 81:dd:6e:4f:39:2f:d0:1c:2f:9a:87:e1:7e:3c:31: ca:b0:8a:ae:72:d9:9b:4a:72:a8:bb:db:e8:67:b2: e4:78:30:68:23:64:25:c8:67:c0:61:93:68:1f:ac: 69:cd:5f:35:17:fc:3a:c3:c6:61:da:35:63:36:5b: 58:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:0B:FA:5B:EB:12:3D:B9:12:32:76:75:EE:71:33:65:92:87:B5:04 X509v3 Authority Key Identifier: keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/xwv6W-sSPbkSMnZ17nEzZZKHtQQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.189.0/24 Signature Algorithm: sha256WithRSAEncryption 41:3c:2a:8f:a4:b0:a3:3d:65:68:b2:a4:b1:d9:6d:de:18:f0: a6:76:b4:af:26:cc:be:5a:4a:d4:b1:6f:c0:2c:22:20:9c:28: 10:de:f2:53:6d:a5:14:bd:56:7b:27:85:4a:a0:4f:45:28:6e: 87:a6:d4:e7:a1:02:dc:67:1d:1a:cc:3a:66:45:6a:c2:4b:e4: 31:55:ca:2b:f3:2b:0b:97:5d:64:dd:82:de:a0:21:7f:aa:2f: 56:1f:c2:23:9d:68:8b:29:da:25:96:59:d9:ca:01:65:69:92: 08:8f:ea:71:60:05:23:e5:33:27:be:33:23:a7:40:fc:2d:66: 3a:38:d7:cf:c3:8b:39:0b:4e:bc:65:09:6b:ec:58:e9:e9:a9: d3:bc:79:6a:ad:91:15:ab:1c:e7:11:1a:cf:60:01:b5:64:5c: b8:7e:12:f3:83:ad:fe:c9:98:08:73:09:3f:44:b6:7e:7a:94: 13:5a:af:5b:ff:2d:56:bf:32:6b:56:0a:7d:84:2a:a6:cc:6c: a6:e0:6c:ed:8a:f8:e7:21:78:de:04:de:d3:76:d2:d6:a3:b6: 4e:5f:ed:30:c3:4b:a9:8f:c1:75:8f:94:9e:60:a2:11:2d:f3: 31:dd:c4:f8:cc:6f:d6:fd:86:7b:ce:57:b6:41:5c:a3:1a:3b: 1b:98:ab:44 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICB68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3 REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yNTAyMTAx MzQ0MzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM3MEJGQTVCRUIxMjNE QjkxMjMyNzY3NUVFNzEzMzY1OTI4N0I1MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDi7/qQD3R0vuzjljB69/dNPMzZS9CbN7SiWtLxBiFkbKqgznUT 6+Tw4beI9XV9jZ/GxllSmpcgjmOk3jfNGBa52Fcqh4Z+2tLnKJkQ9PsrrL/i1FmX W32mUfjDpDjzO1VTxwfFyZaejhwjlEJ5n5Epsvq+lFCta0Uw5NpjoShmmbZHLmRC e3tdLInHCnmmgdPLt2YMvZ9XmGJpVI+pwcy1ehgCS2bLxO+KjWYNrA+GNGQFDWoz 6LT7KosJKdw/LhtAB4Hdbk85L9AcL5qH4X48Mcqwiq5y2ZtKcqi72+hnsuR4MGgj ZCXIZ8Bhk2gfrGnNXzUX/DrDxmHaNWM2W1gzAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUxwv6W+sSPbkSMnZ17nEzZZKHtQQwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL3h3djZXLXNTUGJrU01uWjE3 bkV6WlpLSHRRUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn er0wDQYJKoZIhvcNAQELBQADggEBAEE8Ko+ksKM9ZWiypLHZbd4Y8KZ2tK8mzL5a StSxb8AsIiCcKBDe8lNtpRS9VnsnhUqgT0Uoboem1OehAtxnHRrMOmZFasJL5DFV yivzKwuXXWTdgt6gIX+qL1YfwiOdaIsp2iWWWdnKAWVpkgiP6nFgBSPlMye+MyOn QPwtZjo418/DizkLTrxlCWvsWOnpqdO8eWqtkRWrHOcRGs9gAbVkXLh+EvODrf7J mAhzCT9Etn56lBNar1v/LVa/MmtWCn2EKqbMbKbgbO2K+OcheN4E3tN20tajtk5f 7TDDS6mPwXWPlJ5gohEt8zHdxPjMb9b9hnvOV7ZBXKMaOxuYq0Q= -----END CERTIFICATE-----Generated at Sat Apr 5 16:36:50 2025 by rpki-client