$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HWME1204/4T8U9V7O6LlSbh6GHe8mLF5AAog.roa File: 4T8U9V7O6LlSbh6GHe8mLF5AAog.roa (raw, json) Hash identifier: 6sPJUo9QaCPAtJ2I14BU6CclX9bNH5AhjyLHEkpXBq0= Subject key identifier: E1:3F:14:F5:5E:CE:E8:B9:52:6E:1E:86:1D:EF:26:2C:5E:40:02:88 Certificate issuer: /CN=E95973EB86F597CAE612C67929ED9352E70B5528 Certificate serial: 1199 Authority key identifier: E9:59:73:EB:86:F5:97:CA:E6:12:C6:79:29:ED:93:52:E7:0B:55:28 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/6Vlz64b1l8rmEsZ5Ke2TUucLVSg.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HWME1204/4T8U9V7O6LlSbh6GHe8mLF5AAog.roa Signing time: Mon 10 Feb 2025 14:00:11 +0000 ROA not before: Mon 10 Feb 2025 14:00:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18046 IP address blocks: 103.126.180.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HWME1204/6Vlz64b1l8rmEsZ5Ke2TUucLVSg.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HWME1204/6Vlz64b1l8rmEsZ5Ke2TUucLVSg.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/6Vlz64b1l8rmEsZ5Ke2TUucLVSg.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 02:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4505 (0x1199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E95973EB86F597CAE612C67929ED9352E70B5528 Validity Not Before: Feb 10 14:00:11 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E13F14F55ECEE8B9526E1E861DEF262C5E400288 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ae:62:1a:ac:a5:0a:c8:a8:ac:01:54:df:c8: 33:16:3e:cf:b0:d3:19:e4:15:ee:06:b9:e7:00:bd: 0e:ff:eb:42:97:c8:21:98:80:51:15:0b:56:b9:a7: b6:b9:1f:e5:93:cd:b5:6d:41:71:48:bb:65:aa:fe: bb:41:dd:98:86:2d:dd:da:b3:bf:e0:68:83:d7:aa: c3:d9:7b:74:39:22:73:31:3d:ce:0f:f3:78:b0:ae: 86:74:de:51:5d:48:3d:38:c4:b5:f9:a2:e2:a6:19: 07:3b:88:c1:a5:bb:4e:f1:69:a4:01:a7:5e:5b:d4: c5:e5:c6:84:02:8f:31:f6:ee:48:00:e7:c0:c4:d7: 7d:e4:83:ae:45:1a:b8:fb:2b:7b:97:89:c4:2d:33: 3e:99:63:2d:cf:97:1e:0e:1f:99:2d:51:93:34:d6: 10:41:f4:30:dd:ed:4f:62:40:2c:1a:2f:d9:42:78: 6a:6e:3f:6d:0f:b2:c2:e3:b5:4c:5b:7a:e9:5f:93: 65:6d:d4:4b:bb:30:a6:8e:2d:77:f6:ce:8a:3e:fe: 77:06:fd:be:a2:ff:b2:84:19:1c:32:f5:19:5c:cd: 13:37:6e:26:42:6f:91:6f:70:e5:d9:48:bb:3c:bc: f3:af:8a:da:94:81:71:99:76:76:7c:53:1e:26:71: 4b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:3F:14:F5:5E:CE:E8:B9:52:6E:1E:86:1D:EF:26:2C:5E:40:02:88 X509v3 Authority Key Identifier: keyid:E9:59:73:EB:86:F5:97:CA:E6:12:C6:79:29:ED:93:52:E7:0B:55:28 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HWME1204/6Vlz64b1l8rmEsZ5Ke2TUucLVSg.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/6Vlz64b1l8rmEsZ5Ke2TUucLVSg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HWME1204/4T8U9V7O6LlSbh6GHe8mLF5AAog.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.126.180.0/22 Signature Algorithm: sha256WithRSAEncryption 3a:b7:50:00:d4:12:9c:4f:ad:65:4c:02:22:1b:7c:be:d9:89: 3f:c4:7b:57:3f:56:5d:c4:b5:16:e5:44:d1:8e:84:bc:2d:6f: 6b:54:e0:86:7e:c3:0c:83:f3:f8:2e:85:3d:8a:42:36:0b:48: 0b:c3:f5:c5:8b:48:8e:f7:69:97:da:46:48:d4:da:b0:0e:c8: 82:96:02:cc:8b:48:06:55:b6:df:56:d5:6d:1b:71:f0:95:30: 45:2a:61:dc:a0:f0:25:de:22:9f:1c:19:a2:eb:da:11:df:fb: e3:58:ac:e5:7d:7d:fe:35:cc:06:de:a9:6d:3c:4d:c3:3d:f1: 6c:c1:04:08:25:ce:e9:6f:28:2f:8e:1e:84:aa:f5:f7:1e:0f: 77:24:75:12:a7:83:84:3d:a4:d5:c7:32:64:66:35:b8:fc:a3: 16:7c:33:21:e1:3a:50:ef:a7:64:ea:58:d4:b9:3c:62:60:56: c7:37:40:22:5c:97:dd:8f:59:26:5a:0d:48:62:2f:d4:65:76: 46:d1:8d:1d:19:2e:67:d1:f2:9a:9f:5c:6f:5a:90:30:e4:bf: 8a:a9:fe:ea:4b:4b:39:a1:26:63:63:23:59:da:d6:97:35:f9: d9:e2:62:31:7e:f1:b9:0d:f6:74:3e:03:b7:65:ab:92:b7:7f: 4a:1f:a2:18 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTk1 OTczRUI4NkY1OTdDQUU2MTJDNjc5MjlFRDkzNTJFNzBCNTUyODAeFw0yNTAyMTAx NDAwMTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUxM0YxNEY1NUVDRUU4 Qjk1MjZFMUU4NjFERUYyNjJDNUU0MDAyODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzrmIarKUKyKisAVTfyDMWPs+w0xnkFe4GuecAvQ7/60KXyCGY gFEVC1a5p7a5H+WTzbVtQXFIu2Wq/rtB3ZiGLd3as7/gaIPXqsPZe3Q5InMxPc4P 83iwroZ03lFdSD04xLX5ouKmGQc7iMGlu07xaaQBp15b1MXlxoQCjzH27kgA58DE 133kg65FGrj7K3uXicQtMz6ZYy3Plx4OH5ktUZM01hBB9DDd7U9iQCwaL9lCeGpu P20PssLjtUxbeulfk2Vt1Eu7MKaOLXf2zoo+/ncG/b6i/7KEGRwy9RlczRM3biZC b5FvcOXZSLs8vPOvitqUgXGZdnZ8Ux4mcUsjAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU4T8U9V7O6LlSbh6GHe8mLF5AAogwHwYDVR0jBBgwFoAU6Vlz64b1l8rmEsZ5 Ke2TUucLVSgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFdNRTEy MDQvNlZsejY0YjFsOHJtRXNaNUtlMlRVdWNMVlNnLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS82Vmx6NjRiMWw4cm1Fc1o1S2UyVFV1Y0xWU2cuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IV01FMTIwNC80VDhVOVY3TzZMbFNi aDZHSGU4bUxGNUFBb2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ360MA0GCSqGSIb3DQEBCwUAA4IBAQA6t1AA1BKcT61lTAIiG3y+2Yk/xHtX P1ZdxLUW5UTRjoS8LW9rVOCGfsMMg/P4LoU9ikI2C0gLw/XFi0iO92mX2kZI1Nqw DsiClgLMi0gGVbbfVtVtG3HwlTBFKmHcoPAl3iKfHBmi69oR3/vjWKzlfX3+NcwG 3qltPE3DPfFswQQIJc7pbygvjh6EqvX3Hg93JHUSp4OEPaTVxzJkZjW4/KMWfDMh 4TpQ76dk6ljUuTxiYFbHN0AiXJfdj1kmWg1IYi/UZXZG0Y0dGS5n0fKan1xvWpAw 5L+Kqf7qS0s5oSZjYyNZ2taXNfnZ4mIxfvG5DfZ0PgO3ZauSt39KH6IY -----END CERTIFICATE-----Generated at Sun Apr 6 23:37:51 2025 by rpki-client