$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/l49m4yMWUvMQA4FOV7T__nYFlbs.roa File: l49m4yMWUvMQA4FOV7T__nYFlbs.roa (raw, json) Hash identifier: FdreOVZvPiOUwKeQ7SHFwJibPjU6jU5zTjYMHnymwRs= Subject key identifier: 97:8F:66:E3:23:16:52:F3:10:03:81:4E:57:B4:FF:FE:76:05:95:BB Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Certificate serial: 0CA6 Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/l49m4yMWUvMQA4FOV7T__nYFlbs.roa Signing time: Mon 10 Feb 2025 14:06:26 +0000 ROA not before: Mon 10 Feb 2025 14:06:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 10085 IP address blocks: 114.29.240.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 12:06:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3238 (0xca6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Validity Not Before: Feb 10 14:06:26 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=978F66E3231652F31003814E57B4FFFE760595BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:80:39:2b:8f:ab:bf:2b:58:38:e0:b4:e2:19: 4a:dd:5e:de:bd:ca:bd:ff:8d:56:8c:33:22:18:6a: 91:04:9b:68:31:a0:b1:1d:f5:7e:fd:3a:07:cb:1a: 76:51:f0:2a:4f:2c:df:0c:79:51:ad:79:bf:14:ff: 9d:c8:e8:63:7e:e9:d3:cb:4c:da:e3:fc:6c:6e:36: d5:0a:7b:87:9d:96:a9:31:d4:2e:ed:98:b0:15:4f: a7:97:20:42:b0:5f:bf:93:67:70:95:c1:a8:8c:57: 10:0e:dc:88:96:28:70:aa:26:cb:eb:ad:06:2d:7e: 3f:06:f8:f3:5e:3f:66:ba:9a:2f:1f:14:f8:7f:8f: 14:81:0d:a9:ad:be:11:14:1f:0f:fb:ca:63:7b:7c: 26:c7:dd:c1:d2:6e:14:da:ea:b9:ca:38:c5:32:d5: 0b:f4:a0:6d:bb:17:fc:9f:07:88:34:e4:ea:d0:da: 75:39:7e:f4:fb:10:14:fb:95:e0:10:48:51:d3:aa: 24:1b:11:81:fd:51:1b:74:c1:9d:fa:eb:1e:02:42: 63:27:18:82:6b:18:ed:f5:5a:a3:f1:9d:48:f0:9e: 6f:8c:df:c6:89:b5:26:ee:b1:4f:83:bb:03:be:61: 01:09:b9:cf:33:ba:33:0b:09:f2:4e:74:17:e0:83: b4:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:8F:66:E3:23:16:52:F3:10:03:81:4E:57:B4:FF:FE:76:05:95:BB X509v3 Authority Key Identifier: keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/l49m4yMWUvMQA4FOV7T__nYFlbs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.29.240.0/22 Signature Algorithm: sha256WithRSAEncryption 38:93:08:93:fb:0b:38:db:0f:59:6a:95:c1:b3:42:ea:b7:7f: b9:8b:e8:7a:29:f4:6e:17:9d:49:47:bf:f6:08:6a:d5:80:1b: 27:cb:ff:74:8e:02:95:c1:c2:a9:7f:45:db:f5:d7:a2:6e:36: 4e:e3:79:9b:f8:3a:75:64:ba:21:d5:1d:50:b5:d1:17:1a:30: 95:b5:66:0b:e1:31:b7:4c:ad:21:b0:e9:f0:f5:95:1c:47:aa: c5:63:5a:ba:50:34:27:18:a8:b8:e3:5f:69:ea:8a:7a:9c:cc: ff:6f:85:36:91:64:2a:ef:99:16:f0:e4:98:7d:17:5d:06:55: 73:cc:43:43:cb:11:55:83:11:48:bb:a8:86:e4:04:19:ed:45: 34:cd:b7:d9:41:8a:31:68:8d:8a:5e:3c:f3:e5:21:43:b7:3f: fd:e5:23:c0:ef:93:b8:81:19:8d:76:39:d1:6b:9d:87:aa:a5: 61:48:c4:6b:f2:7e:5a:cf:70:8b:b5:fa:94:3c:c5:8d:83:0a: 06:3c:95:71:25:cc:db:f2:07:11:e3:d0:d3:9b:10:ec:fd:63: 04:6a:87:b2:32:42:37:33:30:8a:fa:83:f6:a5:7e:48:ac:52: ed:ae:71:83:d4:ee:eb:a1:49:73:86:ca:ed:a2:09:06:2a:f8: 0f:7e:87:5b -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTAyMTAx NDA2MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk3OEY2NkUzMjMxNjUy RjMxMDAzODE0RTU3QjRGRkZFNzYwNTk1QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLgDkrj6u/K1g44LTiGUrdXt69yr3/jVaMMyIYapEEm2gxoLEd 9X79OgfLGnZR8CpPLN8MeVGteb8U/53I6GN+6dPLTNrj/GxuNtUKe4edlqkx1C7t mLAVT6eXIEKwX7+TZ3CVwaiMVxAO3IiWKHCqJsvrrQYtfj8G+PNeP2a6mi8fFPh/ jxSBDamtvhEUHw/7ymN7fCbH3cHSbhTa6rnKOMUy1Qv0oG27F/yfB4g05OrQ2nU5 fvT7EBT7leAQSFHTqiQbEYH9URt0wZ366x4CQmMnGIJrGO31WqPxnUjwnm+M38aJ tSbusU+DuwO+YQEJuc8zujMLCfJOdBfgg7SjAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUl49m4yMWUvMQA4FOV7T//nYFlbswHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6 /hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL2w0OW00eU1XVXZNUUE0Rk9WN1RfX25Z Rmxicy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ KoZIhvcNAQELBQADggEBADiTCJP7CzjbD1lqlcGzQuq3f7mL6Hop9G4XnUlHv/YI atWAGyfL/3SOApXBwql/Rdv116JuNk7jeZv4OnVkuiHVHVC10RcaMJW1ZgvhMbdM rSGw6fD1lRxHqsVjWrpQNCcYqLjjX2nqinqczP9vhTaRZCrvmRbw5Jh9F10GVXPM Q0PLEVWDEUi7qIbkBBntRTTNt9lBijFojYpePPPlIUO3P/3lI8Dvk7iBGY12OdFr nYeqpWFIxGvyflrPcIu1+pQ8xY2DCgY8lXElzNvyBxHj0NObEOz9YwRqh7IyQjcz MIr6g/alfkisUu2ucYPU7uuhSXOGyu2iCQYq+A9+h1s= -----END CERTIFICATE-----Generated at Tue Apr 8 10:48:30 2025 by rpki-client