$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ISHISH/jd0kF1vNgBYUjmPvxIAJhPf-jCc.roa File: jd0kF1vNgBYUjmPvxIAJhPf-jCc.roa (raw, json) Hash identifier: FeRX4AVR2piyJdpYT+x7RHXTiaCulresY6GRiRbvQoY= Subject key identifier: 8D:DD:24:17:5B:CD:80:16:14:8E:63:EF:C4:80:09:84:F7:FE:8C:27 Certificate issuer: /CN=7E17D923AA0BC6B0A08B5A187BEE9CADE8D50EAF Certificate serial: 02F5 Authority key identifier: 7E:17:D9:23:AA:0B:C6:B0:A0:8B:5A:18:7B:EE:9C:AD:E8:D5:0E:AF Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fhfZI6oLxrCgi1oYe-6crejVDq8.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ISHISH/jd0kF1vNgBYUjmPvxIAJhPf-jCc.roa Signing time: Mon 10 Feb 2025 13:57:58 +0000 ROA not before: Mon 10 Feb 2025 13:57:58 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38047 IP address blocks: 2400:5ea0:852a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ISHISH/fhfZI6oLxrCgi1oYe-6crejVDq8.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ISHISH/fhfZI6oLxrCgi1oYe-6crejVDq8.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/fhfZI6oLxrCgi1oYe-6crejVDq8.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 22:07:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 757 (0x2f5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7E17D923AA0BC6B0A08B5A187BEE9CADE8D50EAF Validity Not Before: Feb 10 13:57:58 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8DDD24175BCD8016148E63EFC4800984F7FE8C27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:3b:aa:d9:0f:73:9e:25:77:d0:d3:b8:b0:55: ab:1e:16:26:e4:b5:f9:7e:ce:97:ac:a9:3c:2c:d9: 46:fc:a2:be:1d:3d:aa:8d:6e:07:9a:07:6a:bf:c2: 67:d6:27:6a:9e:64:83:d2:f9:13:d1:04:f8:12:cb: 06:ff:e5:cc:b5:59:0b:a8:38:6b:11:af:4d:83:40: dc:19:cb:25:a9:a9:fd:62:ee:56:7a:be:7a:7d:65: 86:4a:45:f1:64:f7:94:df:a6:f2:10:be:91:36:e7: 44:87:1b:bb:0a:69:36:33:04:20:36:2d:ed:58:7d: 8d:1d:28:a6:25:ea:24:07:34:f0:a7:e8:17:44:da: 13:39:37:ab:01:db:b9:0b:1d:ab:b3:df:24:f5:ca: f9:63:f5:71:6b:09:9f:ef:02:98:9a:e2:ac:38:c0: f1:e6:98:ee:b6:43:f1:87:76:11:34:fd:81:16:60: 75:b9:e2:c4:a1:ac:f5:66:e4:77:f2:74:9f:06:34: 26:a9:d9:6c:f3:bc:a5:52:c4:09:02:80:69:b2:dc: 1f:72:31:bb:fc:f7:6b:3b:fd:89:60:04:fa:76:f9: 63:4e:9e:0e:0f:68:aa:70:ef:6b:14:13:b7:08:d7: 40:d1:3e:90:7b:3d:fe:90:14:a1:22:e3:f5:c4:f3: e3:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:DD:24:17:5B:CD:80:16:14:8E:63:EF:C4:80:09:84:F7:FE:8C:27 X509v3 Authority Key Identifier: keyid:7E:17:D9:23:AA:0B:C6:B0:A0:8B:5A:18:7B:EE:9C:AD:E8:D5:0E:AF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ISHISH/fhfZI6oLxrCgi1oYe-6crejVDq8.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fhfZI6oLxrCgi1oYe-6crejVDq8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ISHISH/jd0kF1vNgBYUjmPvxIAJhPf-jCc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5ea0:852a::/48 Signature Algorithm: sha256WithRSAEncryption 2c:46:88:de:13:28:3d:1c:ae:4f:fd:8b:9b:90:f6:ce:c2:6e: ef:f9:38:15:ac:8c:9a:25:f5:ae:84:72:b5:ca:24:b1:c6:e2: 2a:7a:c5:c6:46:63:0f:52:4f:3b:8f:8c:19:30:6c:f4:00:04: da:2f:72:e3:26:4c:24:71:31:72:4d:e1:f8:06:9d:59:86:dc: 80:b4:ff:f3:1b:01:68:36:89:94:f7:f9:67:d1:37:81:d7:de: f2:15:3f:21:26:60:d9:b9:1f:6e:a1:d1:27:8a:51:59:72:57: d2:a3:4c:86:c0:e8:2d:de:df:7f:6c:3e:87:7c:54:c2:6d:15: 83:63:b6:13:ab:e9:84:ef:d4:86:b4:21:94:4c:a3:c7:0d:4e: 1f:b4:9e:d0:6a:d2:0c:b8:6e:d9:67:3c:6b:d4:b9:10:b1:88: 9f:aa:8a:11:c7:0f:60:10:69:e0:c4:1c:f1:a3:37:b4:9b:f5: 94:f0:68:8c:52:46:70:7f:87:5c:97:9d:bd:69:77:8f:1f:c7: be:1f:ac:f1:e1:23:6e:db:5b:cf:e0:cf:ec:3b:82:d6:34:e8: d8:af:48:e8:bf:52:73:97:83:e1:55:75:68:c8:cd:58:42:b0: 6c:ac:41:75:a3:b1:f4:26:7a:f4:a6:87:55:b8:d0:a9:8e:50: 93:03:ce:f5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAvUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0Ux N0Q5MjNBQTBCQzZCMEEwOEI1QTE4N0JFRTlDQURFOEQ1MEVBRjAeFw0yNTAyMTAx MzU3NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhEREQyNDE3NUJDRDgw MTYxNDhFNjNFRkM0ODAwOTg0RjdGRThDMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCaO6rZD3OeJXfQ07iwVaseFibktfl+zpesqTws2Ub8or4dPaqN bgeaB2q/wmfWJ2qeZIPS+RPRBPgSywb/5cy1WQuoOGsRr02DQNwZyyWpqf1i7lZ6 vnp9ZYZKRfFk95TfpvIQvpE250SHG7sKaTYzBCA2Le1YfY0dKKYl6iQHNPCn6BdE 2hM5N6sB27kLHauz3yT1yvlj9XFrCZ/vApia4qw4wPHmmO62Q/GHdhE0/YEWYHW5 4sShrPVm5HfydJ8GNCap2WzzvKVSxAkCgGmy3B9yMbv892s7/YlgBPp2+WNOng4P aKpw72sUE7cI10DRPpB7Pf6QFKEi4/XE8+PrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjd0kF1vNgBYUjmPvxIAJhPf+jCcwHwYDVR0jBBgwFoAUfhfZI6oLxrCgi1oY e+6crejVDq8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSVNISVNI L2ZoZlpJNm9MeHJDZ2kxb1llLTZjcmVqVkRxOC5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvZmhmWkk2b0x4ckNnaTFvWWUtNmNyZWpWRHE4LmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSVNISVNIL2pkMGtGMXZOZ0JZVWptUHZ4 SUFKaFBmLWpDYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk AF6ghSowDQYJKoZIhvcNAQELBQADggEBACxGiN4TKD0crk/9i5uQ9s7Cbu/5OBWs jJol9a6EcrXKJLHG4ip6xcZGYw9STzuPjBkwbPQABNovcuMmTCRxMXJN4fgGnVmG 3IC0//MbAWg2iZT3+WfRN4HX3vIVPyEmYNm5H26h0SeKUVlyV9KjTIbA6C3e339s Pod8VMJtFYNjthOr6YTv1Ia0IZRMo8cNTh+0ntBq0gy4btlnPGvUuRCxiJ+qihHH D2AQaeDEHPGjN7Sb9ZTwaIxSRnB/h1yXnb1pd48fx74frPHhI27bW8/gz+w7gtY0 6NivSOi/UnOXg+FVdWjIzVhCsGysQXWjsfQmevSmh1W40KmOUJMDzvU= -----END CERTIFICATE-----Generated at Sat Apr 12 20:22:33 2025 by rpki-client