$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Koiv3EgiRVAR3q4bh-xEaQWb9Sw.roa File: Koiv3EgiRVAR3q4bh-xEaQWb9Sw.roa (raw, json) Hash identifier: NC7nYE5t5a6SGMNjdJjsgmdYLMWYgnrNeycT+8fngv0= Subject key identifier: 2A:88:AF:DC:48:22:45:50:11:DE:AE:1B:87:EC:44:69:05:9B:F5:2C Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0DA9 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Koiv3EgiRVAR3q4bh-xEaQWb9Sw.roa Signing time: Mon 10 Feb 2025 14:06:10 +0000 ROA not before: Mon 10 Feb 2025 14:06:10 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18042 IP address blocks: 115.43.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3497 (0xda9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Feb 10 14:06:10 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2A88AFDC4822455011DEAE1B87EC4469059BF52C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:16:c5:8b:cf:10:0e:d5:58:d0:45:b5:f4:6f: 89:f2:76:ac:75:30:e0:6a:cc:36:8e:c0:b8:9c:f8: 45:e0:12:62:34:b0:3f:64:6a:cd:fb:b7:43:40:54: 07:05:e5:b3:fb:3e:c1:88:82:fd:8b:b2:b2:59:8f: 0b:02:05:04:1b:26:48:1b:8f:a9:5b:2a:f7:27:3f: 04:e7:81:15:2c:ca:82:39:60:e2:d4:64:ef:35:a9: 66:8f:d6:51:f0:6f:c4:26:3e:0d:43:34:2d:fe:d0: c5:6d:20:5a:9c:ad:50:69:d8:a4:70:8d:7e:be:09: 12:a3:01:03:9f:32:4a:b9:24:b6:06:ee:27:ce:2d: c5:61:34:83:38:0a:08:fd:82:70:8a:5f:d7:c2:a6: f7:16:8d:cd:08:d7:e3:67:1b:f9:1d:00:1a:96:be: 0b:07:ce:bd:f4:e1:60:c1:8d:46:c0:5d:99:2a:af: 62:98:c4:6a:35:59:2a:f3:98:f0:f1:b0:16:5c:d6: eb:e5:73:a1:28:1f:27:0b:98:ce:fd:d0:b0:c5:eb: 65:86:05:93:a7:e7:ae:b9:71:a7:b6:78:d1:5d:cf: 83:7c:af:50:84:6b:4f:73:8e:4e:5f:66:81:e0:28: ca:27:26:74:ef:79:ea:ba:2c:29:d7:d3:7e:62:d6: f0:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:88:AF:DC:48:22:45:50:11:DE:AE:1B:87:EC:44:69:05:9B:F5:2C X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Koiv3EgiRVAR3q4bh-xEaQWb9Sw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.43.0.0/16 Signature Algorithm: sha256WithRSAEncryption 83:dc:5d:8a:df:e1:60:2a:fa:ec:7c:44:44:9c:44:cc:45:8e: 65:92:fa:58:0f:3a:42:b5:a6:cc:c9:e4:a5:02:4b:dc:39:f3: 08:b4:c0:ee:1c:bf:27:fa:a1:03:b0:f1:46:fe:6f:de:49:a5: 9a:ca:3d:9a:e6:05:a2:ba:58:55:70:3e:55:bb:3a:86:cd:5f: 91:15:55:1f:c1:9e:ba:ab:87:cc:b9:4a:35:6f:6a:c4:42:e3: 36:8a:25:c3:ce:be:a1:1b:66:12:b7:18:e2:8c:9d:d5:3a:28: 0d:0c:40:18:17:15:b9:16:f5:e9:78:a4:b5:36:74:e4:c4:a7: 82:e7:22:d5:57:1b:2a:10:bc:ea:99:df:5a:30:64:16:b4:c0: c4:b9:ed:e1:48:c7:ad:c9:28:96:04:c6:40:4d:59:f0:53:3b: 87:de:81:39:49:fa:c0:6a:8c:15:29:2a:91:5b:a9:3a:97:d9: 85:b4:d9:df:1b:7b:da:98:e5:40:23:a2:71:b5:ed:7b:5b:0e: e9:d6:8d:cd:b5:81:e1:9c:b3:a6:95:7a:c5:48:59:87:8e:0e: 62:8e:f6:64:cd:58:b1:93:37:f0:e8:c1:4f:df:c9:20:fe:3a: 19:77:78:cf:bf:aa:56:e5:96:e9:34:2f:12:94:18:62:b1:0d: 73:09:48:88 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICDakwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTAyMTAx NDA2MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJBODhBRkRDNDgyMjQ1 NTAxMURFQUUxQjg3RUM0NDY5MDU5QkY1MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3FsWLzxAO1VjQRbX0b4nydqx1MOBqzDaOwLic+EXgEmI0sD9k as37t0NAVAcF5bP7PsGIgv2LsrJZjwsCBQQbJkgbj6lbKvcnPwTngRUsyoI5YOLU ZO81qWaP1lHwb8QmPg1DNC3+0MVtIFqcrVBp2KRwjX6+CRKjAQOfMkq5JLYG7ifO LcVhNIM4Cgj9gnCKX9fCpvcWjc0I1+NnG/kdABqWvgsHzr304WDBjUbAXZkqr2KY xGo1WSrzmPDxsBZc1uvlc6EoHycLmM790LDF62WGBZOn5665cae2eNFdz4N8r1CE a09zjk5fZoHgKMonJnTveeq6LCnX035i1vChAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQUKoiv3EgiRVAR3q4bh+xEaQWb9SwwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL0tvaXYzRWdpUlZBUjNxNGJo LXhFYVFXYjlTdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwBz KzANBgkqhkiG9w0BAQsFAAOCAQEAg9xdit/hYCr67HxERJxEzEWOZZL6WA86QrWm zMnkpQJL3DnzCLTA7hy/J/qhA7DxRv5v3kmlmso9muYForpYVXA+Vbs6hs1fkRVV H8GeuquHzLlKNW9qxELjNoolw86+oRtmErcY4oyd1TooDQxAGBcVuRb16XiktTZ0 5MSnguci1VcbKhC86pnfWjBkFrTAxLnt4UjHrckolgTGQE1Z8FM7h96BOUn6wGqM FSkqkVupOpfZhbTZ3xt72pjlQCOicbXte1sO6daNzbWB4ZyzppV6xUhZh44OYo72 ZM1YsZM38OjBT9/JIP46GXd4z7+qVuWW6TQvEpQYYrENcwlIiA== -----END CERTIFICATE-----Generated at Wed Feb 19 22:05:47 2025 by rpki-client