$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/hMOmGeIPoDT2_Xnxjoc3Fg52lbk.roa File: hMOmGeIPoDT2_Xnxjoc3Fg52lbk.roa (raw, json) Hash identifier: 8DrCpQdxzhW5XDXrnY+TgqG95vIMdgKkWoydvVkD1W8= Subject key identifier: 84:C3:A6:19:E2:0F:A0:34:F6:FD:79:F1:8E:87:37:16:0E:76:95:B9 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0DA1 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/hMOmGeIPoDT2_Xnxjoc3Fg52lbk.roa Signing time: Mon 10 Feb 2025 14:06:08 +0000 ROA not before: Mon 10 Feb 2025 14:06:08 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9924 IP address blocks: 123.252.64.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3489 (0xda1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Feb 10 14:06:08 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=84C3A619E20FA034F6FD79F18E8737160E7695B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:7a:8e:c3:b5:9d:ee:77:c3:ed:27:6d:fc:7a: be:0c:db:06:77:ee:ed:3f:1e:d6:53:9c:d5:37:e9: 4d:09:dc:5a:1d:d3:96:e7:e7:ce:2c:80:70:8e:75: c4:f5:1e:99:25:7d:17:0e:d7:ce:09:cc:02:55:a0: 2c:d9:16:66:21:aa:6b:40:e6:55:0a:86:41:98:5f: 84:de:41:8c:a7:9b:fc:6f:99:69:9a:9f:c0:91:0a: 27:1f:ff:a1:52:cb:42:e7:be:e1:63:4c:73:a7:a2: d3:5b:59:ce:b6:d4:5a:4b:04:ac:24:8b:5c:0f:02: eb:a8:46:5c:58:d8:20:c6:54:e2:b3:ab:d8:d1:22: 36:ab:3a:66:42:ca:ae:30:e3:3d:55:cc:b2:2a:95: e1:45:6c:33:26:e9:9c:bf:7d:fd:e2:84:ef:ab:cc: c1:dc:33:eb:60:ba:4b:db:9d:d1:d4:fa:f8:4a:e7: 91:8d:bc:1e:50:d0:90:33:60:af:bb:a1:ee:ef:71: 9b:93:c7:42:c2:1d:f5:c2:5a:38:25:f5:0f:75:5b: 0f:ea:0c:15:fe:9d:1a:71:40:88:5f:4f:c4:9f:7e: a1:15:5c:82:f2:d0:ff:65:dd:69:b0:a0:96:02:4f: ad:e5:16:3d:9d:ac:22:87:dd:d0:5e:d5:fb:8d:20: d3:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:C3:A6:19:E2:0F:A0:34:F6:FD:79:F1:8E:87:37:16:0E:76:95:B9 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/hMOmGeIPoDT2_Xnxjoc3Fg52lbk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.252.64.0/18 Signature Algorithm: sha256WithRSAEncryption 4b:24:93:5f:11:65:f5:df:da:fd:a4:d8:eb:aa:b5:83:7d:02: 9d:5b:21:f7:49:4f:c2:17:c0:50:aa:7b:a5:83:9f:ec:b5:19: 94:c9:f8:82:0a:5d:f9:c5:60:29:ed:6b:97:9a:b6:35:46:da: 76:e9:6f:04:73:22:70:8a:5c:c7:76:72:39:61:88:3e:b4:48: 00:5f:56:e7:0a:24:49:40:6f:12:f1:b1:28:1f:95:06:f7:f8: 5a:07:83:61:84:fa:9e:c6:52:fa:f8:d7:19:92:2d:e3:78:67: 78:e2:48:90:16:8b:b6:3b:ea:04:97:bd:5f:f3:c8:b1:17:ad: d9:fd:2e:b5:57:3a:ce:ce:bc:61:1a:dc:1c:79:e9:60:f0:e6: eb:9d:69:35:2b:e3:9c:35:fe:6a:ac:3e:de:fd:4e:96:e6:a6: a8:67:c8:dc:9d:1e:eb:1e:b6:24:23:60:96:63:90:5e:92:da: 3c:94:3d:db:38:3d:c0:0b:e8:4f:e2:d0:85:d3:d6:09:2a:b8: d2:69:40:30:9f:7a:6f:4e:3b:8f:04:93:b1:d1:47:63:64:fc: 3a:f2:5e:bc:75:f8:34:54:ba:43:36:12:11:74:48:02:d5:74: aa:67:81:37:2a:bb:2c:04:73:9a:52:92:87:c8:2f:92:10:f0: db:9f:7e:1c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTAyMTAx NDA2MDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg0QzNBNjE5RTIwRkEw MzRGNkZENzlGMThFODczNzE2MEU3Njk1QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7eo7DtZ3ud8PtJ238er4M2wZ37u0/HtZTnNU36U0J3Fod05bn 584sgHCOdcT1HpklfRcO184JzAJVoCzZFmYhqmtA5lUKhkGYX4TeQYynm/xvmWma n8CRCicf/6FSy0LnvuFjTHOnotNbWc621FpLBKwki1wPAuuoRlxY2CDGVOKzq9jR IjarOmZCyq4w4z1VzLIqleFFbDMm6Zy/ff3ihO+rzMHcM+tgukvbndHU+vhK55GN vB5Q0JAzYK+7oe7vcZuTx0LCHfXCWjgl9Q91Ww/qDBX+nRpxQIhfT8SffqEVXILy 0P9l3WmwoJYCT63lFj2drCKH3dBe1fuNINPJAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUhMOmGeIPoDT2/Xnxjoc3Fg52lbkwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2hNT21HZUlQb0RUMl9Ybnhq b2MzRmc1Mmxiay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ7 /EAwDQYJKoZIhvcNAQELBQADggEBAEskk18RZfXf2v2k2OuqtYN9Ap1bIfdJT8IX wFCqe6WDn+y1GZTJ+IIKXfnFYCnta5eatjVG2nbpbwRzInCKXMd2cjlhiD60SABf VucKJElAbxLxsSgflQb3+FoHg2GE+p7GUvr41xmSLeN4Z3jiSJAWi7Y76gSXvV/z yLEXrdn9LrVXOs7OvGEa3Bx56WDw5uudaTUr45w1/mqsPt79TpbmpqhnyNydHuse tiQjYJZjkF6S2jyUPds4PcAL6E/i0IXT1gkquNJpQDCfem9OO48Ek7HRR2Nk/Dry Xrx1+DRUukM2EhF0SALVdKpngTcquywEc5pSkofIL5IQ8Nuffhw= -----END CERTIFICATE-----Generated at Wed Feb 19 22:03:34 2025 by rpki-client