$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/qM0uOx_U6LlgOoOqqp4I_1nNt4M.roa File: qM0uOx_U6LlgOoOqqp4I_1nNt4M.roa (raw, json) Hash identifier: 4VtWO6bCIAy9hSHjeNMCr1AVLTa9S72hXpcUdlj88HA= Subject key identifier: A8:CD:2E:3B:1F:D4:E8:B9:60:3A:83:AA:AA:9E:08:FF:59:CD:B7:83 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0DB4 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/qM0uOx_U6LlgOoOqqp4I_1nNt4M.roa Signing time: Mon 10 Feb 2025 14:06:13 +0000 ROA not before: Mon 10 Feb 2025 14:06:13 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9416 IP address blocks: 119.14.0.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3508 (0xdb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Feb 10 14:06:13 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A8CD2E3B1FD4E8B9603A83AAAA9E08FF59CDB783 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:5f:4d:39:b7:e6:1d:49:fd:8b:35:1a:f9:8d: a9:2e:1e:d4:a7:37:cd:ca:2f:ad:2d:76:df:9c:8a: e9:64:08:f5:ef:4d:d7:f6:f1:54:4c:d3:12:9f:45: 3b:f7:33:33:3c:72:7b:d0:5b:4e:f5:5e:8c:58:50: ac:45:00:5b:9f:37:d5:61:ff:74:05:3a:f6:b6:b5: fa:18:62:dd:55:62:1f:bf:02:be:b5:c1:2d:f1:95: dd:91:d7:af:9f:c4:1a:1e:6c:2d:95:d6:fe:50:7f: c4:30:6b:48:31:17:cf:42:02:7e:99:15:c1:82:8d: d0:bb:95:1b:54:d8:15:69:f2:1e:99:85:ba:c0:13: c6:ef:6f:23:cd:0a:5d:86:dd:66:8a:31:0d:de:29: 2d:d2:61:ca:e1:e1:b9:d7:40:ba:28:cb:43:cc:ef: aa:e3:ea:fc:06:19:90:c3:ca:0b:35:88:2f:06:b8: 26:5d:30:26:bc:f5:58:76:15:9f:2e:8e:09:fa:2a: 89:53:86:03:c6:91:2b:63:58:35:0c:f5:5f:fd:df: 60:f1:bd:1e:f6:9d:e2:17:05:a7:3c:ac:96:ae:02: 5c:a0:e5:d6:60:32:f4:38:08:16:21:ed:b8:c6:7e: d9:f8:e6:74:92:38:65:01:42:d0:53:d4:ff:17:67: 73:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:CD:2E:3B:1F:D4:E8:B9:60:3A:83:AA:AA:9E:08:FF:59:CD:B7:83 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/qM0uOx_U6LlgOoOqqp4I_1nNt4M.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.14.0.0/17 Signature Algorithm: sha256WithRSAEncryption 71:b8:89:ce:9f:99:b7:7f:99:4a:32:4a:8c:26:10:0f:82:88: 10:ba:0b:c3:60:4c:84:8f:3d:d3:94:f8:c9:b4:0c:d7:44:d3: 5c:0b:5b:ec:74:02:7b:6e:df:d8:37:e2:6b:85:f4:ba:6e:2d: 02:e8:ca:4a:2a:24:89:3d:8f:bc:ab:6f:66:ab:c1:d4:44:9a: 43:1c:3f:4e:cb:bb:cf:f9:15:22:f8:8e:96:d3:bd:17:bf:f5: 3a:5e:8e:a3:a5:e2:19:79:6f:17:04:a4:6e:cd:fe:a0:13:9e: d5:21:88:e9:41:df:8e:c0:4e:ca:ac:67:d8:49:15:92:b3:68: 4f:37:4b:2e:3c:74:a9:28:f0:60:8a:5b:7f:3c:b3:71:40:8f: 2d:2b:0c:db:db:69:23:8e:22:c0:72:93:89:9a:c1:da:2d:8f: 93:46:22:ec:bc:ec:a8:a2:6f:53:5f:ec:e7:37:e5:99:ba:26: a5:f2:6a:29:75:06:96:5d:73:68:60:f5:28:b6:4c:f1:5c:47: dd:db:95:65:b2:c4:c5:fd:e3:68:c1:c7:d8:c4:98:e3:2a:61: 56:66:00:3f:32:c4:c6:42:b3:22:be:1a:e8:79:3a:36:38:3e: ea:15:b3:3b:90:ba:ee:22:85:3d:b1:2a:60:96:f9:07:c2:79: ec:19:d3:34 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTAyMTAx NDA2MTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE4Q0QyRTNCMUZENEU4 Qjk2MDNBODNBQUFBOUUwOEZGNTlDREI3ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvX005t+YdSf2LNRr5jakuHtSnN83KL60tdt+ciulkCPXvTdf2 8VRM0xKfRTv3MzM8cnvQW071XoxYUKxFAFufN9Vh/3QFOva2tfoYYt1VYh+/Ar61 wS3xld2R16+fxBoebC2V1v5Qf8Qwa0gxF89CAn6ZFcGCjdC7lRtU2BVp8h6ZhbrA E8bvbyPNCl2G3WaKMQ3eKS3SYcrh4bnXQLooy0PM76rj6vwGGZDDygs1iC8GuCZd MCa89Vh2FZ8ujgn6KolThgPGkStjWDUM9V/932DxvR72neIXBac8rJauAlyg5dZg MvQ4CBYh7bjGftn45nSSOGUBQtBT1P8XZ3PlAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUqM0uOx/U6LlgOoOqqp4I/1nNt4MwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL3FNMHVPeF9VNkxsZ09vT3Fx cDRJXzFuTnQ0TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd3 DgAwDQYJKoZIhvcNAQELBQADggEBAHG4ic6fmbd/mUoySowmEA+CiBC6C8NgTISP PdOU+Mm0DNdE01wLW+x0Antu39g34muF9LpuLQLoykoqJIk9j7yrb2arwdREmkMc P07Lu8/5FSL4jpbTvRe/9TpejqOl4hl5bxcEpG7N/qATntUhiOlB347ATsqsZ9hJ FZKzaE83Sy48dKko8GCKW388s3FAjy0rDNvbaSOOIsByk4mawdotj5NGIuy87Kii b1Nf7Oc35Zm6JqXyail1BpZdc2hg9Si2TPFcR93blWWyxMX942jBx9jEmOMqYVZm AD8yxMZCsyK+Guh5OjY4PuoVszuQuu4ihT2xKmCW+QfCeewZ0zQ= -----END CERTIFICATE-----Generated at Wed Feb 19 22:01:27 2025 by rpki-client