$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LEYUN/kmHUxkMGXApzr5n-GYFL4wOfbUc.roa File: kmHUxkMGXApzr5n-GYFL4wOfbUc.roa (raw, json) Hash identifier: BB3L0SZQR2g5bpxLdOCsB/NPCLJ880QrSWw3P96XgKM= Subject key identifier: 92:61:D4:C6:43:06:5C:0A:73:AF:99:FE:19:81:4B:E3:03:9F:6D:47 Certificate issuer: /CN=5322E61AE8C8DD8953E1E6BDC96AE4827AFCF990 Certificate serial: 0263 Authority key identifier: 53:22:E6:1A:E8:C8:DD:89:53:E1:E6:BD:C9:6A:E4:82:7A:FC:F9:90 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UyLmGujI3YlT4ea9yWrkgnr8-ZA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LEYUN/kmHUxkMGXApzr5n-GYFL4wOfbUc.roa Signing time: Mon 10 Feb 2025 14:05:41 +0000 ROA not before: Mon 10 Feb 2025 14:05:41 +0000 ROA not after: Tue 14 Oct 2025 15:30:32 +0000 asID: 152616 IP address blocks: 160.191.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/LEYUN/UyLmGujI3YlT4ea9yWrkgnr8-ZA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/LEYUN/UyLmGujI3YlT4ea9yWrkgnr8-ZA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/UyLmGujI3YlT4ea9yWrkgnr8-ZA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 14:36:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 611 (0x263) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5322E61AE8C8DD8953E1E6BDC96AE4827AFCF990 Validity Not Before: Feb 10 14:05:41 2025 GMT Not After : Oct 14 15:30:32 2025 GMT Subject: CN=9261D4C643065C0A73AF99FE19814BE3039F6D47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:7c:36:68:e2:1b:bf:16:80:ed:db:e8:f5:01: e0:fb:f6:71:93:be:54:b5:57:f5:79:c8:1f:57:37: f7:0d:5b:b5:53:25:75:81:a7:b0:a2:66:7c:ab:0f: 2a:ad:b6:da:d6:75:1e:7c:f6:a1:b7:90:c3:ce:f1: 1b:d2:e8:f4:38:ad:57:fa:07:c2:a6:19:b8:e3:16: ad:36:91:84:3d:73:72:e4:c9:06:dc:86:65:0c:09: cc:15:42:28:f4:f4:2f:b7:1c:f8:92:60:27:c8:df: 3f:9a:d7:a5:eb:cc:5e:f9:7d:5a:cc:de:bd:ed:5b: 37:f9:92:34:42:84:37:8f:2b:7d:16:8a:6b:35:54: 75:c4:13:0d:1d:df:28:3d:9e:5f:0d:a3:0a:78:55: e5:79:98:5a:d5:93:f5:b4:14:c7:fa:2e:88:7f:ee: 4a:c7:f3:fa:e7:59:79:b0:09:63:5f:2d:52:2e:87: 3f:a8:3a:03:7a:e2:d5:e6:52:4b:c7:73:01:e0:0c: 5e:42:a5:fa:17:a0:3d:18:b1:dc:99:7f:c2:6d:35: 3f:72:89:f0:73:e9:c7:e4:27:39:fa:93:55:88:8a: 5c:06:d9:65:5c:db:9a:7f:88:41:e0:30:1c:f6:3c: 85:08:af:ef:ef:b9:5e:4f:4d:65:dd:d8:14:f9:da: c1:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:61:D4:C6:43:06:5C:0A:73:AF:99:FE:19:81:4B:E3:03:9F:6D:47 X509v3 Authority Key Identifier: keyid:53:22:E6:1A:E8:C8:DD:89:53:E1:E6:BD:C9:6A:E4:82:7A:FC:F9:90 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LEYUN/UyLmGujI3YlT4ea9yWrkgnr8-ZA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UyLmGujI3YlT4ea9yWrkgnr8-ZA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LEYUN/kmHUxkMGXApzr5n-GYFL4wOfbUc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.191.7.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:af:22:5f:3e:44:11:19:cd:a2:48:6b:c3:c2:5c:79:5f:9b: 78:cc:01:13:7f:b3:bd:6c:3c:b9:1f:19:e6:e5:5d:38:4c:51: 41:1c:51:bc:43:f6:c6:34:0f:fd:ad:f4:0f:cd:55:13:b0:37: 4f:33:03:b4:72:8e:78:33:63:12:f4:91:fc:51:ff:b7:ed:d7: 31:02:a6:b1:41:e0:67:68:bc:4f:d4:e9:5a:f2:c8:77:da:9f: c4:78:de:20:a0:f1:b3:bf:9d:8e:7e:5b:3f:e0:a0:62:40:65: 08:19:45:b8:8c:90:46:bb:a0:ac:6c:ff:58:87:4d:75:88:7b: 8a:a0:db:4a:8a:75:aa:75:d8:5a:d1:c6:09:42:60:8a:7e:c8: ab:30:af:4c:5a:0c:88:6e:52:40:5d:13:ae:37:54:d0:c7:02: ad:e1:fb:e5:92:6a:3c:fb:83:d1:5a:c8:ee:d4:82:cd:2b:86: 5c:bf:16:b0:b8:15:e1:81:3b:24:cc:a8:47:7b:68:6d:90:cb: 02:9f:2a:9a:e6:38:ac:54:84:1f:be:45:d8:67:35:52:a2:98: 89:77:bb:d5:2b:c7:e1:da:08:1e:91:65:d3:ba:95:00:54:6d: 73:3f:3e:a2:fe:85:b0:b2:7d:c3:1c:41:2d:a0:a6:e4:25:ea: cf:f0:cf:0d -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAmMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTMy MkU2MUFFOEM4REQ4OTUzRTFFNkJEQzk2QUU0ODI3QUZDRjk5MDAeFw0yNTAyMTAx NDA1NDFaFw0yNTEwMTQxNTMwMzJaMDMxMTAvBgNVBAMTKDkyNjFENEM2NDMwNjVD MEE3M0FGOTlGRTE5ODE0QkUzMDM5RjZENDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsfDZo4hu/FoDt2+j1AeD79nGTvlS1V/V5yB9XN/cNW7VTJXWB p7CiZnyrDyqtttrWdR589qG3kMPO8RvS6PQ4rVf6B8KmGbjjFq02kYQ9c3LkyQbc hmUMCcwVQij09C+3HPiSYCfI3z+a16XrzF75fVrM3r3tWzf5kjRChDePK30Wims1 VHXEEw0d3yg9nl8Nowp4VeV5mFrVk/W0FMf6Loh/7krH8/rnWXmwCWNfLVIuhz+o OgN64tXmUkvHcwHgDF5CpfoXoD0YsdyZf8JtNT9yifBz6cfkJzn6k1WIilwG2WVc 25p/iEHgMBz2PIUIr+/vuV5PTWXd2BT52sETAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUkmHUxkMGXApzr5n+GYFL4wOfbUcwHwYDVR0jBBgwFoAUUyLmGujI3YlT4ea9 yWrkgnr8+ZAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVZVU4v VXlMbUd1akkzWWxUNGVhOXlXcmtnbnI4LVpBLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9VeUxtR3VqSTNZbFQ0ZWE5eVdya2ducjgtWkEuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MRVlVTi9rbUhVeGtNR1hBcHpyNW4tR1lG TDR3T2ZiVWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoL8H MA0GCSqGSIb3DQEBCwUAA4IBAQAbryJfPkQRGc2iSGvDwlx5X5t4zAETf7O9bDy5 Hxnm5V04TFFBHFG8Q/bGNA/9rfQPzVUTsDdPMwO0co54M2MS9JH8Uf+37dcxAqax QeBnaLxP1Ola8sh32p/EeN4goPGzv52Ofls/4KBiQGUIGUW4jJBGu6CsbP9Yh011 iHuKoNtKinWqddha0cYJQmCKfsirMK9MWgyIblJAXROuN1TQxwKt4fvlkmo8+4PR Wsju1ILNK4ZcvxawuBXhgTskzKhHe2htkMsCnyqa5jisVIQfvkXYZzVSopiJd7vV K8fh2ggekWXTupUAVG1zPz6i/oWwsn3DHEEtoKbkJerP8M8N -----END CERTIFICATE-----Generated at Mon Apr 7 12:56:51 2025 by rpki-client