$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/1eSfSntra-ca5Lr8nUQ1zK5nOOU.roa File: 1eSfSntra-ca5Lr8nUQ1zK5nOOU.roa (raw, json) Hash identifier: 6/YXwZoj2PwcoCAykO7n382MAN5eiVvhL55SSSkIfRs= Subject key identifier: D5:E4:9F:4A:7B:6B:6B:E7:1A:E4:BA:FC:9D:44:35:CC:AE:67:38:E5 Certificate issuer: /CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5 Certificate serial: DF Authority key identifier: D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/1eSfSntra-ca5Lr8nUQ1zK5nOOU.roa Signing time: Mon 10 Feb 2025 14:19:45 +0000 ROA not before: Mon 10 Feb 2025 14:19:45 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131147 IP address blocks: 157.66.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 10:06:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 223 (0xdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5 Validity Not Before: Feb 10 14:19:45 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D5E49F4A7B6B6BE71AE4BAFC9D4435CCAE6738E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ad:19:2d:53:fe:d7:cd:4e:e6:2d:5d:4e:43: d5:5e:03:ea:5a:7c:92:21:2f:63:71:61:01:67:57: 0a:3f:bd:ff:fa:5d:54:b4:c3:f8:53:7a:3e:5d:e5: 0a:ff:f1:d0:88:a1:18:d6:8b:89:19:8e:ee:70:dc: 6e:0d:f9:be:cd:d4:22:8e:4c:ad:be:96:78:28:e8: 71:71:db:ed:d6:d8:48:1a:bf:60:8e:54:b0:50:d3: 11:e8:f1:71:8b:78:38:23:63:92:2d:76:ae:f2:31: a8:3e:bc:e9:84:7e:0f:61:fc:20:ca:89:29:a0:af: 53:31:ba:c0:2c:38:af:9f:4b:25:5a:24:63:ea:8a: ee:47:f8:69:62:a4:60:fb:30:c4:5c:18:04:92:a2: e4:d5:a5:e1:25:fa:32:92:45:d3:c1:36:3f:37:fc: 8a:2e:e9:2c:c8:07:86:f0:cd:7d:bc:69:3d:f3:22: 9d:ba:d2:c6:f7:23:15:27:13:c1:23:b8:a1:97:b4: 2b:0c:57:72:15:21:d7:2c:36:dd:24:b4:f1:2b:d4: 77:1a:49:a3:bd:ad:0a:3d:7a:65:0a:b0:97:2a:47: 5a:84:02:35:8e:8a:5e:6e:31:7f:f2:3a:fc:bb:dd: c2:8d:bd:7b:52:05:4f:7d:3b:95:6e:75:7a:39:65: c2:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:E4:9F:4A:7B:6B:6B:E7:1A:E4:BA:FC:9D:44:35:CC:AE:67:38:E5 X509v3 Authority Key Identifier: keyid:D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/1eSfSntra-ca5Lr8nUQ1zK5nOOU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.167.0/24 Signature Algorithm: sha256WithRSAEncryption 27:20:2a:59:f1:99:f2:86:63:67:9e:f4:a5:7d:39:37:6b:1b: a4:fe:89:fc:47:93:d9:f4:aa:78:b2:ee:e1:5a:16:1f:08:a8: fc:50:10:51:aa:16:23:c2:3a:cd:f1:45:08:5e:27:4a:0e:28: ce:38:31:a3:9e:c2:8f:09:3c:12:00:44:e2:55:85:e9:6d:6f: d3:bb:c9:36:1b:00:52:f2:f7:06:13:05:12:55:1b:6d:a2:f7: 45:5b:b9:a6:ab:ab:74:c6:2d:2b:c0:97:5d:cf:87:47:d0:69: 4a:3d:9e:2c:52:7d:20:88:fe:cf:8e:2d:23:a7:18:d3:1b:30: d0:bc:1e:c0:95:05:82:90:82:e2:a0:a4:18:37:65:61:31:ca: 4c:c7:81:7a:a2:f7:f2:ac:d0:74:b1:32:93:9b:b2:64:aa:7e: 20:55:39:10:25:56:9a:21:ce:c5:5f:35:09:3b:f1:e7:b8:a1: ec:9c:b0:00:33:0c:8a:92:c7:a6:d3:e1:41:93:da:ff:94:4e: 0a:37:ec:ab:3e:4f:9b:0f:a1:da:54:33:3a:1b:e1:13:f5:2e: fc:51:ad:10:fa:67:15:75:a2:ae:f9:22:d6:0a:1e:57:4e:ad: 87:32:e4:1c:9a:79:fe:f4:86:6b:88:f6:6f:21:dc:6c:52:74: 2a:1c:54:ec -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDk2 NkI1NTkwOTMyNDE4MEE4OEE0NUUxRjY4M0NGNEQyRUQ5QkNBNTAeFw0yNTAyMTAx NDE5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ1RTQ5RjRBN0I2QjZC RTcxQUU0QkFGQzlENDQzNUNDQUU2NzM4RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdrRktU/7XzU7mLV1OQ9VeA+pafJIhL2NxYQFnVwo/vf/6XVS0 w/hTej5d5Qr/8dCIoRjWi4kZju5w3G4N+b7N1CKOTK2+lngo6HFx2+3W2Egav2CO VLBQ0xHo8XGLeDgjY5Itdq7yMag+vOmEfg9h/CDKiSmgr1MxusAsOK+fSyVaJGPq iu5H+GlipGD7MMRcGASSouTVpeEl+jKSRdPBNj83/Iou6SzIB4bwzX28aT3zIp26 0sb3IxUnE8EjuKGXtCsMV3IVIdcsNt0ktPEr1HcaSaO9rQo9emUKsJcqR1qEAjWO il5uMX/yOvy73cKNvXtSBU99O5VudXo5ZcIvAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU1eSfSntra+ca5Lr8nUQ1zK5nOOUwHwYDVR0jBBgwFoAU2Wa1WQkyQYCoikXh 9oPPTS7ZvKUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElSVU4v MldhMVdRa3lRWUNvaWtYaDlvUFBUUzdadktVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8yV2ExV1FreVFZQ29pa1hoOW9QUFRTN1p2S1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi8xZVNmU250cmEtY2E1THI4blVR MXpLNW5PT1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnUKn MA0GCSqGSIb3DQEBCwUAA4IBAQAnICpZ8ZnyhmNnnvSlfTk3axuk/on8R5PZ9Kp4 su7hWhYfCKj8UBBRqhYjwjrN8UUIXidKDijOODGjnsKPCTwSAETiVYXpbW/Tu8k2 GwBS8vcGEwUSVRttovdFW7mmq6t0xi0rwJddz4dH0GlKPZ4sUn0giP7Pji0jpxjT GzDQvB7AlQWCkILioKQYN2VhMcpMx4F6ovfyrNB0sTKTm7Jkqn4gVTkQJVaaIc7F XzUJO/HnuKHsnLAAMwyKksem0+FBk9r/lE4KN+yrPk+bD6HaVDM6G+ET9S78Ua0Q +mcVdaKu+SLWCh5XTq2HMuQcmnn+9IZriPZvIdxsUnQqHFTs -----END CERTIFICATE-----Generated at Mon Apr 7 09:07:28 2025 by rpki-client