$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/M2NIM/274k7LNadfEbvQV089QaMsEO_GE.roa File: 274k7LNadfEbvQV089QaMsEO_GE.roa (raw, json) Hash identifier: uS7sifgv2DMagHBPRl3xO6tttVCl7Bb2Dpu45p1LBXI= Subject key identifier: DB:BE:24:EC:B3:5A:75:F1:1B:BD:05:74:F3:D4:1A:32:C1:0E:FC:61 Certificate issuer: /CN=07D3E73EC5EB3D704863889E221845B7695D409C Certificate serial: F3 Authority key identifier: 07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/274k7LNadfEbvQV089QaMsEO_GE.roa Signing time: Mon 10 Feb 2025 13:45:56 +0000 ROA not before: Mon 10 Feb 2025 13:45:56 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 32595 IP address blocks: 157.20.134.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:58:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 243 (0xf3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=07D3E73EC5EB3D704863889E221845B7695D409C Validity Not Before: Feb 10 13:45:56 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DBBE24ECB35A75F11BBD0574F3D41A32C10EFC61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2e:db:91:99:3c:f4:16:27:c9:66:bd:9b:34: 50:e6:33:48:06:36:03:1e:62:80:a9:5a:24:f0:42: 6a:69:f9:a0:ec:86:48:90:a2:fa:01:10:d3:f9:9e: be:fd:97:5f:75:8e:d0:90:97:85:61:d8:43:5f:ab: c1:85:2c:13:99:03:01:84:b5:ff:46:31:06:d5:4f: b9:c0:66:fc:7f:e5:eb:41:86:ea:28:2a:be:85:47: c7:11:ed:e2:57:7a:05:52:be:0c:64:56:8b:17:1d: 23:a1:8e:3f:ec:09:21:66:94:af:24:28:f6:01:2a: bf:cf:12:95:2c:0a:ca:e5:df:a3:ef:ae:72:28:44: 40:3d:c2:4b:4d:02:a6:34:46:aa:88:86:63:73:d9: f7:f9:07:cb:29:6e:da:77:42:d8:0d:b5:be:b9:9e: 17:ef:8b:24:cf:58:45:7f:fe:ed:21:18:a2:04:01: 66:8f:c4:75:17:00:66:06:00:84:6d:51:8b:76:1a: 22:ea:4e:70:78:71:01:6f:88:79:33:c8:28:e8:de: b9:ed:e8:60:f3:66:b4:a7:34:49:13:ab:16:c3:39: 2b:f1:1c:f0:41:0d:cb:79:6c:2c:a9:6c:3d:77:d5: 66:5d:ba:42:d6:58:96:27:b2:f5:2d:9c:30:88:c3: d9:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:BE:24:EC:B3:5A:75:F1:1B:BD:05:74:F3:D4:1A:32:C1:0E:FC:61 X509v3 Authority Key Identifier: keyid:07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/274k7LNadfEbvQV089QaMsEO_GE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.134.0/23 Signature Algorithm: sha256WithRSAEncryption 12:f1:e2:f8:8f:a3:8e:50:f4:5d:60:2c:3c:a1:74:40:f4:90: 0f:b8:13:27:54:c6:9b:8d:7b:30:2b:59:db:bd:b0:93:46:2b: 27:72:f1:8c:ff:88:12:fd:8f:41:cb:85:c4:77:22:b3:46:48: 49:4a:49:a7:37:0b:50:ea:a9:ad:64:2d:6d:59:6b:4c:60:a5: c3:6c:35:99:d2:ce:88:4e:92:74:e5:8a:6d:99:8f:09:9e:80: 5b:a2:42:a5:ad:bd:5b:f9:9b:ee:cd:c9:33:75:a9:d7:99:e8: 30:1c:8d:ec:6c:28:49:6b:c5:71:3c:45:65:1d:7e:9d:b5:37: b4:ae:ce:d5:37:c3:c8:ee:40:51:70:67:fd:c7:be:e5:47:39: 05:2b:86:8c:86:dc:42:6a:c1:d2:c5:b6:c2:88:71:76:41:ea: d4:d6:33:17:73:92:fd:4e:6c:3a:89:29:1f:62:c7:1d:6d:9d: ba:1c:7e:c7:87:f6:3a:15:85:a1:10:92:88:30:a6:bb:a0:69: de:e7:65:6c:be:ef:b9:1e:ac:d4:9b:06:e6:d9:ed:7c:cf:c9: 60:37:ee:c8:b9:e0:fe:52:1d:b8:52:4a:2f:7e:11:d5:f6:47: bb:f9:cd:5c:3a:b2:13:02:bc:b8:59:f9:05:92:49:ca:c6:16: 55:0c:7f:1f -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdE M0U3M0VDNUVCM0Q3MDQ4NjM4ODlFMjIxODQ1Qjc2OTVENDA5QzAeFw0yNTAyMTAx MzQ1NTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERCQkUyNEVDQjM1QTc1 RjExQkJEMDU3NEYzRDQxQTMyQzEwRUZDNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzLtuRmTz0FifJZr2bNFDmM0gGNgMeYoCpWiTwQmpp+aDshkiQ ovoBENP5nr79l191jtCQl4Vh2ENfq8GFLBOZAwGEtf9GMQbVT7nAZvx/5etBhuoo Kr6FR8cR7eJXegVSvgxkVosXHSOhjj/sCSFmlK8kKPYBKr/PEpUsCsrl36PvrnIo REA9wktNAqY0RqqIhmNz2ff5B8spbtp3QtgNtb65nhfviyTPWEV//u0hGKIEAWaP xHUXAGYGAIRtUYt2GiLqTnB4cQFviHkzyCjo3rnt6GDzZrSnNEkTqxbDOSvxHPBB Dct5bCypbD131WZdukLWWJYnsvUtnDCIw9nFAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU274k7LNadfEbvQV089QaMsEO/GEwHwYDVR0jBBgwFoAUB9PnPsXrPXBIY4ie IhhFt2ldQJwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTTJOSU0v QjlQblBzWHJQWEJJWTRpZUloaEZ0MmxkUUp3LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9COVBuUHNYclBYQklZNGllSWhoRnQybGRRSncuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NMk5JTS8yNzRrN0xOYWRmRWJ2UVYwODlR YU1zRU9fR0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRSG MA0GCSqGSIb3DQEBCwUAA4IBAQAS8eL4j6OOUPRdYCw8oXRA9JAPuBMnVMabjXsw K1nbvbCTRisncvGM/4gS/Y9By4XEdyKzRkhJSkmnNwtQ6qmtZC1tWWtMYKXDbDWZ 0s6ITpJ05YptmY8JnoBbokKlrb1b+ZvuzckzdanXmegwHI3sbChJa8VxPEVlHX6d tTe0rs7VN8PI7kBRcGf9x77lRzkFK4aMhtxCasHSxbbCiHF2QerU1jMXc5L9Tmw6 iSkfYscdbZ26HH7Hh/Y6FYWhEJKIMKa7oGne52Vsvu+5HqzUmwbm2e18z8lgN+7I ueD+Uh24UkovfhHV9ke7+c1cOrITAry4WfkFkknKxhZVDH8f -----END CERTIFICATE-----Generated at Wed Feb 19 22:16:50 2025 by rpki-client