$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/jZu2gflVQ4tZZ4jCh2aQJBd_s0s.roa File: jZu2gflVQ4tZZ4jCh2aQJBd_s0s.roa (raw, json) Hash identifier: MfPsRo7ydVEan98Z5lQBzXdpUZ92vhShvnvD2RFyUFU= Subject key identifier: 8D:9B:B6:81:F9:55:43:8B:59:67:88:C2:87:66:90:24:17:7F:B3:4B Certificate issuer: /CN=A18EB377DD0318AE465D8F3F7D6E0AD0A4E9ED1E Certificate serial: 0EDD Authority key identifier: A1:8E:B3:77:DD:03:18:AE:46:5D:8F:3F:7D:6E:0A:D0:A4:E9:ED:1E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/oY6zd90DGK5GXY8_fW4K0KTp7R4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/jZu2gflVQ4tZZ4jCh2aQJBd_s0s.roa Signing time: Mon 10 Feb 2025 14:12:02 +0000 ROA not before: Mon 10 Feb 2025 14:12:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131633 IP address blocks: 2404:73c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/oY6zd90DGK5GXY8_fW4K0KTp7R4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/oY6zd90DGK5GXY8_fW4K0KTp7R4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/oY6zd90DGK5GXY8_fW4K0KTp7R4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 08:37:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3805 (0xedd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A18EB377DD0318AE465D8F3F7D6E0AD0A4E9ED1E Validity Not Before: Feb 10 14:12:02 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8D9BB681F955438B596788C287669024177FB34B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:51:c3:c1:8b:26:19:65:97:60:2f:7c:ec:6b: 81:79:8d:29:68:a5:b1:87:a6:89:05:1d:1d:ca:a7: f1:a6:0a:da:93:cb:8e:f1:24:cb:8c:ba:ca:91:73: 6e:18:29:5e:e7:9c:b8:34:a5:b2:ae:29:b9:c0:bb: af:69:da:8b:47:0f:30:02:4f:63:84:0e:bf:52:d0: 1d:f5:bd:40:72:e2:37:d3:a8:53:ed:73:a4:e4:90: 87:3e:0a:b1:c2:df:3b:a2:d7:3b:f8:ea:c7:c5:3e: d7:73:fa:db:4c:04:33:05:d9:a6:0d:bc:36:90:b8: db:b6:d1:67:2e:c2:51:4f:b4:78:84:21:22:ba:e2: fa:0c:fd:32:98:2c:0b:c2:d9:65:d1:92:db:55:40: 30:c2:ea:87:89:e7:69:73:09:6d:94:aa:19:0a:e0: d3:49:41:8f:35:8b:27:51:34:c2:5a:d7:21:9e:4b: bd:d8:79:1f:ba:0c:f9:ef:ca:d9:83:48:f9:a4:03: f4:6f:46:37:13:04:89:8a:84:66:7c:a2:92:bc:f2: f2:b1:a8:cf:b5:0e:ad:16:d4:48:21:ae:46:f8:b7: fd:d1:73:02:0d:c9:6b:c2:64:ab:6e:97:08:79:c4: 0c:17:bd:8e:b7:73:4d:e2:42:12:31:ad:9c:62:e9: 9d:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:9B:B6:81:F9:55:43:8B:59:67:88:C2:87:66:90:24:17:7F:B3:4B X509v3 Authority Key Identifier: keyid:A1:8E:B3:77:DD:03:18:AE:46:5D:8F:3F:7D:6E:0A:D0:A4:E9:ED:1E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/oY6zd90DGK5GXY8_fW4K0KTp7R4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/oY6zd90DGK5GXY8_fW4K0KTp7R4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/jZu2gflVQ4tZZ4jCh2aQJBd_s0s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:73c0::/32 Signature Algorithm: sha256WithRSAEncryption 8d:35:57:cf:76:d4:18:a9:74:be:f9:f8:fd:8b:f2:d4:75:83: 9f:4f:cf:49:b7:bc:69:2b:38:0a:39:8f:a8:dc:63:da:33:b0: 6e:19:7d:18:62:1e:f3:d6:d1:23:19:95:42:71:2d:03:4b:50: 7f:07:8a:d9:e6:ab:3d:0b:3f:90:b0:82:b2:36:92:6f:a6:60: c9:45:db:92:ee:c0:28:e6:c1:08:59:b5:c1:f9:e9:c2:ae:0a: a1:11:13:42:2f:9b:f9:f6:f4:37:ed:5b:16:1d:32:71:82:0c: 82:55:20:76:04:2d:be:bf:2c:c0:5e:bb:1f:88:89:26:37:dc: 0c:9a:02:8b:f2:9e:f4:34:07:39:eb:47:fa:3c:65:31:3f:82: 0a:a8:a3:d0:9a:08:96:da:2d:14:1c:f8:04:2b:8a:85:8b:10: 80:92:75:ed:3a:e5:73:08:d5:cb:ac:ae:23:c1:c6:72:53:8e: 70:bc:15:49:21:b0:f1:4b:cc:61:e2:4c:f8:fd:eb:5a:67:72: 6e:c1:0c:64:43:1b:dc:54:7f:0e:59:74:b1:7b:3e:e2:9a:6e: a6:20:a6:ac:36:09:ff:38:54:60:11:71:0e:be:0d:c5:74:4f: 4f:9b:20:9b:dd:9b:b6:ee:1b:00:c8:2b:07:66:6b:41:34:f0: cc:15:c6:18 -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICDt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTE4 RUIzNzdERDAzMThBRTQ2NUQ4RjNGN0Q2RTBBRDBBNEU5RUQxRTAeFw0yNTAyMTAx NDEyMDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhEOUJCNjgxRjk1NTQz OEI1OTY3ODhDMjg3NjY5MDI0MTc3RkIzNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeUcPBiyYZZZdgL3zsa4F5jSlopbGHpokFHR3Kp/GmCtqTy47x JMuMusqRc24YKV7nnLg0pbKuKbnAu69p2otHDzACT2OEDr9S0B31vUBy4jfTqFPt c6TkkIc+CrHC3zui1zv46sfFPtdz+ttMBDMF2aYNvDaQuNu20WcuwlFPtHiEISK6 4voM/TKYLAvC2WXRkttVQDDC6oeJ52lzCW2UqhkK4NNJQY81iydRNMJa1yGeS73Y eR+6DPnvytmDSPmkA/RvRjcTBImKhGZ8opK88vKxqM+1Dq0W1Eghrkb4t/3RcwIN yWvCZKtulwh5xAwXvY63c03iQhIxrZxi6Z0vAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQUjZu2gflVQ4tZZ4jCh2aQJBd/s0swHwYDVR0jBBgwFoAUoY6zd90DGK5GXY8/ fW4K0KTp7R4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUlOR0pJ TkdFTi9vWTZ6ZDkwREdLNUdYWThfZlc0SzBLVHA3UjQuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL29ZNnpkOTBER0s1R1hZOF9mVzRLMEtUcDdSNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL01JTkdKSU5HRU4valp1MmdmbFZR NHRaWjRqQ2gyYVFKQmRfczBzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC AAIwBwMFACQEc8AwDQYJKoZIhvcNAQELBQADggEBAI01V8921BipdL75+P2L8tR1 g59Pz0m3vGkrOAo5j6jcY9ozsG4ZfRhiHvPW0SMZlUJxLQNLUH8Hitnmqz0LP5Cw grI2km+mYMlF25LuwCjmwQhZtcH56cKuCqERE0Ivm/n29DftWxYdMnGCDIJVIHYE Lb6/LMBeux+IiSY33AyaAovynvQ0BznrR/o8ZTE/ggqoo9CaCJbaLRQc+AQrioWL EICSde065XMI1cusriPBxnJTjnC8FUkhsPFLzGHiTPj961pncm7BDGRDG9xUfw5Z dLF7PuKabqYgpqw2Cf84VGARcQ6+DcV0T0+bIJvdm7buGwDIKwdma0E08MwVxhg= -----END CERTIFICATE-----Generated at Mon Apr 7 07:24:07 2025 by rpki-client