$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Jo_D6VAK5h8L1yh0qCeNFMYvI0U.roa File: Jo_D6VAK5h8L1yh0qCeNFMYvI0U.roa (raw, json) Hash identifier: QYD87o7JHw//daWZj/UjBQNqysFChpGNaHDiys0Xbvc= Subject key identifier: 26:8F:C3:E9:50:0A:E6:1F:0B:D7:28:74:A8:27:8D:14:C6:2F:23:45 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 181D Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Jo_D6VAK5h8L1yh0qCeNFMYvI0U.roa Signing time: Mon 10 Feb 2025 14:07:35 +0000 ROA not before: Mon 10 Feb 2025 14:07:35 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 220.229.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6173 (0x181d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Feb 10 14:07:35 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=268FC3E9500AE61F0BD72874A8278D14C62F2345 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:14:72:bf:4e:b1:a0:3d:c6:27:fe:b0:a1:d0: d3:b3:ec:49:f3:e9:57:e1:9b:a6:91:6a:58:8d:39: ce:4a:fd:fd:2e:6a:5c:c6:09:e4:f0:dd:57:e9:9d: 57:1a:87:5a:50:d1:61:a6:bd:93:eb:fd:da:37:bb: 0f:29:d1:f1:1d:aa:bb:c1:18:2d:dc:16:cf:06:17: 11:b0:56:95:6e:14:d7:61:8b:ac:98:c3:57:b8:74: a2:1e:57:1c:bb:c7:50:23:9b:c5:6e:18:7b:43:d0: a3:58:ee:57:78:ff:81:66:e4:71:7e:48:9f:69:76: e9:18:34:80:71:43:69:69:48:b1:e2:7b:f4:10:ca: 7a:fa:4d:23:8b:fb:01:08:64:d2:ff:3e:58:bb:29: ca:ab:a3:3b:00:b9:b0:fa:ba:9d:46:c2:96:1a:48: fc:32:ae:29:57:96:e7:da:60:dd:3e:3d:79:14:93: 44:41:08:61:98:6b:0b:e2:95:49:f5:a3:fe:f4:12: 3f:83:a5:16:15:ed:f7:17:11:4c:9b:06:6a:a8:71: e4:4e:8f:11:d7:bd:01:2c:db:4b:98:fd:08:55:c7: 09:c9:a8:74:c7:81:f9:fa:2e:01:b9:90:c9:c5:da: 5d:4a:1c:67:09:6b:1e:d6:55:ff:76:66:b6:c6:85: 50:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:8F:C3:E9:50:0A:E6:1F:0B:D7:28:74:A8:27:8D:14:C6:2F:23:45 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Jo_D6VAK5h8L1yh0qCeNFMYvI0U.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.229.68.0/22 Signature Algorithm: sha256WithRSAEncryption 43:68:2b:e4:1c:c3:f2:d8:d0:75:f3:83:9e:29:d5:de:f5:65: 56:1c:ba:a2:c7:14:a2:69:05:74:b4:b6:03:bf:98:80:f6:2c: 6c:fc:be:9c:b0:08:8c:ee:02:04:5f:b2:55:12:04:67:f2:8a: e8:04:39:32:b7:f1:46:a0:0d:c7:87:84:11:1f:9c:b2:ca:f7: 27:8a:78:00:3c:84:07:cb:c9:60:91:a7:66:0d:97:0c:4f:a0: 40:92:a2:15:98:ce:47:d0:7a:80:55:2d:c4:1d:e5:3f:f6:41: 3a:4e:0b:ff:a9:c7:c3:b5:84:0d:96:bf:60:a4:94:34:9c:d7: 73:90:91:56:e5:67:94:1d:29:6e:12:87:ed:95:a7:34:ce:42: 7e:e1:fe:14:54:4f:d2:e7:24:12:ba:2a:a2:99:1a:ec:2a:a4: 9b:9d:44:c9:d6:f4:ff:09:54:b4:44:22:9f:a4:5f:b1:52:d7: a2:f2:44:22:e8:c7:e1:0e:76:42:99:71:15:7f:90:ab:c4:8a: 9f:0c:a3:1e:9a:cc:25:50:36:02:65:07:a2:18:38:6f:e5:eb: f1:64:a9:a2:f3:c0:83:f5:9a:e9:0b:4d:0c:4e:f1:3e:e9:0f: a9:0b:c5:a1:04:f0:7a:06:16:90:05:79:ce:0a:40:35:00:7a: c3:d5:e2:ff -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGB0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx NDA3MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI2OEZDM0U5NTAwQUU2 MUYwQkQ3Mjg3NEE4Mjc4RDE0QzYyRjIzNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiFHK/TrGgPcYn/rCh0NOz7Enz6Vfhm6aRaliNOc5K/f0ualzG CeTw3VfpnVcah1pQ0WGmvZPr/do3uw8p0fEdqrvBGC3cFs8GFxGwVpVuFNdhi6yY w1e4dKIeVxy7x1Ajm8VuGHtD0KNY7ld4/4Fm5HF+SJ9pdukYNIBxQ2lpSLHie/QQ ynr6TSOL+wEIZNL/Pli7KcqrozsAubD6up1GwpYaSPwyrilXlufaYN0+PXkUk0RB CGGYawvilUn1o/70Ej+DpRYV7fcXEUybBmqoceROjxHXvQEs20uY/QhVxwnJqHTH gfn6LgG5kMnF2l1KHGcJax7WVf92ZrbGhVCPAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUJo/D6VAK5h8L1yh0qCeNFMYvI0UwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSm9fRDZWQUs1aDhMMXloMHFDZU5G TVl2STBVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtzlRDAN BgkqhkiG9w0BAQsFAAOCAQEAQ2gr5BzD8tjQdfODninV3vVlVhy6oscUomkFdLS2 A7+YgPYsbPy+nLAIjO4CBF+yVRIEZ/KK6AQ5MrfxRqANx4eEER+cssr3J4p4ADyE B8vJYJGnZg2XDE+gQJKiFZjOR9B6gFUtxB3lP/ZBOk4L/6nHw7WEDZa/YKSUNJzX c5CRVuVnlB0pbhKH7ZWnNM5CfuH+FFRP0uckEroqopka7Cqkm51Eydb0/wlUtEQi n6RfsVLXovJEIujH4Q52QplxFX+Qq8SKnwyjHprMJVA2AmUHohg4b+Xr8WSpovPA g/Wa6QtNDE7xPukPqQvFoQTwegYWkAV5zgpANQB6w9Xi/w== -----END CERTIFICATE-----Generated at Mon Apr 7 15:16:28 2025 by rpki-client