$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/lXwIiHM56siohfDMT78IiBwtdSU.roa File: lXwIiHM56siohfDMT78IiBwtdSU.roa (raw, json) Hash identifier: PXONX/GjqOERXiZEWwsb7dSjOYnjs+gert1ribh/Z5c= Subject key identifier: 95:7C:08:88:73:39:EA:C8:A8:85:F0:CC:4F:BF:08:88:1C:2D:75:25 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 17AF Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/lXwIiHM56siohfDMT78IiBwtdSU.roa Signing time: Mon 10 Feb 2025 14:07:09 +0000 ROA not before: Mon 10 Feb 2025 14:07:09 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 210.64.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6063 (0x17af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Feb 10 14:07:09 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=957C08887339EAC8A885F0CC4FBF08881C2D7525 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c5:1c:4c:2f:ee:1e:70:ed:9e:f4:cd:c8:5d: 11:a3:42:11:e4:26:de:2f:a8:c1:c6:d8:e5:c0:97: e5:fe:5e:7d:29:d5:47:b4:ff:5f:8a:b9:38:ba:66: c3:d6:f9:ef:76:c1:91:19:1b:df:c5:67:5c:c3:12: 95:f2:44:30:0b:58:cb:73:69:ec:91:06:58:d5:e4: 54:cf:11:63:23:a3:6b:39:e7:6f:64:0e:01:1d:e8: 07:72:47:cc:fa:fa:1e:29:a2:b2:ba:da:ed:fe:5e: ff:89:67:5f:bd:af:2b:b1:22:14:0a:d1:a1:c1:0a: b3:5e:56:b5:3d:3f:fc:04:5b:23:83:d6:29:c5:4b: cf:d9:9e:45:88:1d:a3:10:7b:e3:4e:45:ac:40:fa: 64:08:12:59:2c:d8:d1:00:2e:e2:bc:86:87:ff:eb: 00:33:7e:fb:29:8e:59:c0:b4:a2:ba:0c:c7:9f:29: d9:62:19:7b:45:23:6e:d9:97:f8:bf:8d:fe:0d:05: e8:a0:ea:c3:93:a3:c9:02:d8:1a:23:75:c3:37:8a: be:ae:de:b0:e1:73:ab:a8:cd:1b:77:57:aa:e2:43: cd:6e:4f:ab:da:d6:bc:ab:8f:82:c8:87:25:98:35: 30:58:11:86:09:ae:53:db:1c:72:12:b9:09:4f:f7: d8:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:7C:08:88:73:39:EA:C8:A8:85:F0:CC:4F:BF:08:88:1C:2D:75:25 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/lXwIiHM56siohfDMT78IiBwtdSU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.64.0.0/16 Signature Algorithm: sha256WithRSAEncryption 46:e2:97:0a:da:6a:2e:9f:cf:d7:53:2d:86:ab:d5:27:e3:78: a0:ec:52:91:b7:ae:c7:82:89:72:71:6f:0a:25:24:fc:10:e0: 73:21:13:d9:bb:c3:91:dd:1b:3d:0c:e9:98:e2:6b:14:aa:1e: 5d:46:74:52:19:45:db:1f:a7:ba:58:d0:0b:30:8f:ee:fb:8c: 66:25:d5:b8:42:a3:e8:a2:22:85:3b:db:ac:69:d6:3b:e0:7e: 95:f2:c5:28:d5:c7:ed:72:af:86:47:0e:f5:fc:e3:fc:d0:b2: 7d:42:bc:0a:3f:15:7f:c9:e5:4c:80:ca:40:46:26:2f:9a:38: b4:c6:a5:e1:f2:4c:36:ca:84:a7:7b:d2:ac:00:2f:88:de:8b: 31:16:78:aa:d4:b9:70:43:a5:46:de:ab:84:44:34:38:69:fb: c7:e1:d6:2b:9c:5c:e6:60:6f:a3:9f:ea:8a:91:8d:c2:64:18: 3f:7e:6d:67:ac:b2:d7:51:1d:08:ff:ad:61:18:c4:d7:97:cb: 1b:87:0f:8b:15:ea:f3:cd:a2:21:10:4f:6a:1d:3c:46:b4:5f: 85:56:4f:38:8f:b2:eb:de:a0:b4:17:18:8b:7a:13:6c:78:d7: c6:de:99:c0:b1:c9:99:e1:a7:9a:fb:f5:e6:26:04:1e:99:82: 95:dc:bc:b3 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICF68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx NDA3MDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk1N0MwODg4NzMzOUVB QzhBODg1RjBDQzRGQkYwODg4MUMyRDc1MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIxRxML+4ecO2e9M3IXRGjQhHkJt4vqMHG2OXAl+X+Xn0p1Ue0 /1+KuTi6ZsPW+e92wZEZG9/FZ1zDEpXyRDALWMtzaeyRBljV5FTPEWMjo2s5529k DgEd6AdyR8z6+h4porK62u3+Xv+JZ1+9ryuxIhQK0aHBCrNeVrU9P/wEWyOD1inF S8/ZnkWIHaMQe+NORaxA+mQIElks2NEALuK8hof/6wAzfvspjlnAtKK6DMefKdli GXtFI27Zl/i/jf4NBeig6sOTo8kC2BojdcM3ir6u3rDhc6uozRt3V6riQ81uT6va 1ryrj4LIhyWYNTBYEYYJrlPbHHISuQlP99g1AgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUlXwIiHM56siohfDMT78IiBwtdSUwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbFh3SWlITTU2c2lvaGZETVQ3OElp Qnd0ZFNVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANJAMA0G CSqGSIb3DQEBCwUAA4IBAQBG4pcK2moun8/XUy2Gq9Un43ig7FKRt67HgolycW8K JST8EOBzIRPZu8OR3Rs9DOmY4msUqh5dRnRSGUXbH6e6WNALMI/u+4xmJdW4QqPo oiKFO9usadY74H6V8sUo1cftcq+GRw71/OP80LJ9QrwKPxV/yeVMgMpARiYvmji0 xqXh8kw2yoSne9KsAC+I3osxFniq1LlwQ6VG3quERDQ4afvH4dYrnFzmYG+jn+qK kY3CZBg/fm1nrLLXUR0I/61hGMTXl8sbhw+LFerzzaIhEE9qHTxGtF+FVk84j7Lr 3qC0FxiLehNseNfG3pnAscmZ4aea+/XmJgQemYKV3Lyz -----END CERTIFICATE-----Generated at Mon Apr 7 15:06:19 2025 by rpki-client