$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/y1ycz2kpzad_oHR1DPNSlFxEBBM.roa File: y1ycz2kpzad_oHR1DPNSlFxEBBM.roa (raw, json) Hash identifier: 7s9BqDuBWj0mPIvB3PFAl4tQNvo8crBCWYagQYCSB3g= Subject key identifier: CB:5C:9C:CF:69:29:CD:A7:7F:A0:74:75:0C:F3:52:94:5C:44:04:13 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 0F5F Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/y1ycz2kpzad_oHR1DPNSlFxEBBM.roa Signing time: Mon 10 Feb 2025 14:08:00 +0000 ROA not before: Mon 10 Feb 2025 14:08:00 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 192.72.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 07:08:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3935 (0xf5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Feb 10 14:08:00 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CB5C9CCF6929CDA77FA074750CF352945C440413 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:2f:f0:49:86:23:ff:44:e0:22:d3:34:b6:16: a9:6f:af:94:cd:26:f3:7e:9b:db:3e:e1:b8:41:ee: f5:e7:2b:a0:0e:71:eb:50:7b:3a:f5:12:d6:1a:e1: 63:26:cc:79:4f:97:8d:1c:5e:67:26:09:f1:4c:31: f2:70:4a:70:45:0d:61:21:11:ef:be:f4:47:0c:f2: c6:18:3e:e2:f1:bc:38:a0:0c:3b:98:3f:9b:ed:06: 38:21:83:88:e1:17:70:72:2c:19:45:e7:66:32:51: 49:39:d6:33:4f:09:16:7b:e5:d0:c6:c8:43:c8:a2: 87:8d:ea:eb:fb:9d:32:73:36:38:61:0d:e3:82:2b: 93:f6:3a:0f:b7:2b:60:1b:76:99:12:b2:0c:4c:f9: cd:66:bd:19:27:b8:1c:bd:49:60:f8:93:16:77:e5: 82:76:b2:f3:f7:a9:6a:e5:b1:58:04:07:65:fe:c5: 0d:de:cd:29:b4:16:74:e8:ce:86:53:be:f6:fc:b9: 61:9b:d9:27:ea:c1:d6:45:2f:83:0c:31:6d:41:00: c6:ef:6c:d8:ca:e6:2a:a4:66:cc:22:e0:c3:0e:2b: fd:c6:70:19:ab:2c:c0:1a:6d:0d:68:a9:18:64:22: 09:35:4f:69:12:4b:29:17:ea:d3:40:00:39:97:b9: 2a:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:5C:9C:CF:69:29:CD:A7:7F:A0:74:75:0C:F3:52:94:5C:44:04:13 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/y1ycz2kpzad_oHR1DPNSlFxEBBM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.128.0/18 Signature Algorithm: sha256WithRSAEncryption 6d:e5:8b:96:bb:86:5d:d7:cf:ea:7b:df:9d:09:b5:60:dd:2f: e1:76:ec:31:b0:2d:5a:c5:c3:d8:77:3b:89:83:91:f2:4f:f0: 51:76:fb:b1:55:80:e5:d7:cf:2d:99:42:82:39:9f:d0:54:7a: 17:b7:ec:ec:c1:14:01:21:e7:fc:4f:f4:cb:91:dd:f1:f4:df: b6:91:6e:bf:c6:64:f3:e4:f3:87:0e:fc:d9:fa:57:21:7f:99: 0a:84:14:b0:b1:37:eb:a4:93:09:80:5e:d9:5c:45:63:38:ea: 0e:cd:bc:b4:ec:58:59:91:57:c2:ac:ef:1d:b7:3a:89:ff:5b: 3f:b6:97:8c:92:ca:94:2a:22:e3:8c:63:a0:92:56:7c:0b:1a: 07:4d:ab:c7:31:fe:5c:cd:05:77:b3:17:fe:5b:61:d3:86:72: d2:d8:f3:59:15:03:5c:50:da:27:0e:30:02:34:ee:04:4a:b6: 47:60:eb:5c:53:fa:60:d1:3c:ca:f2:b4:f2:bf:3c:17:70:86: b0:07:a4:fe:e5:91:c3:d8:d8:e2:78:09:43:ac:2d:ac:50:fc: 96:0f:89:01:eb:e9:4c:28:31:d1:a4:89:a2:42:53:3e:ff:6e: f6:aa:97:97:82:61:59:db:32:af:e0:af:0b:7d:19:f0:49:2d: cb:3a:a8:ac -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx NDA4MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENCNUM5Q0NGNjkyOUNE QTc3RkEwNzQ3NTBDRjM1Mjk0NUM0NDA0MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJL/BJhiP/ROAi0zS2Fqlvr5TNJvN+m9s+4bhB7vXnK6AOcetQ ezr1EtYa4WMmzHlPl40cXmcmCfFMMfJwSnBFDWEhEe++9EcM8sYYPuLxvDigDDuY P5vtBjghg4jhF3ByLBlF52YyUUk51jNPCRZ75dDGyEPIooeN6uv7nTJzNjhhDeOC K5P2Og+3K2AbdpkSsgxM+c1mvRknuBy9SWD4kxZ35YJ2svP3qWrlsVgEB2X+xQ3e zSm0FnTozoZTvvb8uWGb2SfqwdZFL4MMMW1BAMbvbNjK5iqkZswi4MMOK/3GcBmr LMAabQ1oqRhkIgk1T2kSSykX6tNAADmXuSqlAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUy1ycz2kpzad/oHR1DPNSlFxEBBMwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveTF5Y3oya3B6YWRfb0hSMURQTlNs RnhFQkJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBsBIgDAN BgkqhkiG9w0BAQsFAAOCAQEAbeWLlruGXdfP6nvfnQm1YN0v4XbsMbAtWsXD2Hc7 iYOR8k/wUXb7sVWA5dfPLZlCgjmf0FR6F7fs7MEUASHn/E/0y5Hd8fTftpFuv8Zk 8+Tzhw782fpXIX+ZCoQUsLE366STCYBe2VxFYzjqDs28tOxYWZFXwqzvHbc6if9b P7aXjJLKlCoi44xjoJJWfAsaB02rxzH+XM0Fd7MX/lth04Zy0tjzWRUDXFDaJw4w AjTuBEq2R2DrXFP6YNE8yvK08r88F3CGsAek/uWRw9jY4ngJQ6wtrFD8lg+JAevp TCgx0aSJokJTPv9u9qqXl4JhWdsyr+CvC30Z8EktyzqorA== -----END CERTIFICATE-----Generated at Mon Apr 14 05:38:27 2025 by rpki-client