$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/y9AMhAwBfjBMBhTgmtgx6d7UUVI.roa File: y9AMhAwBfjBMBhTgmtgx6d7UUVI.roa (raw, json) Hash identifier: U+l6i7OumaZGfQvaj+O40ElLqM+pqCYw4ge2u+HGHqw= Subject key identifier: CB:D0:0C:84:0C:01:7E:30:4C:06:14:E0:9A:D8:31:E9:DE:D4:51:52 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 17CE Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/y9AMhAwBfjBMBhTgmtgx6d7UUVI.roa Signing time: Mon 10 Feb 2025 14:07:16 +0000 ROA not before: Mon 10 Feb 2025 14:07:16 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 210.243.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 08:37:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6094 (0x17ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Feb 10 14:07:16 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CBD00C840C017E304C0614E09AD831E9DED45152 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ac:5c:ce:6b:8e:88:cf:ba:e5:5a:79:94:ab: 92:a3:e2:73:7e:b0:d9:2a:c1:68:d4:cf:db:3c:cf: b9:aa:4d:19:7a:69:65:04:fd:49:cc:0c:5b:5d:3a: e4:a3:5e:1c:ef:14:c2:c6:2f:6b:85:07:6f:27:43: 64:7d:1c:b0:66:80:ee:b6:0c:7d:b2:22:b1:62:c5: 4d:db:df:60:b4:b8:e9:ab:86:81:9b:17:6a:55:4a: f9:6a:67:ff:24:a3:4b:64:fc:3d:a3:cf:12:ed:08: 49:84:77:6a:0e:1d:11:77:00:df:c1:63:d0:25:97: 8c:d8:2b:93:d4:98:23:22:3d:6a:0a:5e:6c:6a:1b: 18:1c:c5:98:88:ef:7e:66:ec:9d:58:98:80:4b:19: 5d:76:e4:da:4b:24:96:b3:38:26:0e:09:7e:e3:f9: 97:a1:8a:48:16:7f:18:14:9f:52:f4:c0:12:49:c4: 03:61:bd:76:4d:ef:ce:c5:85:ae:00:bd:a5:e9:72: f6:b6:41:9f:8f:90:ad:f5:d5:12:f2:ff:57:99:f8: 03:dc:c6:dc:50:bb:5d:79:88:ba:6b:57:32:1b:70: 28:6b:53:3b:d7:e5:53:82:ae:1e:6f:6c:64:f8:c2: 3f:ea:e0:6d:c6:59:ca:05:af:4d:de:a1:a5:72:ac: c5:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:D0:0C:84:0C:01:7E:30:4C:06:14:E0:9A:D8:31:E9:DE:D4:51:52 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/y9AMhAwBfjBMBhTgmtgx6d7UUVI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.243.128.0/17 Signature Algorithm: sha256WithRSAEncryption 24:95:7d:44:f9:bb:0c:f5:7b:1d:7e:34:88:9d:0f:4a:21:21: 04:75:75:6e:41:be:5a:06:78:ad:5f:9c:34:60:0b:48:cd:f2: fe:cd:a9:01:b5:f0:6c:24:ef:43:53:cb:96:15:52:55:a0:71: 98:93:dd:c0:92:27:49:71:c0:1e:0e:34:c7:e7:51:9a:44:97: a0:e9:a8:bc:1b:3b:9a:b9:77:f1:fb:b5:bf:f3:37:32:16:69: 43:c8:51:b5:de:73:22:77:d6:cc:5b:f7:db:00:5f:e2:c8:97: 0e:04:04:e8:20:78:43:90:45:f6:90:17:6d:eb:c9:13:63:31: 68:74:8e:23:16:62:03:1c:61:c1:97:6c:46:61:58:44:03:e0: 42:80:37:f1:ad:7b:0b:0d:ea:42:3f:30:2f:60:66:bc:e5:93: aa:80:79:44:fa:5e:19:cf:f4:24:24:da:81:00:74:f3:a7:31: 08:ec:bf:93:80:51:db:45:e5:d1:15:a5:3d:ba:81:5d:71:ca: 6f:21:aa:ad:15:4a:a9:d1:db:23:06:a7:ef:c6:6c:31:cf:9f: de:ba:c0:c5:9a:97:4b:6d:dc:39:17:80:2e:71:71:8b:96:69: 79:cc:30:71:f4:d8:e9:90:a1:be:30:8e:8f:d6:bb:fd:6f:20: 1c:db:60:f4 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICF84wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx NDA3MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENCRDAwQzg0MEMwMTdF MzA0QzA2MTRFMDlBRDgzMUU5REVENDUxNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIrFzOa46Iz7rlWnmUq5Kj4nN+sNkqwWjUz9s8z7mqTRl6aWUE /UnMDFtdOuSjXhzvFMLGL2uFB28nQ2R9HLBmgO62DH2yIrFixU3b32C0uOmrhoGb F2pVSvlqZ/8ko0tk/D2jzxLtCEmEd2oOHRF3AN/BY9All4zYK5PUmCMiPWoKXmxq GxgcxZiI735m7J1YmIBLGV125NpLJJazOCYOCX7j+ZehikgWfxgUn1L0wBJJxANh vXZN787Fha4AvaXpcva2QZ+PkK311RLy/1eZ+APcxtxQu115iLprVzIbcChrUzvX 5VOCrh5vbGT4wj/q4G3GWcoFr03eoaVyrMUFAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUy9AMhAwBfjBMBhTgmtgx6d7UUVIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveTlBTWhBd0JmakJNQmhUZ210Z3g2 ZDdVVVZJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LzgDAN BgkqhkiG9w0BAQsFAAOCAQEAJJV9RPm7DPV7HX40iJ0PSiEhBHV1bkG+WgZ4rV+c NGALSM3y/s2pAbXwbCTvQ1PLlhVSVaBxmJPdwJInSXHAHg40x+dRmkSXoOmovBs7 mrl38fu1v/M3MhZpQ8hRtd5zInfWzFv32wBf4siXDgQE6CB4Q5BF9pAXbevJE2Mx aHSOIxZiAxxhwZdsRmFYRAPgQoA38a17Cw3qQj8wL2BmvOWTqoB5RPpeGc/0JCTa gQB086cxCOy/k4BR20Xl0RWlPbqBXXHKbyGqrRVKqdHbIwan78ZsMc+f3rrAxZqX S23cOReALnFxi5ZpecwwcfTY6ZChvjCOj9a7/W8gHNtg9A== -----END CERTIFICATE-----Generated at Mon Apr 7 08:00:25 2025 by rpki-client