$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/Vp0tdbIyOL4-H32dFyUdVvYVjqk.roa File: Vp0tdbIyOL4-H32dFyUdVvYVjqk.roa (raw, json) Hash identifier: fkJN8J2uUWuCxVuI2sxY9yfcddz/Lpxc56wJetA5EnA= Subject key identifier: 56:9D:2D:75:B2:32:38:BE:3E:1F:7D:9D:17:25:1D:56:F6:15:8E:A9 Certificate issuer: /CN=1D4D78F56750C7598953366D459A12B658B7FF38 Certificate serial: 034E Authority key identifier: 1D:4D:78:F5:67:50:C7:59:89:53:36:6D:45:9A:12:B6:58:B7:FF:38 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HU149WdQx1mJUzZtRZoStli3_zg.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/Vp0tdbIyOL4-H32dFyUdVvYVjqk.roa Signing time: Mon 10 Feb 2025 14:26:02 +0000 ROA not before: Mon 10 Feb 2025 14:26:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18041 IP address blocks: 2406:bfc0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/HU149WdQx1mJUzZtRZoStli3_zg.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/HU149WdQx1mJUzZtRZoStli3_zg.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/HU149WdQx1mJUzZtRZoStli3_zg.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:56:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 846 (0x34e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1D4D78F56750C7598953366D459A12B658B7FF38 Validity Not Before: Feb 10 14:26:02 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=569D2D75B23238BE3E1F7D9D17251D56F6158EA9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:6c:51:16:f6:10:77:40:e8:b7:82:10:fa:c0: 20:46:0f:28:08:70:0b:78:5e:d2:18:aa:93:63:91: f6:32:6e:3e:9b:2d:99:fe:27:a1:db:ec:bd:a1:e4: 38:a4:c3:ea:89:b9:7a:4a:02:1f:0f:41:62:3c:75: 2a:eb:75:b0:81:05:d5:4c:fc:36:89:19:c6:55:6d: 27:e5:e9:86:2d:41:cf:73:91:89:3a:0d:8b:27:f3: 66:87:51:6e:4e:0f:b5:80:f8:fd:4d:6c:ba:79:31: 6d:a8:8c:12:bc:ec:01:7b:f8:53:50:76:64:57:e4: 08:7a:c7:e9:54:a3:35:8e:57:20:e2:06:7f:6f:cd: 8e:3a:da:aa:bb:f3:96:3e:86:42:bc:ad:e2:b0:88: 25:4f:42:7e:f4:8c:70:10:7b:8b:2f:ac:3d:75:75: 76:53:dc:de:ac:48:70:e8:ae:09:82:a3:30:37:11: ca:05:ec:99:e2:3e:73:43:ad:d3:b5:7b:50:65:18: f9:c5:50:3c:34:4a:8d:8a:e3:da:40:7c:59:46:07: d1:91:30:25:1d:fd:17:dd:9e:47:0d:b7:04:0a:ed: 65:9e:22:23:a9:57:ca:f7:23:e5:31:e6:48:62:40: 8a:10:4c:9a:03:f2:82:d3:e8:f9:e3:28:b7:86:56: 52:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:9D:2D:75:B2:32:38:BE:3E:1F:7D:9D:17:25:1D:56:F6:15:8E:A9 X509v3 Authority Key Identifier: keyid:1D:4D:78:F5:67:50:C7:59:89:53:36:6D:45:9A:12:B6:58:B7:FF:38 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/HU149WdQx1mJUzZtRZoStli3_zg.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HU149WdQx1mJUzZtRZoStli3_zg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/Vp0tdbIyOL4-H32dFyUdVvYVjqk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:bfc0::/32 Signature Algorithm: sha256WithRSAEncryption 21:68:9d:c7:e8:a8:ef:ff:c6:4c:49:69:38:5c:06:47:0d:c9: a1:7f:14:df:0d:fe:b2:cd:57:50:37:05:4d:67:03:25:c2:63: 56:05:8f:d0:9d:7a:47:93:6f:c2:77:66:87:50:df:45:53:d7: b2:38:6f:b9:2a:04:55:be:59:00:ca:df:3b:ae:be:32:24:25: 80:c3:0b:5e:01:12:97:04:92:4e:eb:51:4b:75:8f:d2:d5:c3: c1:6c:e4:d8:0a:30:c1:87:96:43:bc:2c:f7:ae:dc:fd:e5:81: 0e:2d:bf:ee:d4:20:25:f2:d9:7a:04:59:4f:04:d0:76:5d:b7: 14:ce:14:6b:d4:e0:85:fe:6c:63:94:59:16:9c:2c:6c:63:d5: 50:c1:87:6d:9e:cf:33:55:c7:dd:60:74:1b:2c:f0:6f:5e:bb: 76:5f:f6:c8:b9:5e:a2:90:a1:64:ef:99:06:ec:c8:3b:27:c4: 84:e5:89:5d:71:0f:cc:ed:e8:48:5e:46:c0:b8:00:c3:92:cd: c1:c4:e7:8b:b6:63:67:20:26:df:9e:54:f6:78:e7:94:4b:8f: eb:89:a7:82:3f:87:4c:0b:27:37:4b:fb:92:12:22:64:e6:06: 92:92:96:80:3d:ef:80:f8:61:dd:ef:88:62:b3:4b:b3:99:a2: 30:a1:f7:51 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICA04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUQ0 RDc4RjU2NzUwQzc1OTg5NTMzNjZENDU5QTEyQjY1OEI3RkYzODAeFw0yNTAyMTAx NDI2MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU2OUQyRDc1QjIzMjM4 QkUzRTFGN0Q5RDE3MjUxRDU2RjYxNThFQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCbFEW9hB3QOi3ghD6wCBGDygIcAt4XtIYqpNjkfYybj6bLZn+ J6Hb7L2h5Dikw+qJuXpKAh8PQWI8dSrrdbCBBdVM/DaJGcZVbSfl6YYtQc9zkYk6 DYsn82aHUW5OD7WA+P1NbLp5MW2ojBK87AF7+FNQdmRX5Ah6x+lUozWOVyDiBn9v zY462qq785Y+hkK8reKwiCVPQn70jHAQe4svrD11dXZT3N6sSHDorgmCozA3EcoF 7JniPnNDrdO1e1BlGPnFUDw0So2K49pAfFlGB9GRMCUd/RfdnkcNtwQK7WWeIiOp V8r3I+Ux5khiQIoQTJoD8oLT6PnjKLeGVlIbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUVp0tdbIyOL4+H32dFyUdVvYVjqkwHwYDVR0jBBgwFoAUHU149WdQx1mJUzZt RZoStli3/zgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkVCVUxB WC9IVTE0OVdkUXgxbUpVelp0UlpvU3RsaTNfemcuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0hVMTQ5V2RReDFtSlV6WnRSWm9TdGxpM196Zy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05FQlVMQVgvVnAwdGRiSXlPTDQtSDMy ZEZ5VWRWdllWanFrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF ACQGv8AwDQYJKoZIhvcNAQELBQADggEBACFoncfoqO//xkxJaThcBkcNyaF/FN8N /rLNV1A3BU1nAyXCY1YFj9CdekeTb8J3ZodQ30VT17I4b7kqBFW+WQDK3zuuvjIk JYDDC14BEpcEkk7rUUt1j9LVw8Fs5NgKMMGHlkO8LPeu3P3lgQ4tv+7UICXy2XoE WU8E0HZdtxTOFGvU4IX+bGOUWRacLGxj1VDBh22ezzNVx91gdBss8G9eu3Zf9si5 XqKQoWTvmQbsyDsnxITliV1xD8zt6EheRsC4AMOSzcHE54u2Y2cgJt+eVPZ455RL j+uJp4I/h0wLJzdL+5ISImTmBpKSloA974D4Yd3viGKzS7OZojCh91E= -----END CERTIFICATE-----Generated at Wed Feb 19 20:33:08 2025 by rpki-client