$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/W_J2sxTVXyBLDd6WXaWY9NA20ag.roa File: W_J2sxTVXyBLDd6WXaWY9NA20ag.roa (raw, json) Hash identifier: XCgZ5HtTo+PbAFOg9yR+TMcHNaLm/CR4sRMKO4Ar+Js= Subject key identifier: 5B:F2:76:B3:14:D5:5F:20:4B:0D:DE:96:5D:A5:98:F4:D0:36:D1:A8 Certificate issuer: /CN=3730D9A195AB710286722CE5CCA467CFBA5BD494 Certificate serial: 012C Authority key identifier: 37:30:D9:A1:95:AB:71:02:86:72:2C:E5:CC:A4:67:CF:BA:5B:D4:94 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/W_J2sxTVXyBLDd6WXaWY9NA20ag.roa Signing time: Mon 10 Feb 2025 14:05:11 +0000 ROA not before: Mon 10 Feb 2025 14:05:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 31972 IP address blocks: 64.78.160.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 12:06:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 300 (0x12c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3730D9A195AB710286722CE5CCA467CFBA5BD494 Validity Not Before: Feb 10 14:05:11 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5BF276B314D55F204B0DDE965DA598F4D036D1A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:37:5e:b0:91:ed:a8:c1:a8:33:93:c0:12:6e: 19:cd:2a:57:1a:50:ba:4d:94:28:a0:86:35:bc:11: 08:7a:3c:99:3f:79:9d:88:eb:85:6b:e6:55:d5:cd: c5:b6:a3:fe:93:38:9d:64:d3:41:90:3b:79:3a:75: d3:5e:50:8c:8c:a5:9d:66:36:81:dc:0f:b5:e7:01: 31:a2:46:c7:c3:29:b0:2e:e4:e5:0f:7e:f5:14:99: ec:d7:0b:be:2d:f4:19:8c:45:70:26:85:4f:56:53: c3:23:31:c5:7f:53:c5:dd:a0:93:25:79:1c:eb:51: 67:dd:13:ed:cd:fe:10:f7:b2:55:b0:d7:54:c5:25: d2:d6:31:d3:26:45:9f:06:2c:7a:4f:d8:37:a7:91: 04:76:f8:b7:59:bb:de:a2:ec:49:e9:42:b5:04:dc: f0:51:76:32:a5:2a:a1:63:24:3f:37:14:3a:b7:3f: 58:9d:1d:b5:11:5e:82:d6:c9:bc:71:5f:4a:72:d7: fc:cd:6e:5d:18:40:a6:e0:72:de:1d:a3:a4:e2:5b: ec:34:80:f2:19:18:5c:8a:ea:a2:93:ba:c3:30:1a: 03:0c:11:76:e1:9f:09:cf:90:62:95:46:51:51:06: 31:b3:6f:2a:93:88:a2:42:03:3b:db:fc:05:8f:65: ff:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:F2:76:B3:14:D5:5F:20:4B:0D:DE:96:5D:A5:98:F4:D0:36:D1:A8 X509v3 Authority Key Identifier: keyid:37:30:D9:A1:95:AB:71:02:86:72:2C:E5:CC:A4:67:CF:BA:5B:D4:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/NzDZoZWrcQKGcizlzKRnz7pb1JQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NzDZoZWrcQKGcizlzKRnz7pb1JQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/W_J2sxTVXyBLDd6WXaWY9NA20ag.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 64.78.160.0/20 Signature Algorithm: sha256WithRSAEncryption 8f:31:7e:23:84:db:56:54:23:72:18:f3:30:17:1f:bd:c5:0f: f2:a3:9d:74:bf:28:d3:6f:74:62:e8:8f:28:eb:f6:f9:e3:b8: 51:26:46:44:93:7e:72:b6:38:ee:ce:dc:eb:d5:b6:b1:2d:16: 25:6d:22:2a:a6:0b:74:4f:bf:79:ab:05:bc:a5:71:df:d9:f1: 76:46:c4:b2:a9:7e:d8:1b:d4:1c:28:4e:c9:e6:49:d1:44:b6: ee:05:da:68:80:fc:fd:f4:50:fa:87:41:0f:59:e2:5b:65:b0: 58:58:cf:df:46:ca:5a:c1:ee:bf:20:0e:c3:80:80:80:3e:c5: 92:3c:73:4e:ab:33:8a:f4:d0:18:fd:36:a0:ba:30:71:07:b4: 3a:0a:dc:8e:91:12:ba:85:cd:64:c2:84:3f:0a:61:85:61:4b: 80:d9:ac:10:30:85:d5:23:f3:d5:46:a2:a6:c8:c8:10:a3:0e: e8:98:91:96:ee:a4:1c:67:5f:9e:b8:c9:e5:5a:32:fb:19:c5: 61:5a:d4:b6:27:9b:0d:ca:a7:1a:17:dc:6f:37:f9:a3:7a:be: 03:19:fd:85:b9:54:ad:87:9d:68:1b:6b:9a:09:36:31:55:21: e4:66:d6:d8:81:9f:da:b9:a4:a7:0d:2c:bf:23:23:de:75:b1: d7:e7:0d:52 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICASwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzcz MEQ5QTE5NUFCNzEwMjg2NzIyQ0U1Q0NBNDY3Q0ZCQTVCRDQ5NDAeFw0yNTAyMTAx NDA1MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVCRjI3NkIzMTRENTVG MjA0QjBEREU5NjVEQTU5OEY0RDAzNkQxQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqN16wke2owagzk8ASbhnNKlcaULpNlCighjW8EQh6PJk/eZ2I 64Vr5lXVzcW2o/6TOJ1k00GQO3k6ddNeUIyMpZ1mNoHcD7XnATGiRsfDKbAu5OUP fvUUmezXC74t9BmMRXAmhU9WU8MjMcV/U8XdoJMleRzrUWfdE+3N/hD3slWw11TF JdLWMdMmRZ8GLHpP2DenkQR2+LdZu96i7EnpQrUE3PBRdjKlKqFjJD83FDq3P1id HbURXoLWybxxX0py1/zNbl0YQKbgct4do6TiW+w0gPIZGFyK6qKTusMwGgMMEXbh nwnPkGKVRlFRBjGzbyqTiKJCAzvb/AWPZf/hAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUW/J2sxTVXyBLDd6WXaWY9NA20agwHwYDVR0jBBgwFoAUNzDZoZWrcQKGcizl zKRnz7pb1JQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVT Q09NL056RFpvWldyY1FLR2Npemx6S1JuejdwYjFKUS5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvTnpEWm9aV3JjUUtHY2l6bHpLUm56N3BiMUpRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVTQ09NL1dfSjJzeFRWWHlC TERkNldYYVdZOU5BMjBhZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBARATqAwDQYJKoZIhvcNAQELBQADggEBAI8xfiOE21ZUI3IY8zAXH73FD/Kj nXS/KNNvdGLojyjr9vnjuFEmRkSTfnK2OO7O3OvVtrEtFiVtIiqmC3RPv3mrBbyl cd/Z8XZGxLKpftgb1BwoTsnmSdFEtu4F2miA/P30UPqHQQ9Z4ltlsFhYz99GylrB 7r8gDsOAgIA+xZI8c06rM4r00Bj9NqC6MHEHtDoK3I6RErqFzWTChD8KYYVhS4DZ rBAwhdUj89VGoqbIyBCjDuiYkZbupBxnX564yeVaMvsZxWFa1LYnmw3KpxoX3G83 +aN6vgMZ/YW5VK2HnWgba5oJNjFVIeRm1tiBn9q5pKcNLL8jI951sdfnDVI= -----END CERTIFICATE-----Generated at Sat Apr 5 09:34:53 2025 by rpki-client