$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NORDATW/NXmCSBxMG5k0oNgtuj3mKPaTP08.roa File: NXmCSBxMG5k0oNgtuj3mKPaTP08.roa (raw, json) Hash identifier: vGaAFBszi6LTDW8XvxDTt0KMpL95OLFCgT8pR66oT8E= Subject key identifier: 35:79:82:48:1C:4C:1B:99:34:A0:D8:2D:BA:3D:E6:28:F6:93:3F:4F Certificate issuer: /CN=159D5F897276F0DEC857E7E2DEDD649876E8A482 Certificate serial: 0E38 Authority key identifier: 15:9D:5F:89:72:76:F0:DE:C8:57:E7:E2:DE:DD:64:98:76:E8:A4:82 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/NXmCSBxMG5k0oNgtuj3mKPaTP08.roa Signing time: Mon 10 Feb 2025 13:56:03 +0000 ROA not before: Mon 10 Feb 2025 13:56:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 40065 IP address blocks: 103.138.194.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3640 (0xe38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=159D5F897276F0DEC857E7E2DEDD649876E8A482 Validity Not Before: Feb 10 13:56:03 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=357982481C4C1B9934A0D82DBA3DE628F6933F4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:d0:86:1e:b0:66:94:8a:37:1a:10:dc:3a:95: 6d:16:78:04:2e:7c:8b:b3:8b:77:62:2f:d1:83:5b: 5d:ac:fc:c8:a6:0f:72:f5:30:10:72:52:db:4f:7f: ca:ff:e5:fb:2f:e4:5f:f5:d8:c5:d9:66:d4:96:30: d2:6e:a9:53:5b:a2:08:15:88:a5:2c:10:71:a7:54: 60:50:61:67:27:24:3a:75:ad:04:07:0f:54:86:e3: 61:e5:5e:ed:f1:88:ce:5a:2c:a6:b6:0a:51:e1:66: 52:f4:ca:64:0b:a9:cd:2c:8c:d0:47:fe:02:b4:8d: a9:9d:7d:c9:e6:64:70:17:10:a9:00:db:5e:32:30: de:b4:39:b1:38:d8:80:ca:8b:c1:cb:a0:c7:13:00: 1d:b7:ee:4f:9c:e1:8c:94:de:6a:75:01:e2:3f:25: 4b:e4:80:6e:b0:82:f8:89:28:14:7f:24:00:fb:c5: 58:27:b1:c3:b1:4f:31:99:f0:dc:64:e1:90:bf:57: 2e:20:61:18:b7:f7:92:f8:39:3c:e6:27:50:8c:87: 9d:0d:30:f7:f3:8e:40:c9:5b:cd:76:00:4a:fc:59: 41:a9:1a:11:1f:9e:8f:21:bd:3c:89:8f:af:d8:8b: bf:f6:85:14:57:64:33:40:69:d6:20:c0:6f:25:21: 2e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:79:82:48:1C:4C:1B:99:34:A0:D8:2D:BA:3D:E6:28:F6:93:3F:4F X509v3 Authority Key Identifier: keyid:15:9D:5F:89:72:76:F0:DE:C8:57:E7:E2:DE:DD:64:98:76:E8:A4:82 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/FZ1fiXJ28N7IV-fi3t1kmHbopII.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FZ1fiXJ28N7IV-fi3t1kmHbopII.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NORDATW/NXmCSBxMG5k0oNgtuj3mKPaTP08.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.138.194.0/23 Signature Algorithm: sha256WithRSAEncryption 99:92:a3:00:e6:ca:03:6b:47:e3:45:51:08:c6:58:16:30:2b: 72:85:d5:55:8d:9e:6c:3c:ec:7a:42:d9:e3:f5:ed:e4:13:0c: a2:61:d4:89:74:5d:8a:9f:d9:2e:7b:5c:f6:99:e9:2f:55:e7: 45:79:b5:4a:a7:c2:fe:ae:fd:d5:a1:b9:42:ab:21:1f:8d:da: 17:a6:93:93:d0:27:6c:3d:43:2a:86:81:12:1c:8f:b9:0c:6f: 10:12:cd:a0:5b:52:5b:3f:b7:d4:bc:e0:54:d5:4a:8a:b8:9b: d4:57:72:75:a9:de:c4:29:1d:d7:95:b5:c1:bc:c9:0e:81:5a: b6:8e:a4:a2:4b:13:b1:2e:8a:ae:b2:eb:2a:8b:af:85:ab:86: d0:6e:79:67:89:6b:19:55:ab:e5:01:c3:c6:75:58:ea:cc:67: 04:6c:78:b2:18:fc:d7:24:b0:2c:79:0e:1c:8c:3d:bb:5f:5f: f2:28:8b:00:65:2c:af:48:35:9b:18:b9:da:c4:12:66:d6:1f: 1c:08:b1:9f:b3:37:61:d0:b5:e2:4d:17:3b:69:41:ea:c1:ba: 89:c0:cb:f7:0f:ee:84:31:b8:cf:53:bf:7d:68:e5:47:f9:50: 99:50:53:6a:a2:d7:ba:d1:7b:d4:34:98:68:58:7a:28:ef:2d: cf:c2:72:bf -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDjgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTU5 RDVGODk3Mjc2RjBERUM4NTdFN0UyREVERDY0OTg3NkU4QTQ4MjAeFw0yNTAyMTAx MzU2MDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM1Nzk4MjQ4MUM0QzFC OTkzNEEwRDgyREJBM0RFNjI4RjY5MzNGNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDt0IYesGaUijcaENw6lW0WeAQufIuzi3diL9GDW12s/MimD3L1 MBByUttPf8r/5fsv5F/12MXZZtSWMNJuqVNboggViKUsEHGnVGBQYWcnJDp1rQQH D1SG42HlXu3xiM5aLKa2ClHhZlL0ymQLqc0sjNBH/gK0jamdfcnmZHAXEKkA214y MN60ObE42IDKi8HLoMcTAB237k+c4YyU3mp1AeI/JUvkgG6wgviJKBR/JAD7xVgn scOxTzGZ8Nxk4ZC/Vy4gYRi395L4OTzmJ1CMh50NMPfzjkDJW812AEr8WUGpGhEf no8hvTyJj6/Yi7/2hRRXZDNAadYgwG8lIS51AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUNXmCSBxMG5k0oNgtuj3mKPaTP08wHwYDVR0jBBgwFoAUFZ1fiXJ28N7IV+fi 3t1kmHbopIIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTk9SREFU Vy9GWjFmaVhKMjhON0lWLWZpM3Qxa21IYm9wSUkuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0ZaMWZpWEoyOE43SVYtZmkzdDFrbUhib3BJSS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05PUkRBVFcvTlhtQ1NCeE1HNWswb05n dHVqM21LUGFUUDA4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AWeKwjANBgkqhkiG9w0BAQsFAAOCAQEAmZKjAObKA2tH40VRCMZYFjArcoXVVY2e bDzsekLZ4/Xt5BMMomHUiXRdip/ZLntc9pnpL1XnRXm1SqfC/q791aG5QqshH43a F6aTk9AnbD1DKoaBEhyPuQxvEBLNoFtSWz+31LzgVNVKirib1FdydanexCkd15W1 wbzJDoFato6koksTsS6KrrLrKouvhauG0G55Z4lrGVWr5QHDxnVY6sxnBGx4shj8 1ySwLHkOHIw9u19f8iiLAGUsr0g1mxi52sQSZtYfHAixn7M3YdC14k0XO2lB6sG6 icDL9w/uhDG4z1O/fWjlR/lQmVBTaqLXutF71DSYaFh6KO8tz8Jyvw== -----END CERTIFICATE-----Generated at Wed Feb 19 22:08:11 2025 by rpki-client