$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/NY5wzuJxuVmMFi_IwIxTNP4saek.roa File: NY5wzuJxuVmMFi_IwIxTNP4saek.roa (raw, json) Hash identifier: xQ4d6x7zo55ES5KNqL32EwVPPnbwgna7L+N3Lksa0zY= Subject key identifier: 35:8E:70:CE:E2:71:B9:59:8C:16:2F:C8:C0:8C:53:34:FE:2C:69:E9 Certificate issuer: /CN=F5A44B5E078865BAEF9351369D961D6BA2556D47 Certificate serial: 01D0 Authority key identifier: F5:A4:4B:5E:07:88:65:BA:EF:93:51:36:9D:96:1D:6B:A2:55:6D:47 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/9aRLXgeIZbrvk1E2nZYda6JVbUc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/NY5wzuJxuVmMFi_IwIxTNP4saek.roa Signing time: Mon 10 Feb 2025 14:26:24 +0000 ROA not before: Mon 10 Feb 2025 14:26:24 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 8075 IP address blocks: 103.131.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/9aRLXgeIZbrvk1E2nZYda6JVbUc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/9aRLXgeIZbrvk1E2nZYda6JVbUc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/9aRLXgeIZbrvk1E2nZYda6JVbUc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 19:06:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 464 (0x1d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F5A44B5E078865BAEF9351369D961D6BA2556D47 Validity Not Before: Feb 10 14:26:24 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=358E70CEE271B9598C162FC8C08C5334FE2C69E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c8:fb:ea:ab:a5:60:d7:fe:e4:48:21:6f:23: df:43:5c:ee:3d:8b:07:cf:82:c8:f7:df:9b:d9:3e: ba:77:ac:0c:ef:49:ad:58:88:bc:8f:75:41:25:90: ae:a1:83:d3:68:d2:3b:6e:2f:9c:7f:fb:e9:bc:51: 31:e0:54:3c:38:a1:2a:ec:f7:21:b5:88:92:69:dc: b5:3f:6e:f4:b7:57:1d:a4:26:f6:fe:f8:04:63:04: fe:1d:61:66:36:01:e1:a9:83:10:89:46:d1:74:d8: 00:a8:92:5e:d1:ef:f9:e0:06:6a:d1:50:7d:a0:2a: 5a:45:0b:4b:a4:3c:57:42:87:67:0c:3a:5e:e0:eb: 84:74:c9:fb:be:f8:03:7a:aa:f4:73:c4:03:c6:41: 50:2b:72:2a:99:32:03:47:8d:89:a0:b5:7f:0a:75: d1:45:14:e2:76:43:3d:27:8d:58:b3:b8:18:6d:94: a9:60:ef:d8:c7:81:b4:e0:d2:e5:63:ef:ad:9c:36: 9d:a6:03:c7:2f:85:8f:f8:53:af:0a:1d:f9:4f:7d: 94:93:93:fc:9e:a4:8b:b4:d8:ed:95:ee:2e:86:88: ba:2e:b9:8c:bf:54:73:aa:7c:bd:98:09:cf:04:e1: 54:50:c3:48:45:e6:a3:49:fc:b6:e1:5b:53:04:57: c0:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:8E:70:CE:E2:71:B9:59:8C:16:2F:C8:C0:8C:53:34:FE:2C:69:E9 X509v3 Authority Key Identifier: keyid:F5:A4:4B:5E:07:88:65:BA:EF:93:51:36:9D:96:1D:6B:A2:55:6D:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/9aRLXgeIZbrvk1E2nZYda6JVbUc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/9aRLXgeIZbrvk1E2nZYda6JVbUc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ONEDEGREE/NY5wzuJxuVmMFi_IwIxTNP4saek.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.131.149.0/24 Signature Algorithm: sha256WithRSAEncryption b4:c3:f7:f8:36:df:42:f4:d1:3a:c4:b1:0d:ba:9d:48:ac:c3: 88:9c:d8:d4:25:78:ee:f5:ba:97:1c:02:d1:f9:a5:e6:85:fa: c6:14:2d:a7:b3:26:19:52:46:a9:3e:85:68:75:aa:9a:61:1c: 43:7f:a4:ee:ae:bd:65:80:19:a5:4f:1a:f7:87:35:64:5f:47: f1:89:1a:49:90:20:89:0e:72:04:2c:1f:94:ca:dd:aa:b3:f1: 89:8f:2e:57:d6:c1:0b:a1:75:5d:a7:87:af:56:c2:40:86:55: 24:c3:b7:c6:31:54:91:72:49:fd:cf:fb:72:a8:00:6f:72:1b: dc:10:5c:a5:68:1f:c7:ef:e0:89:bc:75:c7:d0:5c:c8:7d:dd: 79:f4:1e:49:8b:3a:77:a7:8e:1f:15:94:f7:93:04:6e:76:e1: 45:aa:cd:ee:e6:6b:c4:9b:be:c7:1e:92:e3:7a:ea:4c:29:b3: 83:c6:25:10:b1:b9:63:b0:59:65:69:15:2c:b4:41:79:ca:04: c9:94:1b:e0:3f:8d:e8:72:39:42:72:7a:6e:fe:79:07:55:c6: 72:43:7c:44:99:c7:c0:48:88:6e:85:94:d9:5f:7c:7c:59:1f: 87:db:07:29:99:ab:76:25:b1:9e:f3:5d:4b:64:0f:b3:d0:4a: a7:ec:97:3e -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICAdAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjVB NDRCNUUwNzg4NjVCQUVGOTM1MTM2OUQ5NjFENkJBMjU1NkQ0NzAeFw0yNTAyMTAx NDI2MjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM1OEU3MENFRTI3MUI5 NTk4QzE2MkZDOEMwOEM1MzM0RkUyQzY5RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClyPvqq6Vg1/7kSCFvI99DXO49iwfPgsj335vZPrp3rAzvSa1Y iLyPdUElkK6hg9No0jtuL5x/++m8UTHgVDw4oSrs9yG1iJJp3LU/bvS3Vx2kJvb+ +ARjBP4dYWY2AeGpgxCJRtF02ACokl7R7/ngBmrRUH2gKlpFC0ukPFdCh2cMOl7g 64R0yfu++AN6qvRzxAPGQVArciqZMgNHjYmgtX8KddFFFOJ2Qz0njVizuBhtlKlg 79jHgbTg0uVj762cNp2mA8cvhY/4U68KHflPfZSTk/yepIu02O2V7i6GiLouuYy/ VHOqfL2YCc8E4VRQw0hF5qNJ/LbhW1MEV8BVAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUNY5wzuJxuVmMFi/IwIxTNP4saekwHwYDVR0jBBgwFoAU9aRLXgeIZbrvk1E2 nZYda6JVbUcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT05FREVH UkVFLzlhUkxYZ2VJWmJydmsxRTJuWllkYTZKVmJVYy5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvOWFSTFhnZUlaYnJ2azFFMm5aWWRhNkpWYlVjLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT05FREVHUkVFL05ZNXd6dUp4dVZt TUZpX0l3SXhUTlA0c2Flay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBABng5UwDQYJKoZIhvcNAQELBQADggEBALTD9/g230L00TrEsQ26nUisw4ic 2NQleO71upccAtH5peaF+sYULaezJhlSRqk+hWh1qpphHEN/pO6uvWWAGaVPGveH NWRfR/GJGkmQIIkOcgQsH5TK3aqz8YmPLlfWwQuhdV2nh69WwkCGVSTDt8YxVJFy Sf3P+3KoAG9yG9wQXKVoH8fv4Im8dcfQXMh93Xn0HkmLOnenjh8VlPeTBG524UWq ze7ma8SbvscekuN66kwps4PGJRCxuWOwWWVpFSy0QXnKBMmUG+A/jehyOUJyem7+ eQdVxnJDfESZx8BIiG6FlNlffHxZH4fbBymZq3YlsZ7zXUtkD7PQSqfslz4= -----END CERTIFICATE-----Generated at Fri Apr 4 16:58:05 2025 by rpki-client