$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/XZ413-HJiO40J8IglzK9-7GzWlo.roa File: XZ413-HJiO40J8IglzK9-7GzWlo.roa (raw, json) Hash identifier: KrejUydvX0+fN78d0/dTmAfirngI+VZx+sgUNvlkRC0= Subject key identifier: 5D:9E:35:DF:E1:C9:88:EE:34:27:C2:20:97:32:BD:FB:B1:B3:5A:5A Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 1326 Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/XZ413-HJiO40J8IglzK9-7GzWlo.roa Signing time: Mon 10 Feb 2025 14:09:10 +0000 ROA not before: Mon 10 Feb 2025 14:09:10 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9924 IP address blocks: 2001:4540::/27 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 02:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4902 (0x1326) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Feb 10 14:09:10 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5D9E35DFE1C988EE3427C2209732BDFBB1B35A5A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:bc:9e:3a:84:3a:39:46:e6:36:bb:9b:b6:0b: 47:ab:1f:4f:f5:7d:7a:9f:61:1f:1d:e2:09:d6:9f: 27:22:69:cf:97:f5:5d:85:29:5b:a9:60:96:95:1f: 4e:26:d7:1f:66:8a:d1:d8:dc:75:c8:03:b9:ae:77: 4f:80:32:45:17:62:06:8b:e1:02:07:21:c6:57:f8: f6:d2:35:9a:33:d0:fe:f5:7f:bd:a2:31:9e:9b:08: 86:ad:c0:ad:11:07:1a:68:6d:02:20:d1:e9:32:e9: e7:1d:31:c8:d8:91:06:2d:e3:77:57:9c:ea:20:67: 94:c0:2d:4d:56:5b:95:00:0d:45:ce:f5:97:80:b2: 1b:ce:f2:c7:86:aa:23:63:ae:ce:26:24:0e:d9:5e: ca:d7:2d:b1:eb:81:a9:c8:b2:7f:95:6e:f4:84:61: 07:6c:af:6d:2b:78:4a:c6:03:63:b4:04:55:5b:7f: fb:3f:ff:76:c0:f7:ed:44:1d:5e:5c:ae:b1:7f:4e: 92:b6:83:40:78:b9:c9:2d:9a:e3:6b:04:cf:ed:d6: 0a:ec:20:9a:f6:b1:3b:4a:49:a6:c6:a8:3f:99:c9: 5f:0a:8e:e0:97:76:95:87:0d:e2:2e:10:5f:fd:9e: d5:4f:fb:4d:3a:19:8e:06:0b:a0:25:c1:b4:73:1e: 6f:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:9E:35:DF:E1:C9:88:EE:34:27:C2:20:97:32:BD:FB:B1:B3:5A:5A X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/XZ413-HJiO40J8IglzK9-7GzWlo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:4540::/27 Signature Algorithm: sha256WithRSAEncryption 61:26:85:6e:45:f4:bc:4d:95:ef:18:22:44:dd:59:3f:45:5c: 99:b0:d8:e2:cc:38:c8:57:e7:7e:5c:65:f0:4e:76:34:0b:54: c8:e1:6c:73:f1:fb:94:b1:78:f2:b0:44:e9:c2:22:55:09:f4: 66:2e:a8:03:07:cb:d0:95:06:23:0a:70:cf:13:7c:f7:76:28: df:e3:f5:a8:dc:84:e2:73:92:6a:99:d1:85:f8:d9:1b:72:3b: 7c:ca:bc:f7:ef:26:b1:ef:7b:f0:cf:4e:a2:79:4c:3f:14:6d: ac:ea:99:69:62:5b:df:bb:18:d1:85:83:d8:21:e4:ff:1a:57: 03:b8:32:32:16:9b:f1:f1:41:63:ea:21:e4:7f:08:ca:e4:0a: 5f:b5:24:30:c2:1f:27:d7:e4:ca:9c:f9:ce:c0:41:b4:20:4b: 52:e0:0c:ce:f3:e3:a8:c8:6a:cf:19:3a:da:74:8e:c2:82:1a: 45:a9:da:95:86:5f:ec:b1:38:12:73:44:72:f2:fe:7e:5c:54: e8:a0:0f:72:3d:ed:80:9d:9d:1b:de:be:5f:15:e5:43:bd:f1: 8a:f1:b6:c4:8b:93:f3:4f:d9:00:62:88:6a:ce:07:8d:1a:d9: b7:50:0f:cf:4c:31:4a:84:42:0e:f3:33:c5:9a:63:ae:14:bb: 82:7d:1e:a0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx NDA5MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVEOUUzNURGRTFDOTg4 RUUzNDI3QzIyMDk3MzJCREZCQjFCMzVBNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfvJ46hDo5RuY2u5u2C0erH0/1fXqfYR8d4gnWnyciac+X9V2F KVupYJaVH04m1x9mitHY3HXIA7mud0+AMkUXYgaL4QIHIcZX+PbSNZoz0P71f72i MZ6bCIatwK0RBxpobQIg0eky6ecdMcjYkQYt43dXnOogZ5TALU1WW5UADUXO9ZeA shvO8seGqiNjrs4mJA7ZXsrXLbHrganIsn+VbvSEYQdsr20reErGA2O0BFVbf/s/ /3bA9+1EHV5crrF/TpK2g0B4ucktmuNrBM/t1grsIJr2sTtKSabGqD+ZyV8KjuCX dpWHDeIuEF/9ntVP+006GY4GC6AlwbRzHm8XAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXZ413+HJiO40J8IglzK9+7GzWlowHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvWFo0MTMtSEppTzQwSjhJ Z2x6SzktN0d6V2xvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF BSABRUAwDQYJKoZIhvcNAQELBQADggEBAGEmhW5F9LxNle8YIkTdWT9FXJmw2OLM OMhX535cZfBOdjQLVMjhbHPx+5SxePKwROnCIlUJ9GYuqAMHy9CVBiMKcM8TfPd2 KN/j9ajchOJzkmqZ0YX42RtyO3zKvPfvJrHve/DPTqJ5TD8UbazqmWliW9+7GNGF g9gh5P8aVwO4MjIWm/HxQWPqIeR/CMrkCl+1JDDCHyfX5Mqc+c7AQbQgS1LgDM7z 46jIas8ZOtp0jsKCGkWp2pWGX+yxOBJzRHLy/n5cVOigD3I97YCdnRvevl8V5UO9 8YrxtsSLk/NP2QBiiGrOB40a2bdQD89MMUqEQg7zM8WaY64Uu4J9HqA= -----END CERTIFICATE-----Generated at Mon Apr 7 01:55:33 2025 by rpki-client