$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAELW/p3N5Ghgzf-DT-hecBbNcXZ-TmnQ.roa File: p3N5Ghgzf-DT-hecBbNcXZ-TmnQ.roa (raw, json) Hash identifier: Zn8Ujm7IAAM1HS6xnfKm69dBkYRCG07vcUNy+amrapM= Subject key identifier: A7:73:79:1A:18:33:7F:E0:D3:FA:17:9C:05:B3:5C:5D:9F:93:9A:74 Certificate issuer: /CN=43EBD39FB518B55DA00742AEEC7B0DA6AABA61F7 Certificate serial: AA Authority key identifier: 43:EB:D3:9F:B5:18:B5:5D:A0:07:42:AE:EC:7B:0D:A6:AA:BA:61:F7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/p3N5Ghgzf-DT-hecBbNcXZ-TmnQ.roa Signing time: Mon 10 Feb 2025 14:19:51 +0000 ROA not before: Mon 10 Feb 2025 14:19:51 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 152610 IP address blocks: 160.19.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 01:08:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 170 (0xaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43EBD39FB518B55DA00742AEEC7B0DA6AABA61F7 Validity Not Before: Feb 10 14:19:51 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A773791A18337FE0D3FA179C05B35C5D9F939A74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:9f:0c:fb:ae:1a:66:9b:6d:d5:7d:b2:56:33: c4:3c:9c:e6:8a:5a:f9:3d:3a:2d:75:da:67:f0:df: b4:d7:f5:57:07:23:7d:aa:99:2a:c4:ea:d8:86:09: b5:fd:06:a3:2d:98:35:c4:8d:9c:58:4b:06:63:8a: 49:df:7a:9c:0d:79:60:69:54:cc:30:99:c8:e6:d9: 8c:b7:17:0f:4b:6a:90:9e:e1:41:3e:e5:4f:52:fa: 5f:1e:2c:66:23:9f:c7:59:18:24:a3:8e:47:76:d5: 08:6b:9c:92:a2:81:9f:0f:5f:b3:43:5b:c7:2f:61: 1d:73:d2:eb:c5:41:b0:22:90:49:b2:09:c5:de:3d: 80:ae:6b:01:9d:ab:6a:48:70:aa:4d:3d:36:a5:66: bf:2f:6a:d6:9b:6c:ec:00:4d:0a:47:a0:91:fd:11: 95:5c:c7:c5:56:7d:17:0b:9d:70:f1:0f:98:d3:8a: 83:49:b8:b2:2e:bf:fd:8b:9d:73:16:22:1c:a6:6b: f7:a3:6d:0e:c4:e7:73:16:51:c0:50:67:71:37:09: 9e:f8:78:1e:82:3e:04:df:a6:eb:aa:31:3b:5e:65: a4:f6:62:fe:d4:9e:68:a0:a9:04:cd:aa:f9:ac:c7: c8:6f:f4:30:69:df:0d:30:2c:db:1c:90:a5:bc:68: e7:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:73:79:1A:18:33:7F:E0:D3:FA:17:9C:05:B3:5C:5D:9F:93:9A:74 X509v3 Authority Key Identifier: keyid:43:EB:D3:9F:B5:18:B5:5D:A0:07:42:AE:EC:7B:0D:A6:AA:BA:61:F7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Q-vTn7UYtV2gB0Ku7HsNpqq6Yfc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/p3N5Ghgzf-DT-hecBbNcXZ-TmnQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.19.91.0/24 Signature Algorithm: sha256WithRSAEncryption 38:f0:97:cd:fc:a7:cd:3f:8f:4b:9a:15:f3:82:56:a6:b0:0d: 51:7f:b2:85:a0:30:66:ca:9c:57:88:af:04:19:4a:18:ee:a6: b8:66:56:9d:04:65:c8:1a:50:e0:47:7a:0e:7d:e0:f1:2c:ed: 9f:5c:a1:de:54:01:d5:03:be:eb:64:cd:c4:f1:6d:68:71:e9: 79:b7:0e:fe:53:95:e9:91:2e:b2:f8:f0:84:0c:d5:5d:0c:c9: 71:88:4d:d2:08:d6:a4:16:8d:b4:db:6a:f4:91:fb:c6:ef:51: 67:5f:11:6e:04:e3:54:89:da:9a:ba:2b:12:b7:d4:19:9c:02: be:39:7e:7c:eb:d1:0d:24:76:58:d1:48:6b:83:ae:e5:97:87: 84:1c:fa:09:4b:f7:bb:24:b2:d3:dd:c8:e8:11:5c:5e:57:92: 5f:63:5b:e5:ae:d0:59:79:ae:9f:3c:6c:dc:06:40:89:23:5c: ea:b1:a5:1e:d1:9b:62:e8:9f:77:6d:5f:0c:80:71:8a:ed:8b: df:97:3a:9c:a9:44:09:29:15:1d:30:bb:8c:30:f7:3b:6c:3b: 13:da:71:66:31:31:92:c2:cc:77:09:38:30:5e:a1:2c:13:d9: 8f:a5:67:b7:6a:74:f3:aa:13:d7:d6:d8:7d:80:30:dd:ba:94: 2d:08:ba:ed -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDNF QkQzOUZCNTE4QjU1REEwMDc0MkFFRUM3QjBEQTZBQUJBNjFGNzAeFw0yNTAyMTAx NDE5NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE3NzM3OTFBMTgzMzdG RTBEM0ZBMTc5QzA1QjM1QzVEOUY5MzlBNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5nwz7rhpmm23VfbJWM8Q8nOaKWvk9Oi112mfw37TX9VcHI32q mSrE6tiGCbX9BqMtmDXEjZxYSwZjiknfepwNeWBpVMwwmcjm2Yy3Fw9LapCe4UE+ 5U9S+l8eLGYjn8dZGCSjjkd21QhrnJKigZ8PX7NDW8cvYR1z0uvFQbAikEmyCcXe PYCuawGdq2pIcKpNPTalZr8vatabbOwATQpHoJH9EZVcx8VWfRcLnXDxD5jTioNJ uLIuv/2LnXMWIhyma/ejbQ7E53MWUcBQZ3E3CZ74eB6CPgTfpuuqMTteZaT2Yv7U nmigqQTNqvmsx8hv9DBp3w0wLNsckKW8aOfxAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUp3N5Ghgzf+DT+hecBbNcXZ+TmnQwHwYDVR0jBBgwFoAUQ+vTn7UYtV2gB0Ku 7HsNpqq6YfcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FFTFcv US12VG43VVl0VjJnQjBLdTdIc05wcXE2WWZjLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9RLXZUbjdVWXRWMmdCMEt1N0hzTnBxcTZZZmMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQUVMVy9wM041R2hnemYtRFQtaGVjQmJO Y1haLVRtblEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBNb MA0GCSqGSIb3DQEBCwUAA4IBAQA48JfN/KfNP49LmhXzglamsA1Rf7KFoDBmypxX iK8EGUoY7qa4ZladBGXIGlDgR3oOfeDxLO2fXKHeVAHVA77rZM3E8W1ocel5tw7+ U5XpkS6y+PCEDNVdDMlxiE3SCNakFo2022r0kfvG71FnXxFuBONUidqauisSt9QZ nAK+OX5869ENJHZY0Uhrg67ll4eEHPoJS/e7JLLT3cjoEVxeV5JfY1vlrtBZea6f PGzcBkCJI1zqsaUe0Zti6J93bV8MgHGK7YvflzqcqUQJKRUdMLuMMPc7bDsT2nFm MTGSwsx3CTgwXqEsE9mPpWe3anTzqhPX1th9gDDdupQtCLrt -----END CERTIFICATE-----Generated at Mon Apr 14 22:42:17 2025 by rpki-client