$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/DP6aLhFsN-ahu5EgQ6FTL_VmZyU.roa File: DP6aLhFsN-ahu5EgQ6FTL_VmZyU.roa (raw, json) Hash identifier: A56yPDSZ3yTuuQmYOjHfnhVxrzXTf6CagobgBGVYMko= Subject key identifier: 0C:FE:9A:2E:11:6C:37:E6:A1:BB:91:20:43:A1:53:2F:F5:66:67:25 Certificate issuer: /CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Certificate serial: 0C8A Authority key identifier: 99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/DP6aLhFsN-ahu5EgQ6FTL_VmZyU.roa Signing time: Mon 10 Feb 2025 14:06:19 +0000 ROA not before: Mon 10 Feb 2025 14:06:19 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18464 IP address blocks: 103.122.20.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3210 (0xc8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Validity Not Before: Feb 10 14:06:19 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0CFE9A2E116C37E6A1BB912043A1532FF5666725 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:70:5f:f6:c1:5e:03:37:18:a3:99:af:df:73: 4e:f3:81:2d:99:fa:35:0b:68:8b:94:6e:4e:fc:cc: 87:93:f9:42:97:11:7c:d8:56:79:01:d8:2f:4c:20: e9:1b:ca:47:4e:6c:45:cc:69:24:40:8a:b2:23:d3: 2e:f8:8d:9b:b8:25:85:9e:e0:bf:9e:af:82:a0:ab: f2:f3:13:5b:07:fe:f1:cb:7c:d5:e7:54:eb:0d:8f: 72:d1:e1:a6:e8:2b:aa:3c:8a:ec:27:1b:b2:54:24: e4:86:91:cd:2d:a2:3c:b4:1e:30:ce:99:b7:64:d2: 5e:4c:d6:72:23:43:31:f9:35:1d:1e:05:13:14:62: ec:a0:78:2f:53:66:23:46:4c:dd:93:6a:4e:f9:bc: 03:b7:07:a8:f2:d2:c2:3f:34:bf:ce:8e:51:ff:9e: 2a:d2:50:4e:73:87:d8:f0:f9:75:e5:e5:3e:43:79: 67:0a:5e:43:7a:75:8a:d3:97:6e:a4:7e:45:b7:4b: 04:25:dc:3d:74:e1:64:f6:77:5a:6a:48:0e:e6:e0: b1:cc:8d:d2:06:ba:91:cf:ef:1d:ad:c4:ad:0a:26: 6e:84:a5:75:bd:1c:64:b3:6a:b9:32:28:34:25:78: e9:5a:a2:26:48:b9:b5:a6:d1:f7:69:ba:a8:e0:71: 0b:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:FE:9A:2E:11:6C:37:E6:A1:BB:91:20:43:A1:53:2F:F5:66:67:25 X509v3 Authority Key Identifier: keyid:99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/DP6aLhFsN-ahu5EgQ6FTL_VmZyU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.20.0/22 Signature Algorithm: sha256WithRSAEncryption c2:ae:dd:91:5b:a9:2c:6a:5e:5c:eb:28:5a:14:4c:88:88:19: 8c:07:d6:60:35:43:b8:e8:b2:7f:21:98:fd:0d:7e:3a:35:fc: ea:92:f0:5c:12:e1:f4:d7:07:13:b3:25:46:e6:18:c4:f8:da: 3f:8a:73:19:74:a8:23:2f:91:13:69:7a:d0:c0:75:15:01:ac: 31:58:3d:57:34:e4:46:4c:56:9a:50:63:c8:0c:51:3e:37:83: 19:54:1a:9d:b5:90:6c:8d:84:24:d1:d1:30:72:17:6e:e3:d5: 0f:ac:a2:4e:b4:30:c9:c9:2d:1a:e1:ee:04:42:1b:63:90:a1: a0:61:1e:9f:15:e6:04:bb:f9:ef:45:1e:c1:61:b0:b0:40:6c: 8c:98:92:e6:e6:d5:2c:82:a8:3d:ab:cb:8d:61:13:d7:33:0e: de:1f:ca:16:e4:4f:ed:d2:03:0f:88:de:38:42:56:de:c5:b9: a9:c8:ce:a4:31:96:3f:ee:63:91:e1:a2:e8:0b:21:51:e6:c1: 03:aa:69:a3:09:4b:18:9c:47:ab:5a:a4:5f:79:99:f4:d4:f1: b5:d1:13:ad:e9:2a:ab:4c:1e:13:b3:89:d1:4d:90:d5:58:fc: aa:36:4a:b4:67:e7:0d:7b:8b:48:9a:f9:72:b3:2f:f8:da:51: 39:a3:c6:38 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTkz RjcyODBGMUY5QjY1NDM5REQ2NUFERkI2OENBMEQ2Qzk5QkVDNTAeFw0yNTAyMTAx NDA2MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBDRkU5QTJFMTE2QzM3 RTZBMUJCOTEyMDQzQTE1MzJGRjU2NjY3MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxcF/2wV4DNxijma/fc07zgS2Z+jULaIuUbk78zIeT+UKXEXzY VnkB2C9MIOkbykdObEXMaSRAirIj0y74jZu4JYWe4L+er4Kgq/LzE1sH/vHLfNXn VOsNj3LR4aboK6o8iuwnG7JUJOSGkc0tojy0HjDOmbdk0l5M1nIjQzH5NR0eBRMU YuygeC9TZiNGTN2Tak75vAO3B6jy0sI/NL/OjlH/nirSUE5zh9jw+XXl5T5DeWcK XkN6dYrTl26kfkW3SwQl3D104WT2d1pqSA7m4LHMjdIGupHP7x2txK0KJm6EpXW9 HGSzarkyKDQleOlaoiZIubWm0fdpuqjgcQt1AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUDP6aLhFsN+ahu5EgQ6FTL/VmZyUwHwYDVR0jBBgwFoAUmT9ygPH5tlQ53WWt +2jKDWyZvsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FLVVJB SE9TVC9tVDl5Z1BINXRsUTUzV1d0LTJqS0RXeVp2c1UuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL21UOXlnUEg1dGxRNTNXV3QtMmpLRFd5WnZzVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBS1VSQUhPU1QvRFA2YUxoRnNO LWFodTVFZ1E2RlRMX1ZtWnlVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAmd6FDANBgkqhkiG9w0BAQsFAAOCAQEAwq7dkVupLGpeXOsoWhRMiIgZ jAfWYDVDuOiyfyGY/Q1+OjX86pLwXBLh9NcHE7MlRuYYxPjaP4pzGXSoIy+RE2l6 0MB1FQGsMVg9VzTkRkxWmlBjyAxRPjeDGVQanbWQbI2EJNHRMHIXbuPVD6yiTrQw ycktGuHuBEIbY5ChoGEenxXmBLv570UewWGwsEBsjJiS5ubVLIKoPavLjWET1zMO 3h/KFuRP7dIDD4jeOEJW3sW5qcjOpDGWP+5jkeGi6AshUebBA6ppowlLGJxHq1qk X3mZ9NTxtdETrekqq0weE7OJ0U2Q1Vj8qjZKtGfnDXuLSJr5crMv+NpROaPGOA== -----END CERTIFICATE-----Generated at Wed Feb 19 22:07:16 2025 by rpki-client