$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mugGYqjjccFJOjLwPKnItjCbZIU.roa File: mugGYqjjccFJOjLwPKnItjCbZIU.roa (raw, json) Hash identifier: P2s5umbKQJpOKqsJyvd+QIRGKmtsp05/GrVCog5nHbg= Subject key identifier: 9A:E8:06:62:A8:E3:71:C1:49:3A:32:F0:3C:A9:C8:B6:30:9B:64:85 Certificate issuer: /CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Certificate serial: 0C88 Authority key identifier: 99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mugGYqjjccFJOjLwPKnItjCbZIU.roa Signing time: Mon 10 Feb 2025 14:06:18 +0000 ROA not before: Mon 10 Feb 2025 14:06:18 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18464 IP address blocks: 103.122.20.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3208 (0xc88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Validity Not Before: Feb 10 14:06:18 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9AE80662A8E371C1493A32F03CA9C8B6309B6485 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b6:d3:44:02:42:ea:be:d6:bf:da:39:3d:a8: 19:bb:a7:fd:be:65:94:a9:9c:43:8f:d7:1f:bc:d2: 71:ca:71:77:68:31:50:e7:6a:b1:45:43:f1:f8:21: 1d:be:0f:1a:57:7d:cb:9b:51:16:fd:06:b8:05:30: 54:b3:b3:12:22:28:4c:30:b6:c2:0f:d7:6c:f6:c0: 21:6f:4e:57:95:10:52:52:13:00:c7:d8:f4:80:53: b0:25:08:7b:de:3a:2e:b3:65:42:fc:57:8a:42:a8: b0:26:b9:a3:65:ae:13:40:7e:a9:82:5b:e2:fe:91: ff:73:36:6f:57:18:3e:32:7e:f3:90:e9:f6:6e:95: c4:ea:b0:be:cb:ab:4c:0e:a3:57:b3:30:18:4f:6d: 19:a6:6f:50:f0:92:fe:6a:3d:3e:75:d1:10:b3:5e: 13:a1:a7:19:27:d9:ee:a7:29:c5:04:4b:67:f7:ef: 9a:5e:22:83:c7:95:d5:a8:ce:dc:e7:11:8c:b1:0e: 7f:d5:6a:a1:7c:0b:c7:c5:09:cc:7c:13:60:0e:93: e2:65:a8:53:3e:cb:34:0a:0b:2a:f1:49:32:83:e7: a0:17:d3:4e:aa:44:b3:09:a2:28:d1:e8:d3:9a:08: 7c:fa:3f:4c:d8:b9:17:cc:88:4d:e4:6e:3c:77:dc: e1:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:E8:06:62:A8:E3:71:C1:49:3A:32:F0:3C:A9:C8:B6:30:9B:64:85 X509v3 Authority Key Identifier: keyid:99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mugGYqjjccFJOjLwPKnItjCbZIU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.20.0/23 Signature Algorithm: sha256WithRSAEncryption d9:c5:52:0b:1b:d1:e1:e4:8f:5a:f0:13:90:88:fd:55:d4:ab: a2:01:ac:04:1c:df:bc:3f:9d:9d:1d:32:3e:51:2b:1d:79:0f: fa:f9:48:3c:8b:a7:04:5d:21:4a:22:56:1f:47:8e:5f:d0:b5: de:f5:09:22:a1:9e:d7:bb:02:61:4f:51:e4:13:ed:31:89:fd: 65:d6:2e:55:c8:3a:a0:63:6a:e9:53:ac:f8:11:7a:fb:fb:23: 2b:7e:e8:02:dc:ff:ca:5d:7c:c6:b1:65:7c:bb:3a:31:1b:ca: fc:bc:63:ac:31:96:5e:d7:1a:93:18:35:37:6c:ea:71:b8:41: 40:1b:df:50:f0:91:1d:2e:2a:fc:48:30:2a:cb:bd:bf:f1:4d: 42:dd:19:7b:82:7f:76:e0:21:c4:b8:3f:9c:1c:a1:5d:d2:7a: 0b:d5:5d:d6:28:bd:bd:86:2b:c5:a5:ff:fd:35:3b:7e:14:e4: c8:5d:84:3e:f7:a6:3a:81:4d:91:d3:64:05:3f:db:ef:ec:30: f4:5b:ee:ad:4f:73:b2:37:fb:ef:8c:cb:47:d2:9b:ec:60:e2: 5d:77:f6:5a:19:77:4f:32:e7:18:9d:7c:7d:de:5e:56:3d:c0: c9:fe:de:2a:bb:95:b7:8c:20:34:98:2f:28:05:79:d9:9e:5c: f9:fb:b4:94 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTkz RjcyODBGMUY5QjY1NDM5REQ2NUFERkI2OENBMEQ2Qzk5QkVDNTAeFw0yNTAyMTAx NDA2MThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlBRTgwNjYyQThFMzcx QzE0OTNBMzJGMDNDQTlDOEI2MzA5QjY0ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBttNEAkLqvta/2jk9qBm7p/2+ZZSpnEOP1x+80nHKcXdoMVDn arFFQ/H4IR2+DxpXfcubURb9BrgFMFSzsxIiKEwwtsIP12z2wCFvTleVEFJSEwDH 2PSAU7AlCHveOi6zZUL8V4pCqLAmuaNlrhNAfqmCW+L+kf9zNm9XGD4yfvOQ6fZu lcTqsL7Lq0wOo1ezMBhPbRmmb1Dwkv5qPT510RCzXhOhpxkn2e6nKcUES2f375pe IoPHldWoztznEYyxDn/VaqF8C8fFCcx8E2AOk+JlqFM+yzQKCyrxSTKD56AX006q RLMJoijR6NOaCHz6P0zYuRfMiE3kbjx33OEVAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUmugGYqjjccFJOjLwPKnItjCbZIUwHwYDVR0jBBgwFoAUmT9ygPH5tlQ53WWt +2jKDWyZvsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FLVVJB SE9TVC9tVDl5Z1BINXRsUTUzV1d0LTJqS0RXeVp2c1UuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL21UOXlnUEg1dGxRNTNXV3QtMmpLRFd5WnZzVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBS1VSQUhPU1QvbXVnR1lxampj Y0ZKT2pMd1BLbkl0akNiWklVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAWd6FDANBgkqhkiG9w0BAQsFAAOCAQEA2cVSCxvR4eSPWvATkIj9VdSr ogGsBBzfvD+dnR0yPlErHXkP+vlIPIunBF0hSiJWH0eOX9C13vUJIqGe17sCYU9R 5BPtMYn9ZdYuVcg6oGNq6VOs+BF6+/sjK37oAtz/yl18xrFlfLs6MRvK/LxjrDGW Xtcakxg1N2zqcbhBQBvfUPCRHS4q/EgwKsu9v/FNQt0Ze4J/duAhxLg/nByhXdJ6 C9Vd1ii9vYYrxaX//TU7fhTkyF2EPvemOoFNkdNkBT/b7+ww9FvurU9zsjf774zL R9Kb7GDiXXf2Whl3TzLnGJ18fd5eVj3Ayf7eKruVt4wgNJgvKAV52Z5c+fu0lA== -----END CERTIFICATE-----Generated at Wed Feb 19 21:58:59 2025 by rpki-client