$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SDTV/1T3V6-oPuaG83zTxlCJWOvfO7yo.roa File: 1T3V6-oPuaG83zTxlCJWOvfO7yo.roa (raw, json) Hash identifier: K15KcyfHvvU+fwC6AXxfXS5DVL8qIHLwMEubxR9VRbQ= Subject key identifier: D5:3D:D5:EB:EA:0F:B9:A1:BC:DF:34:F1:94:22:56:3A:F7:CE:EF:2A Certificate issuer: /CN=7F5D8D54ECB7CEEB46FD8DF5467C41C002443526 Certificate serial: 0C8C Authority key identifier: 7F:5D:8D:54:EC:B7:CE:EB:46:FD:8D:F5:46:7C:41:C0:02:44:35:26 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/f12NVOy3zutG_Y31RnxBwAJENSY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SDTV/1T3V6-oPuaG83zTxlCJWOvfO7yo.roa Signing time: Mon 10 Feb 2025 14:11:19 +0000 ROA not before: Mon 10 Feb 2025 14:11:19 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131611 IP address blocks: 103.100.164.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SDTV/f12NVOy3zutG_Y31RnxBwAJENSY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SDTV/f12NVOy3zutG_Y31RnxBwAJENSY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/f12NVOy3zutG_Y31RnxBwAJENSY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3212 (0xc8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7F5D8D54ECB7CEEB46FD8DF5467C41C002443526 Validity Not Before: Feb 10 14:11:19 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D53DD5EBEA0FB9A1BCDF34F19422563AF7CEEF2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f3:8a:01:5e:55:1a:22:5d:56:19:f2:c7:29: fa:4e:db:7c:29:30:a3:97:78:2c:51:ee:64:22:37: e4:54:3f:50:96:7f:b3:f0:ba:93:dd:6e:ea:33:ad: 44:f4:9c:37:c4:ad:40:7b:0d:4d:ed:fb:0e:20:18: ba:10:d5:c8:3e:85:58:2e:41:2c:aa:1c:fc:38:ab: fe:a2:2a:7f:f6:34:ca:7c:32:98:26:26:2e:59:98: 83:42:3e:3d:9b:4c:76:d6:b1:a7:77:3e:45:8a:92: 59:0a:54:b2:35:43:88:31:30:fa:f4:d7:d6:f0:3d: 26:e2:49:bd:42:70:1d:58:64:d8:68:9f:b4:b5:f3: 8f:9e:69:32:c8:61:fd:6f:69:36:c2:36:41:38:d4: a1:43:a8:b0:ae:f5:fa:d5:1c:3e:c5:14:d9:c5:68: 5e:b7:ba:69:1f:f4:d3:41:35:62:21:4d:48:5c:e7: fb:2e:da:d8:83:f3:93:5c:96:7a:0a:25:1d:f2:0c: 13:44:1e:0d:81:23:ef:ce:08:1a:b6:d4:69:71:b7: b0:1b:3a:a3:91:5d:d8:ab:4c:47:71:ee:a5:22:e8: 04:33:6c:36:75:ea:82:26:36:95:70:53:7f:a2:0a: c2:dc:4b:17:e7:6d:4d:42:46:34:a9:1d:b2:5b:da: bd:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:3D:D5:EB:EA:0F:B9:A1:BC:DF:34:F1:94:22:56:3A:F7:CE:EF:2A X509v3 Authority Key Identifier: keyid:7F:5D:8D:54:EC:B7:CE:EB:46:FD:8D:F5:46:7C:41:C0:02:44:35:26 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SDTV/f12NVOy3zutG_Y31RnxBwAJENSY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/f12NVOy3zutG_Y31RnxBwAJENSY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SDTV/1T3V6-oPuaG83zTxlCJWOvfO7yo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.100.164.0/22 Signature Algorithm: sha256WithRSAEncryption 97:9f:e8:5a:0e:2f:59:fc:bf:a9:4a:61:c5:87:1a:e6:dc:67: c8:f8:dc:3b:42:d4:46:b8:d2:a0:24:85:94:b2:20:48:88:fb: f5:69:4b:a9:ef:8e:b9:6c:42:34:42:c8:e0:26:6c:60:c0:86: 7f:82:b0:24:10:77:47:0f:19:cf:15:66:84:c3:72:a7:47:41: 66:ee:88:eb:8c:b4:43:8d:aa:92:96:dc:c7:60:0e:74:08:ad: 74:21:ab:d4:84:1e:2d:6d:86:56:86:2f:be:3a:ba:bb:ab:1b: b0:3a:cd:b8:7e:d6:54:b7:7c:53:11:f5:c5:39:90:33:cd:09: 0a:02:eb:b4:14:21:ef:ea:0a:ce:97:32:61:c5:d8:69:3f:0e: 54:8c:b9:99:77:98:75:86:8e:5a:f7:ea:e7:4f:64:9c:b1:52: 6a:a2:d4:7b:ed:34:9b:ea:62:0c:d0:7d:4f:bf:ba:f0:80:c2: 07:56:be:46:d9:d8:63:67:07:02:3f:5f:ca:8c:bc:09:5a:47: b9:46:94:d2:d5:5c:20:73:b8:f9:e4:41:d6:56:ef:d2:24:3a: 85:93:17:06:4d:20:a3:ec:28:23:bf:b7:3c:ed:c0:a2:d0:89: 22:d0:83:b9:35:56:35:f8:92:43:93:e1:64:c1:df:7d:0a:37: c4:c5:42:7a -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0Y1 RDhENTRFQ0I3Q0VFQjQ2RkQ4REY1NDY3QzQxQzAwMjQ0MzUyNjAeFw0yNTAyMTAx NDExMTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ1M0RENUVCRUEwRkI5 QTFCQ0RGMzRGMTk0MjI1NjNBRjdDRUVGMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDK84oBXlUaIl1WGfLHKfpO23wpMKOXeCxR7mQiN+RUP1CWf7Pw upPdbuozrUT0nDfErUB7DU3t+w4gGLoQ1cg+hVguQSyqHPw4q/6iKn/2NMp8Mpgm Ji5ZmINCPj2bTHbWsad3PkWKklkKVLI1Q4gxMPr019bwPSbiSb1CcB1YZNhon7S1 84+eaTLIYf1vaTbCNkE41KFDqLCu9frVHD7FFNnFaF63umkf9NNBNWIhTUhc5/su 2tiD85NclnoKJR3yDBNEHg2BI+/OCBq21Glxt7AbOqORXdirTEdx7qUi6AQzbDZ1 6oImNpVwU3+iCsLcSxfnbU1CRjSpHbJb2r25AgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU1T3V6+oPuaG83zTxlCJWOvfO7yowHwYDVR0jBBgwFoAUf12NVOy3zutG/Y31 RnxBwAJENSYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0RUVi9m MTJOVk95M3p1dEdfWTMxUm54QndBSkVOU1kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2YxMk5WT3kzenV0R19ZMzFSbnhCd0FKRU5TWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1NEVFYvMVQzVjYtb1B1YUc4M3pUeGxDSldP dmZPN3lvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdkpDAN BgkqhkiG9w0BAQsFAAOCAQEAl5/oWg4vWfy/qUphxYca5txnyPjcO0LURrjSoCSF lLIgSIj79WlLqe+OuWxCNELI4CZsYMCGf4KwJBB3Rw8ZzxVmhMNyp0dBZu6I64y0 Q42qkpbcx2AOdAitdCGr1IQeLW2GVoYvvjq6u6sbsDrNuH7WVLd8UxH1xTmQM80J CgLrtBQh7+oKzpcyYcXYaT8OVIy5mXeYdYaOWvfq509knLFSaqLUe+00m+piDNB9 T7+68IDCB1a+RtnYY2cHAj9fyoy8CVpHuUaU0tVcIHO4+eRB1lbv0iQ6hZMXBk0g o+woI7+3PO3AotCJItCDuTVWNfiSQ5PhZMHffQo3xMVCeg== -----END CERTIFICATE-----Generated at Wed Feb 19 22:09:18 2025 by rpki-client