$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/q3dDuQZhRgIT3JpIfHs_1k6uxiA.roa File: q3dDuQZhRgIT3JpIfHs_1k6uxiA.roa (raw, json) Hash identifier: b8ldYcazBFP64u2fgebwaSBpsAB5/Hc4XYgnk65Ubp0= Subject key identifier: AB:77:43:B9:06:61:46:02:13:DC:9A:48:7C:7B:3F:D6:4E:AE:C6:20 Certificate issuer: /CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C Certificate serial: 0D58 Authority key identifier: 00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/q3dDuQZhRgIT3JpIfHs_1k6uxiA.roa Signing time: Mon 10 Feb 2025 13:44:45 +0000 ROA not before: Mon 10 Feb 2025 13:44:45 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38047 IP address blocks: 2402:c340:e168::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/AFcumcZO1lL6gdUB76Fs-dRK6Zw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/AFcumcZO1lL6gdUB76Fs-dRK6Zw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 22:07:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3416 (0xd58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C Validity Not Before: Feb 10 13:44:45 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=AB7743B90661460213DC9A487C7B3FD64EAEC620 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:39:06:10:b8:03:81:13:fd:fb:11:c1:8f:7e: 9b:5f:41:a2:52:cb:2d:27:73:65:f8:a3:5d:e1:f8: 5c:39:09:25:92:d2:3c:13:de:25:e4:da:80:8f:e5: 50:ac:35:1e:39:94:c9:61:f4:fe:ac:90:2d:dd:db: dc:59:b9:04:97:9a:5d:e7:1d:75:dd:42:5b:d8:bc: c5:3b:e7:33:f6:df:39:44:05:51:0e:17:89:f2:bc: f0:7f:d1:a5:69:07:c8:90:cb:c1:b4:b0:60:e5:36: 1c:29:fc:f8:40:0e:f9:96:50:64:97:ab:1d:04:7b: b8:a1:ad:c5:20:62:37:6c:d8:2f:8b:e1:ad:98:a8: 4d:63:19:0c:5d:c8:ab:7e:2d:b1:95:f5:4c:77:52: 47:98:13:89:44:3f:25:c0:6f:de:df:9b:ec:2a:79: 7c:c4:77:37:59:59:86:d7:2c:45:2e:46:df:c8:52: 18:fb:6a:dd:7a:04:50:32:b6:2e:72:53:1d:44:72: 25:0a:3f:81:3f:27:81:57:7e:f8:6d:32:39:2d:72: 34:f3:c3:2c:9e:d9:48:24:3f:e8:7a:02:19:d9:c1: 7d:22:04:68:fc:e4:49:dc:b3:9b:46:b0:71:36:5f: 2a:b5:bd:2f:f2:09:68:a4:0d:40:d5:30:9a:db:0d: c8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:77:43:B9:06:61:46:02:13:DC:9A:48:7C:7B:3F:D6:4E:AE:C6:20 X509v3 Authority Key Identifier: keyid:00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/AFcumcZO1lL6gdUB76Fs-dRK6Zw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/q3dDuQZhRgIT3JpIfHs_1k6uxiA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:c340:e168::/48 Signature Algorithm: sha256WithRSAEncryption 88:94:33:19:56:25:61:d0:bb:6e:0b:57:43:ec:d3:49:4e:c9: 69:e1:cd:24:ae:fb:4e:c1:cb:ec:50:97:ab:ee:09:4d:06:47: f4:0c:5d:59:b5:4e:89:24:a0:bb:20:40:4c:1a:30:3b:43:e4: 95:ec:81:af:fb:31:04:14:fc:be:c5:42:00:fe:8a:48:8f:cc: 66:09:89:a7:79:14:27:66:eb:ac:95:17:93:03:5d:63:69:fa: ee:a6:80:dc:8f:dd:18:3b:d8:34:56:4f:36:62:90:41:02:34: b8:f9:73:49:f6:dd:13:a9:c1:61:1b:07:20:8f:bf:bc:81:b2: 13:e8:f0:cc:00:26:e8:2f:d0:e2:86:c9:18:c1:d6:6a:3c:bf: 07:a0:91:f3:b7:79:eb:ad:60:50:c0:b1:33:3f:0c:71:d3:eb: 97:e7:3e:2b:13:f6:7e:f4:de:50:fa:70:1b:24:59:8b:e2:a6: 03:9c:d0:60:31:91:dc:78:6f:cd:ba:39:b3:66:19:f4:26:84: 25:b9:07:d5:dc:2d:de:4c:9c:c1:dd:30:a3:09:bc:d3:bc:fe: fd:dd:f1:b3:1d:97:35:6a:26:13:6c:59:bf:c6:4e:04:ae:36: 86:cf:b5:68:29:09:9c:81:3c:6d:79:53:79:7b:e2:e6:c0:3e: c8:06:d5:1e -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICDVgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDA1 NzJFOTlDNjRFRDY1MkZBODFENTAxRUZBMTZDRjlENDRBRTk5QzAeFw0yNTAyMTAx MzQ0NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFCNzc0M0I5MDY2MTQ2 MDIxM0RDOUE0ODdDN0IzRkQ2NEVBRUM2MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxOQYQuAOBE/37EcGPfptfQaJSyy0nc2X4o13h+Fw5CSWS0jwT 3iXk2oCP5VCsNR45lMlh9P6skC3d29xZuQSXml3nHXXdQlvYvMU75zP23zlEBVEO F4nyvPB/0aVpB8iQy8G0sGDlNhwp/PhADvmWUGSXqx0Ee7ihrcUgYjds2C+L4a2Y qE1jGQxdyKt+LbGV9Ux3UkeYE4lEPyXAb97fm+wqeXzEdzdZWYbXLEUuRt/IUhj7 at16BFAyti5yUx1EciUKP4E/J4FXfvhtMjktcjTzwyye2UgkP+h6AhnZwX0iBGj8 5Encs5tGsHE2Xyq1vS/yCWikDUDVMJrbDcidAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQUq3dDuQZhRgIT3JpIfHs/1k6uxiAwHwYDVR0jBBgwFoAUAFcumcZO1lL6gdUB 76Fs+dRK6ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNI RU5HL0FGY3VtY1pPMWxMNmdkVUI3NkZzLWRSSzZady5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvQUZjdW1jWk8xbEw2Z2RVQjc2RnMtZFJLNlp3LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNIRU5HL3EzZER1UVpoUmdJ VDNKcElmSHNfMWs2dXhpQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAkAsNA4WgwDQYJKoZIhvcNAQELBQADggEBAIiUMxlWJWHQu24LV0Ps00lO yWnhzSSu+07By+xQl6vuCU0GR/QMXVm1TokkoLsgQEwaMDtD5JXsga/7MQQU/L7F QgD+ikiPzGYJiad5FCdm66yVF5MDXWNp+u6mgNyP3Rg72DRWTzZikEECNLj5c0n2 3ROpwWEbByCPv7yBshPo8MwAJugv0OKGyRjB1mo8vwegkfO3eeutYFDAsTM/DHHT 65fnPisT9n703lD6cBskWYvipgOc0GAxkdx4b826ObNmGfQmhCW5B9XcLd5MnMHd MKMJvNO8/v3d8bMdlzVqJhNsWb/GTgSuNobPtWgpCZyBPG15U3l74ubAPsgG1R4= -----END CERTIFICATE-----Generated at Sat Apr 12 20:22:32 2025 by rpki-client