$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/97E0AfMCMdrk5t95WkWmr8sk9eo.roa File: 97E0AfMCMdrk5t95WkWmr8sk9eo.roa (raw, json) Hash identifier: xDjX+J2adR+3KiFlExvKuT/BcSMUrea9Q/rxOzgvUh0= Subject key identifier: F7:B1:34:01:F3:02:31:DA:E4:E6:DF:79:5A:45:A6:AF:CB:24:F5:EA Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0D61 Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/97E0AfMCMdrk5t95WkWmr8sk9eo.roa Signing time: Mon 10 Feb 2025 14:12:18 +0000 ROA not before: Mon 10 Feb 2025 14:12:18 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 103.234.204.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 13:36:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3425 (0xd61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Feb 10 14:12:18 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=F7B13401F30231DAE4E6DF795A45A6AFCB24F5EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:34:91:05:3f:34:b1:28:67:03:e9:9f:c4:99: d4:26:7d:eb:92:3b:6c:a0:aa:89:81:68:58:fb:21: eb:63:4b:4d:fb:d8:f1:d3:8a:c1:11:4a:e9:3a:e4: d7:a5:ff:29:6b:0e:a7:82:5d:bc:ed:92:31:03:2b: 89:6b:e8:9c:cc:8a:1a:8d:b9:d8:bb:10:27:c3:50: 5f:d0:bf:60:3b:08:93:bf:db:75:33:8d:28:be:82: 20:24:ab:10:fd:20:2e:41:40:99:39:f0:c9:41:16: 4b:0a:27:1c:e0:f8:cc:a2:74:33:40:d5:8e:7f:bb: 46:07:28:f3:69:41:1d:d2:49:28:a9:2d:69:ce:7a: 64:ca:7b:58:22:ab:45:16:63:2f:59:88:6b:f5:9a: 62:40:1f:a2:18:5b:35:1a:45:7f:34:71:b2:f8:08: d5:13:d8:ff:8a:39:0e:20:7f:0d:20:1a:27:ea:52: 38:f6:8f:a6:b5:d2:31:c0:99:4b:9e:f4:48:bb:76: e5:ec:9b:dc:09:10:3c:0a:bb:b0:61:26:ff:ae:a1: 9f:c9:59:3a:1a:8d:b6:4d:1d:d9:0d:c8:ef:59:ef: 11:29:9b:82:fe:9d:36:29:df:8f:27:c2:1c:0a:76: a3:10:34:84:35:c6:ef:fd:a5:f2:ae:f0:bd:44:e8: 32:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:B1:34:01:F3:02:31:DA:E4:E6:DF:79:5A:45:A6:AF:CB:24:F5:EA X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/97E0AfMCMdrk5t95WkWmr8sk9eo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.234.204.0/22 Signature Algorithm: sha256WithRSAEncryption 91:ff:22:6f:03:cb:93:cb:a0:fd:85:e0:3f:5f:5e:04:56:55: 95:02:5a:72:8d:ed:72:b4:5a:da:5f:ab:1b:d5:dc:87:f1:aa: 51:4e:eb:78:d5:4b:33:59:3d:bf:82:91:33:49:50:2e:d3:ac: 29:3f:f3:b2:89:f7:28:d3:e4:4f:06:df:df:bd:a5:b5:b9:c9: a3:2e:7d:c1:d0:6c:f5:77:15:f2:17:f9:77:4e:9c:0f:7a:3a: 89:b3:a0:10:b5:ec:64:75:6b:4a:13:84:d1:2b:99:63:4c:94: 91:1d:93:3b:df:2e:50:d4:1d:99:b8:ce:5d:3a:3a:46:ed:ba: 55:99:42:ad:e5:80:17:a6:bf:e4:1b:f7:d1:43:60:2b:f9:a4: 1a:86:6b:ef:4e:af:99:a0:5c:e1:24:1f:75:21:fb:6f:94:03: 63:59:b9:11:08:4a:5f:c4:02:a4:7e:f7:5a:4c:0e:a7:c9:7f: e5:e5:f7:69:76:ac:d2:b6:89:81:e6:ea:7c:ad:05:f7:da:b7: 77:aa:43:2f:82:7c:11:ad:a6:26:ed:2f:de:e0:fe:a7:8b:a0: 54:f8:09:15:21:10:29:38:09:52:71:c0:21:e1:96:0c:23:7b: 47:49:d8:bf:3c:bd:4d:6c:fb:96:ba:2f:59:f7:3a:cd:c4:17: 6b:67:ae:fe -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx NDEyMThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY3QjEzNDAxRjMwMjMx REFFNEU2REY3OTVBNDVBNkFGQ0IyNEY1RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNNJEFPzSxKGcD6Z/EmdQmfeuSO2ygqomBaFj7IetjS0372PHT isERSuk65Nel/ylrDqeCXbztkjEDK4lr6JzMihqNudi7ECfDUF/Qv2A7CJO/23Uz jSi+giAkqxD9IC5BQJk58MlBFksKJxzg+MyidDNA1Y5/u0YHKPNpQR3SSSipLWnO emTKe1giq0UWYy9ZiGv1mmJAH6IYWzUaRX80cbL4CNUT2P+KOQ4gfw0gGifqUjj2 j6a10jHAmUue9Ei7duXsm9wJEDwKu7BhJv+uoZ/JWToajbZNHdkNyO9Z7xEpm4L+ nTYp348nwhwKdqMQNIQ1xu/9pfKu8L1E6DK3AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU97E0AfMCMdrk5t95WkWmr8sk9eowHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS85N0UwQWZNQ01kcms1dDk1V2tX bXI4c2s5ZW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+rM MA0GCSqGSIb3DQEBCwUAA4IBAQCR/yJvA8uTy6D9heA/X14EVlWVAlpyje1ytFra X6sb1dyH8apRTut41UszWT2/gpEzSVAu06wpP/Oyifco0+RPBt/fvaW1ucmjLn3B 0Gz1dxXyF/l3TpwPejqJs6AQtexkdWtKE4TRK5ljTJSRHZM73y5Q1B2ZuM5dOjpG 7bpVmUKt5YAXpr/kG/fRQ2Ar+aQahmvvTq+ZoFzhJB91IftvlANjWbkRCEpfxAKk fvdaTA6nyX/l5fdpdqzStomB5up8rQX32rd3qkMvgnwRraYm7S/e4P6ni6BU+AkV IRApOAlSccAh4ZYMI3tHSdi/PL1NbPuWui9Z9zrNxBdrZ67+ -----END CERTIFICATE-----Generated at Mon Apr 7 11:38:55 2025 by rpki-client