$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/SJytD9eUz4xrw1xD4fH6KU7Zrgk.roa File: SJytD9eUz4xrw1xD4fH6KU7Zrgk.roa (raw, json) Hash identifier: U2rujlHncODQ3k5qtIGBD42tXXKLaKbUHk1hxJDzdww= Subject key identifier: 48:9C:AD:0F:D7:94:CF:8C:6B:C3:5C:43:E1:F1:FA:29:4E:D9:AE:09 Certificate issuer: /CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0 Certificate serial: 0212 Authority key identifier: 42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/SJytD9eUz4xrw1xD4fH6KU7Zrgk.roa Signing time: Fri 25 Oct 2024 03:59:08 +0000 ROA not before: Fri 25 Oct 2024 03:59:08 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 63909 IP address blocks: 160.25.221.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 13:53:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 530 (0x212) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0 Validity Not Before: Oct 25 03:59:08 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=489CAD0FD794CF8C6BC35C43E1F1FA294ED9AE09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:b8:d1:24:f3:b8:ac:73:47:f9:86:db:34:44: a7:3f:95:53:6a:3c:8a:be:8c:d6:51:fb:c6:4f:2d: 4a:f6:a9:2b:c3:c0:b8:75:fe:b1:f6:f3:82:c7:e5: f2:bf:21:d0:97:11:14:90:8e:1e:1b:ba:13:3d:c9: 46:af:a5:8e:9e:00:fc:d3:3f:5a:21:17:ac:3c:57: d9:94:d8:08:7b:39:00:8c:c3:87:5c:d9:21:cd:75: c8:72:9b:65:d2:37:74:bb:6d:0e:80:2f:8d:2c:1b: a7:69:cb:a0:ce:85:7f:81:8a:9a:ec:7e:25:53:97: a5:59:f4:ba:86:c2:05:7f:04:56:a3:36:fd:be:34: a5:ba:c7:e0:16:e5:9d:15:19:5e:eb:e1:b5:94:90: 9c:75:3e:4f:e1:f7:64:92:fd:aa:7e:59:ac:f5:e4: 5a:31:31:d1:9a:a1:c1:fc:a4:b9:b5:73:b6:b1:dc: bf:c1:22:aa:c7:e8:55:56:7e:62:ef:52:2b:1e:2a: e6:ef:71:87:2b:f1:91:f6:be:07:e2:23:30:c2:a7: 33:39:42:0d:c1:0f:34:a3:99:4a:ea:91:43:c3:fe: 29:f4:05:63:86:65:4f:e2:bc:63:10:2f:02:32:af: 3c:31:23:76:ac:20:c1:a0:0d:5e:fb:84:c3:81:9b: 97:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:9C:AD:0F:D7:94:CF:8C:6B:C3:5C:43:E1:F1:FA:29:4E:D9:AE:09 X509v3 Authority Key Identifier: keyid:42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/SJytD9eUz4xrw1xD4fH6KU7Zrgk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.25.221.0/24 Signature Algorithm: sha256WithRSAEncryption 91:7f:c4:b3:e0:d4:65:f7:71:4a:75:03:c8:be:d8:f4:2a:87: c2:f0:61:fd:60:51:48:ad:eb:8b:b3:dd:15:3e:3c:78:40:04: 9d:77:4f:78:90:27:0c:b2:92:88:f7:de:ab:c1:78:66:98:67: c3:cf:61:37:e7:e2:9e:b8:7c:93:b5:63:3f:03:20:3d:9d:16: 1e:b9:2e:0e:1a:6d:04:b9:cc:c9:2d:9c:51:8a:88:ec:73:64: 8a:ca:38:44:7a:b2:07:37:94:2a:c2:11:6f:b8:a3:4e:72:23: d4:39:b1:f0:f0:95:0e:9f:13:1e:e4:38:60:f7:f1:0b:59:54: fc:8e:ca:d4:22:7e:5f:1d:eb:9a:ed:3c:88:cd:90:30:03:1c: 55:66:68:44:c9:ee:1e:1b:fa:67:1e:8f:c6:d8:6e:4b:df:82: f5:e1:e5:75:39:3d:34:b4:98:b2:58:11:99:0f:2f:3c:58:9a: e8:e0:04:d0:07:69:b0:11:00:6f:0a:9a:32:ea:eb:98:54:de: 6b:cf:7f:26:59:44:3e:60:ff:9a:8b:86:1b:61:46:26:c3:fc: b2:94:a2:43:b9:d2:69:cd:70:b1:dc:17:3c:d0:4f:32:12:b9: c0:0a:ca:d9:4a:45:cb:f5:c6:58:59:e3:7e:e8:0e:3b:85:c4: d4:ed:08:2c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICAhIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDIy RTdDOTVEODdERTlBRUVCMjEyQTBDNENDQjAxNzRFNjVDQTVEMDAeFw0yNDEwMjUw MzU5MDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ4OUNBRDBGRDc5NENG OEM2QkMzNUM0M0UxRjFGQTI5NEVEOUFFMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNuNEk87isc0f5hts0RKc/lVNqPIq+jNZR+8ZPLUr2qSvDwLh1 /rH284LH5fK/IdCXERSQjh4buhM9yUavpY6eAPzTP1ohF6w8V9mU2Ah7OQCMw4dc 2SHNdchym2XSN3S7bQ6AL40sG6dpy6DOhX+BiprsfiVTl6VZ9LqGwgV/BFajNv2+ NKW6x+AW5Z0VGV7r4bWUkJx1Pk/h92SS/ap+Waz15FoxMdGaocH8pLm1c7ax3L/B IqrH6FVWfmLvUiseKubvcYcr8ZH2vgfiIzDCpzM5Qg3BDzSjmUrqkUPD/in0BWOG ZU/ivGMQLwIyrzwxI3asIMGgDV77hMOBm5cDAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUSJytD9eUz4xrw1xD4fH6KU7ZrgkwHwYDVR0jBBgwFoAUQi58ldh96a7rISoM TMsBdOZcpdAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0tJUFRF Q0gvUWk1OGxkaDk2YTdySVNvTVRNc0JkT1pjcGRBLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9RaTU4bGRoOTZhN3JJU29NVE1zQmRPWmNwZEEuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TS0lQVEVDSC9TSnl0RDllVXo0eHJ3 MXhENGZINktVN1pyZ2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAoBndMA0GCSqGSIb3DQEBCwUAA4IBAQCRf8Sz4NRl93FKdQPIvtj0KofC8GH9 YFFIreuLs90VPjx4QASdd094kCcMspKI996rwXhmmGfDz2E35+KeuHyTtWM/AyA9 nRYeuS4OGm0EuczJLZxRiojsc2SKyjhEerIHN5QqwhFvuKNOciPUObHw8JUOnxMe 5Dhg9/ELWVT8jsrUIn5fHeua7TyIzZAwAxxVZmhEye4eG/pnHo/G2G5L34L14eV1 OT00tJiyWBGZDy88WJro4ATQB2mwEQBvCpoy6uuYVN5rz38mWUQ+YP+ai4YbYUYm w/yylKJDudJpzXCx3Bc80E8yErnACsrZSkXL9cZYWeN+6A47hcTU7Qgs -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:54 2024 by rpki-client on console-fra.rpki-client.org