$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/73NNkFR9ZLKzWkQUVWmNQsCzfpg.roa File: 73NNkFR9ZLKzWkQUVWmNQsCzfpg.roa (raw, json) Hash identifier: j2W3Q7yCSd9UttaCbqOEs/6QO4RYTBsxUoifZlTN9r8= Subject key identifier: EF:73:4D:90:54:7D:64:B2:B3:5A:44:14:55:69:8D:42:C0:B3:7E:98 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0E7C Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/73NNkFR9ZLKzWkQUVWmNQsCzfpg.roa Signing time: Mon 10 Feb 2025 14:16:25 +0000 ROA not before: Mon 10 Feb 2025 14:16:25 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18217 IP address blocks: 140.109.224.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:26:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3708 (0xe7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 10 14:16:25 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=EF734D90547D64B2B35A441455698D42C0B37E98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:b4:5b:73:c4:8f:d3:d6:6c:1a:17:12:15:de: 88:6e:56:b3:7a:ac:af:04:b8:ff:1f:e3:fe:b1:90: df:90:5a:3c:8f:9f:92:4e:d9:e0:48:7c:89:af:6e: 30:b7:20:09:56:13:34:4e:4e:52:92:85:80:ed:23: e6:6d:6f:df:07:48:22:0b:61:f1:ca:fa:43:62:3e: 89:19:23:5e:7e:55:fb:6a:1e:d8:f5:71:6e:af:5b: 56:cc:4b:e7:d5:b9:d4:24:61:bf:7f:62:c2:83:73: 35:f3:34:88:79:1b:d2:44:05:13:14:0b:62:fa:2a: 29:61:28:d4:16:5b:65:86:8c:34:e6:e5:58:81:bb: 28:1f:d0:44:19:29:39:80:64:66:e5:d3:1f:ce:d1: 22:a5:ed:8f:ca:e9:dd:03:04:e6:f2:9b:22:a4:da: 39:1d:03:43:0b:21:86:71:46:bb:74:c8:ce:ea:aa: 7b:33:f4:fe:c0:a4:5f:a0:d8:f3:88:32:db:85:da: af:b1:ec:2f:0c:cc:72:70:6f:c1:fc:d0:88:a4:d6: 3d:17:7d:78:73:79:70:62:fe:e5:35:55:fd:57:46: eb:cd:f5:1b:51:1d:be:88:85:fe:00:22:c9:76:53: ba:7a:f2:87:6a:41:80:a2:3a:98:ee:75:5a:58:74: a8:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:73:4D:90:54:7D:64:B2:B3:5A:44:14:55:69:8D:42:C0:B3:7E:98 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/73NNkFR9ZLKzWkQUVWmNQsCzfpg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.109.224.0/23 Signature Algorithm: sha256WithRSAEncryption 6d:ee:76:dc:d5:9f:a7:d6:68:d5:ad:3a:e1:53:d3:64:be:bf: 70:2e:76:80:c8:35:0e:f1:6b:2a:d9:6b:83:59:e0:34:18:c0: 75:64:69:b4:20:9f:42:98:29:dd:9c:80:94:95:72:d6:7b:2c: a8:27:a4:56:58:38:ce:55:7d:6f:7a:aa:ec:24:23:0c:70:aa: f8:85:d9:a0:91:82:5b:32:b6:fa:00:7c:c5:e8:99:90:e9:90: 26:27:de:23:10:1b:45:25:a6:94:d9:0b:3f:4e:3d:a8:35:6a: 68:da:23:de:fa:6b:27:cc:ac:3d:7f:23:21:6e:0c:42:74:c1: 73:06:df:fb:eb:20:3d:e7:1b:b2:19:aa:c3:2b:2e:53:78:f8: e5:64:b3:c2:79:59:cd:7c:ac:59:8a:11:56:ea:0f:d1:01:dd: 0b:69:94:bd:7e:07:25:8f:bc:64:6a:c8:0c:fd:0a:a1:d0:9b: b2:d2:06:bb:ef:05:53:d6:cc:d8:65:d5:35:66:4a:59:95:6a: d5:11:7c:c7:a2:20:c4:9c:37:31:b9:9d:a4:70:f9:ca:cb:48: 2d:3c:5d:7e:bc:0a:d1:37:9d:6f:1a:6b:28:56:c8:2d:c2:1d: d5:39:0e:f5:bd:ee:1c:0c:7d:61:ea:aa:98:2c:c7:96:2f:ff: 88:68:46:6d -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDnwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx NDE2MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEVGNzM0RDkwNTQ3RDY0 QjJCMzVBNDQxNDU1Njk4RDQyQzBCMzdFOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPtFtzxI/T1mwaFxIV3ohuVrN6rK8EuP8f4/6xkN+QWjyPn5JO 2eBIfImvbjC3IAlWEzROTlKShYDtI+Ztb98HSCILYfHK+kNiPokZI15+VftqHtj1 cW6vW1bMS+fVudQkYb9/YsKDczXzNIh5G9JEBRMUC2L6KilhKNQWW2WGjDTm5ViB uygf0EQZKTmAZGbl0x/O0SKl7Y/K6d0DBObymyKk2jkdA0MLIYZxRrt0yM7qqnsz 9P7ApF+g2POIMtuF2q+x7C8MzHJwb8H80Iik1j0XfXhzeXBi/uU1Vf1XRuvN9RtR Hb6Ihf4AIsl2U7p68odqQYCiOpjudVpYdKizAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU73NNkFR9ZLKzWkQUVWmNQsCzfpgwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC83M05Oa0ZSOVpMS3pXa1FVVldt TlFzQ3pmcGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjG3g MA0GCSqGSIb3DQEBCwUAA4IBAQBt7nbc1Z+n1mjVrTrhU9Nkvr9wLnaAyDUO8Wsq 2WuDWeA0GMB1ZGm0IJ9CmCndnICUlXLWeyyoJ6RWWDjOVX1veqrsJCMMcKr4hdmg kYJbMrb6AHzF6JmQ6ZAmJ94jEBtFJaaU2Qs/Tj2oNWpo2iPe+msnzKw9fyMhbgxC dMFzBt/76yA95xuyGarDKy5TePjlZLPCeVnNfKxZihFW6g/RAd0LaZS9fgclj7xk asgM/Qqh0Juy0ga77wVT1szYZdU1ZkpZlWrVEXzHoiDEnDcxuZ2kcPnKy0gtPF1+ vArRN51vGmsoVsgtwh3VOQ71ve4cDH1h6qqYLMeWL/+IaEZt -----END CERTIFICATE-----Generated at Wed Feb 19 22:05:53 2025 by rpki-client