$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/JKm8tnC9X2WRkq-NUh01e-WxvZg.roa File: JKm8tnC9X2WRkq-NUh01e-WxvZg.roa (raw, json) Hash identifier: 29lHuLI1pacvzCElLgqg0cJw+LxV1tQncLsisVNS1ds= Subject key identifier: 24:A9:BC:B6:70:BD:5F:65:91:92:AF:8D:52:1D:35:7B:E5:B1:BD:98 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0E70 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/JKm8tnC9X2WRkq-NUh01e-WxvZg.roa Signing time: Mon 10 Feb 2025 14:16:21 +0000 ROA not before: Mon 10 Feb 2025 14:16:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 1659 IP address blocks: 192.83.176.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:26:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3696 (0xe70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 10 14:16:21 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=24A9BCB670BD5F659192AF8D521D357BE5B1BD98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:30:3c:30:16:fe:37:40:c0:3b:e3:18:a1:96: b5:7b:1e:83:f1:09:58:ff:fb:3d:25:0e:63:53:e3: e6:77:f1:72:1f:2f:98:66:63:f6:87:8d:43:f9:5b: 2c:00:cb:1e:1a:4b:a3:70:f0:60:68:bf:de:17:eb: 37:5a:96:1a:07:d9:f2:39:ac:ec:53:68:6b:9b:29: 3c:15:9c:d2:0f:9b:4d:d4:5b:03:0f:2b:32:ef:84: ae:89:0e:3c:01:9a:3d:ac:1e:82:a4:fe:30:69:b1: 87:5e:16:e4:9e:a1:d1:04:69:c7:2d:56:72:26:c7: 25:96:c2:e5:82:8f:09:a8:41:08:52:e0:48:92:cd: 52:e7:c1:0c:d7:49:a0:c7:78:7a:77:97:f0:03:d5: 4e:0a:cb:82:60:37:2a:26:9e:d7:bf:b9:21:7b:1b: e1:1d:69:0e:3a:58:4f:b8:b1:91:99:63:c4:c2:ab: e1:6e:3b:9c:5a:70:81:de:d0:0e:ca:c2:b5:33:a8: f6:d2:57:b6:d3:ca:8f:57:c5:65:c6:cd:6e:6a:2a: a4:3c:8a:ab:43:06:aa:0b:ed:69:fc:27:8c:32:82: 32:16:28:b4:fe:f1:90:86:c5:d9:33:51:4e:92:eb: b9:8a:fc:29:e9:1e:c2:c1:f9:87:60:0c:ff:3c:b7: bc:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:A9:BC:B6:70:BD:5F:65:91:92:AF:8D:52:1D:35:7B:E5:B1:BD:98 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/JKm8tnC9X2WRkq-NUh01e-WxvZg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.83.176.0/20 Signature Algorithm: sha256WithRSAEncryption 5c:9d:e1:d2:43:71:5e:72:c3:17:b8:fe:9f:9d:71:46:8c:67: bb:d6:2b:b6:4f:17:1d:c0:4c:d1:f0:17:a4:cc:83:63:d6:75: de:2e:32:b0:7a:51:88:dd:e5:5b:c6:87:17:ee:cb:ff:61:b1: 53:43:18:bc:0a:43:b4:60:22:c7:36:20:e1:0f:1d:59:75:44: eb:81:45:ad:9a:2e:be:7e:58:12:a7:07:a5:2d:18:a4:b9:d1: 39:83:2b:26:c7:ab:0e:eb:ce:08:45:37:3a:71:ff:65:8b:c4: 7b:46:31:a4:ae:9b:ff:90:91:d4:65:79:33:0a:99:86:ea:76: 63:ed:bf:7a:42:24:ac:b6:18:58:da:31:d3:a8:f9:64:1f:94: db:a9:dc:08:43:f2:68:3d:a5:b9:73:33:65:ae:da:52:6b:58: b6:74:14:90:5a:b3:54:7a:de:fe:12:8a:6d:36:f0:d6:49:62: b9:47:3c:42:5a:3a:0d:fc:29:05:00:7f:f3:51:25:5d:8b:48: 6c:4a:ab:ce:31:20:bd:4b:67:fa:6b:88:47:3b:3c:30:01:c9: b6:47:02:b7:2f:59:46:51:ea:62:57:06:a9:57:4c:ed:17:84: ad:25:b0:0c:64:4e:11:93:f7:39:2e:6a:07:97:05:f5:5a:19: 1e:62:4f:e9 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDnAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx NDE2MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI0QTlCQ0I2NzBCRDVG NjU5MTkyQUY4RDUyMUQzNTdCRTVCMUJEOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD2MDwwFv43QMA74xihlrV7HoPxCVj/+z0lDmNT4+Z38XIfL5hm Y/aHjUP5WywAyx4aS6Nw8GBov94X6zdalhoH2fI5rOxTaGubKTwVnNIPm03UWwMP KzLvhK6JDjwBmj2sHoKk/jBpsYdeFuSeodEEacctVnImxyWWwuWCjwmoQQhS4EiS zVLnwQzXSaDHeHp3l/AD1U4Ky4JgNyomnte/uSF7G+EdaQ46WE+4sZGZY8TCq+Fu O5xacIHe0A7KwrUzqPbSV7bTyo9XxWXGzW5qKqQ8iqtDBqoL7Wn8J4wygjIWKLT+ 8ZCGxdkzUU6S67mK/CnpHsLB+YdgDP88t7ynAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUJKm8tnC9X2WRkq+NUh01e+WxvZgwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9KS204dG5DOVgyV1JrcS1OVWgw MWUtV3h2Wmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwFOw MA0GCSqGSIb3DQEBCwUAA4IBAQBcneHSQ3FecsMXuP6fnXFGjGe71iu2TxcdwEzR 8BekzINj1nXeLjKwelGI3eVbxocX7sv/YbFTQxi8CkO0YCLHNiDhDx1ZdUTrgUWt mi6+flgSpwelLRikudE5gysmx6sO684IRTc6cf9li8R7RjGkrpv/kJHUZXkzCpmG 6nZj7b96QiSsthhY2jHTqPlkH5TbqdwIQ/JoPaW5czNlrtpSa1i2dBSQWrNUet7+ EoptNvDWSWK5RzxCWjoN/CkFAH/zUSVdi0hsSqvOMSC9S2f6a4hHOzwwAcm2RwK3 L1lGUepiVwapV0ztF4StJbAMZE4Rk/c5LmoHlwX1WhkeYk/p -----END CERTIFICATE-----Generated at Wed Feb 19 22:03:15 2025 by rpki-client