$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/KOpmZ1ODnfpGxDUoNMo8n6qwjbI.roa File: KOpmZ1ODnfpGxDUoNMo8n6qwjbI.roa (raw, json) Hash identifier: QHh7NaFGGX95fkoFyhnznTPzV8D63Chn7J6Ay3piOHs= Subject key identifier: 28:EA:66:67:53:83:9D:FA:46:C4:35:28:34:CA:3C:9F:AA:B0:8D:B2 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0E89 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/KOpmZ1ODnfpGxDUoNMo8n6qwjbI.roa Signing time: Mon 10 Feb 2025 14:16:28 +0000 ROA not before: Mon 10 Feb 2025 14:16:28 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9916 IP address blocks: 140.129.56.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 05:08:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3721 (0xe89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 10 14:16:28 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=28EA666753839DFA46C4352834CA3C9FAAB08DB2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:e9:ca:6e:8f:eb:20:5e:e7:9a:9b:1b:a2:ee: d4:95:44:74:e0:d6:bf:35:1e:de:12:c2:a7:37:b7: 06:ae:b1:79:1a:41:73:38:33:49:92:01:1d:44:e4: 3c:38:74:ba:66:11:fe:25:2a:eb:a3:a8:8b:82:32: 15:13:99:a3:64:95:62:47:5b:82:10:92:0c:dd:b2: b2:b8:ea:8d:d2:41:4e:a3:c9:f7:b9:70:46:b4:a8: 4a:c2:b2:aa:4b:1f:1b:c9:6d:ea:44:72:99:4e:74: af:66:1e:22:20:80:d2:78:55:14:4b:f5:e7:3c:a6: 1e:e1:1c:dd:ce:67:a0:62:c7:23:7e:f8:f3:0e:68: 69:38:f2:04:8d:42:80:01:d1:5d:fe:57:9b:88:dd: 74:74:c7:74:5e:4b:29:0d:13:e3:eb:1e:87:11:65: 5b:43:da:ec:2d:32:ae:15:f1:72:21:37:63:f2:27: 5d:4b:92:5f:87:cf:4c:78:94:f1:a4:52:44:b3:cc: 2c:92:04:5c:5a:3e:2c:82:a9:b4:e4:f8:6d:17:c2: ec:d3:b6:3c:31:9f:4b:78:ed:76:f5:dd:91:49:d1: d3:f1:09:6b:0e:9e:af:6e:23:cb:a9:25:dd:d5:a1: 23:9a:c2:9c:63:00:d3:6f:57:80:c6:98:c5:78:0c: 7d:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:EA:66:67:53:83:9D:FA:46:C4:35:28:34:CA:3C:9F:AA:B0:8D:B2 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/KOpmZ1ODnfpGxDUoNMo8n6qwjbI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.129.56.0/21 Signature Algorithm: sha256WithRSAEncryption 10:c3:06:d3:1e:a4:12:0b:66:1f:31:bd:b6:bd:4e:f7:4a:8f: ae:d2:cd:49:b1:6c:6d:61:56:41:51:c2:a3:71:ed:8b:a3:85: 2f:82:21:36:93:b0:46:d2:69:eb:07:cf:b8:2c:8a:18:b9:52: 37:c7:f2:8b:d0:15:06:41:f4:90:d8:be:9f:e6:67:f3:f6:9a: eb:95:39:8d:6b:38:03:66:ea:40:7f:9a:f2:99:3e:7a:54:70: 3c:7e:19:55:07:75:51:2a:41:1f:86:af:27:a4:bb:a2:29:ea: e0:fd:d1:94:3a:d4:99:e6:16:11:b5:33:72:0a:c5:d5:18:aa: 69:63:58:4a:12:67:85:bc:b5:1d:27:95:b2:6a:59:e9:89:d3: 61:89:30:94:46:b6:e5:c2:b3:2e:b1:69:b2:1d:5a:a4:6f:7b: 8b:12:66:88:5c:4b:6a:5a:db:ad:f4:7e:f2:b8:44:e3:5a:48: 93:a5:18:97:76:83:db:c3:ca:b8:9b:f6:ed:e9:86:e7:f3:65: 42:64:d7:40:fe:08:09:37:72:2c:67:fc:fd:4d:9a:21:03:33: bc:96:42:ac:cc:c0:cf:2c:b6:c8:a5:ee:3d:af:8c:41:1b:4f: 34:1e:c4:cd:c3:4c:8d:6b:b8:bc:36:86:34:2f:02:98:e7:5c: 90:d0:10:7d -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx NDE2MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI4RUE2NjY3NTM4MzlE RkE0NkM0MzUyODM0Q0EzQzlGQUFCMDhEQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDG6cpuj+sgXueamxui7tSVRHTg1r81Ht4Swqc3twausXkaQXM4 M0mSAR1E5Dw4dLpmEf4lKuujqIuCMhUTmaNklWJHW4IQkgzdsrK46o3SQU6jyfe5 cEa0qErCsqpLHxvJbepEcplOdK9mHiIggNJ4VRRL9ec8ph7hHN3OZ6BixyN++PMO aGk48gSNQoAB0V3+V5uI3XR0x3ReSykNE+PrHocRZVtD2uwtMq4V8XIhN2PyJ11L kl+Hz0x4lPGkUkSzzCySBFxaPiyCqbTk+G0XwuzTtjwxn0t47Xb13ZFJ0dPxCWsO nq9uI8upJd3VoSOawpxjANNvV4DGmMV4DH2lAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUKOpmZ1ODnfpGxDUoNMo8n6qwjbIwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9LT3BtWjFPRG5mcEd4RFVvTk1v OG42cXdqYkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDjIE4 MA0GCSqGSIb3DQEBCwUAA4IBAQAQwwbTHqQSC2YfMb22vU73So+u0s1JsWxtYVZB UcKjce2Lo4UvgiE2k7BG0mnrB8+4LIoYuVI3x/KL0BUGQfSQ2L6f5mfz9prrlTmN azgDZupAf5rymT56VHA8fhlVB3VRKkEfhq8npLuiKerg/dGUOtSZ5hYRtTNyCsXV GKppY1hKEmeFvLUdJ5WyalnpidNhiTCURrblwrMusWmyHVqkb3uLEmaIXEtqWtut 9H7yuETjWkiTpRiXdoPbw8q4m/bt6Ybn82VCZNdA/ggJN3IsZ/z9TZohAzO8lkKs zMDPLLbIpe49r4xBG080HsTNw0yNa7i8NoY0LwKY51yQ0BB9 -----END CERTIFICATE-----Generated at Wed Apr 16 04:39:13 2025 by rpki-client