$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/SqAd_WWqCvLitxQX9HhuW4apPHE.roa File: SqAd_WWqCvLitxQX9HhuW4apPHE.roa (raw, json) Hash identifier: r/FqwUr9RUEs4MtbDSruM+JNLR79BKlBElo6Oe0Cit0= Subject key identifier: 4A:A0:1D:FD:65:AA:0A:F2:E2:B7:14:17:F4:78:6E:5B:86:A9:3C:71 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0EFE Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/SqAd_WWqCvLitxQX9HhuW4apPHE.roa Signing time: Tue 18 Feb 2025 07:51:44 +0000 ROA not before: Tue 18 Feb 2025 07:51:44 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17713 IP address blocks: 140.133.32.0/19 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 10:06:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3838 (0xefe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 18 07:51:44 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4AA01DFD65AA0AF2E2B71417F4786E5B86A93C71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:f5:a5:f7:58:6c:10:17:6b:4f:3d:79:3d:ee: 9f:be:2d:1c:23:94:a0:43:a9:fd:65:1d:ea:85:a0: c8:69:e7:7e:3e:c0:45:a4:5a:b6:e4:76:3b:ea:0a: 6c:ef:b4:f8:5b:5c:66:e8:c3:f8:24:be:c7:5a:ac: 7d:5c:ab:7e:80:c4:a1:3d:c6:60:ae:a1:06:1d:b2: 0b:c0:78:3c:3f:8d:c7:20:00:73:e1:9c:fa:dc:b0: 13:69:d5:ac:89:8e:cc:45:65:50:93:53:e3:96:9a: 1e:1e:60:cf:43:c2:e2:3e:d5:4c:45:12:1f:bb:e7: 2f:ef:9a:f5:03:3f:5a:8d:5f:c4:11:0f:25:6f:2b: f6:3f:a5:06:40:bd:5d:fa:e3:86:af:51:99:0a:76: 34:65:6e:14:9c:31:7c:ba:4d:70:bf:a7:38:89:22: 64:eb:de:c9:1b:2b:6c:76:33:7b:3a:fe:90:d2:e6: c4:02:c7:47:02:fb:0f:3c:56:bf:e1:dd:1a:ff:0d: f3:4b:92:b6:a7:5b:17:74:7b:c4:f6:cd:f9:27:78: 5b:0a:a9:1a:79:f9:4a:19:12:7e:4d:88:39:ee:eb: bd:a5:ae:74:8c:9f:1b:57:37:04:fe:0a:a5:8f:be: a2:49:0c:f2:c2:92:ab:92:d5:41:cd:9b:10:c4:70: a1:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:A0:1D:FD:65:AA:0A:F2:E2:B7:14:17:F4:78:6E:5B:86:A9:3C:71 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/SqAd_WWqCvLitxQX9HhuW4apPHE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.133.32.0/19 Signature Algorithm: sha256WithRSAEncryption 7e:4a:f2:4f:29:5c:ef:eb:af:7d:3e:3f:c5:90:22:1e:30:86: 00:c2:22:ef:5e:0d:9f:e0:6c:e4:ef:2b:ec:b3:20:71:99:47: 16:95:4a:e9:bb:d4:82:4f:1b:c0:88:6e:ca:9c:58:4d:41:3f: 4b:fd:dd:b5:43:64:1f:33:5e:c3:05:3b:d7:1d:9b:7b:60:d4: 3f:24:ec:25:8e:38:dc:6f:71:ed:b1:6b:19:70:72:cf:ef:1a: 74:34:88:30:d9:79:f0:2a:f8:d3:07:b1:b5:95:fb:46:1b:d7: fa:0c:b2:b6:22:eb:fa:f9:53:d0:f5:ed:65:a7:8c:9c:b8:45: 31:02:d5:e1:88:f9:ed:c9:3a:de:fc:ed:62:7c:52:00:af:21: 8b:24:6a:fc:03:c6:86:cc:dc:b8:16:f4:92:8d:83:bc:3e:03: 3a:46:bc:7e:71:83:22:6b:2e:a1:c3:b4:ef:ec:a4:d6:3d:45: 2a:41:3a:a8:71:f6:a7:f7:59:62:ba:fc:01:f0:8f:1d:f0:15: 82:3f:d4:9f:be:84:e3:0d:28:0c:db:54:7b:f9:67:57:fd:15: 37:c4:c1:e2:31:58:1a:dc:77:4b:2a:3d:10:ee:20:b9:3f:b2: 53:fc:bb:48:60:88:61:a1:6b:61:43:37:c8:5e:b2:d2:ad:d2: f7:e2:f1:50 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTgw NzUxNDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRBQTAxREZENjVBQTBB RjJFMkI3MTQxN0Y0Nzg2RTVCODZBOTNDNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDR9aX3WGwQF2tPPXk97p++LRwjlKBDqf1lHeqFoMhp534+wEWk WrbkdjvqCmzvtPhbXGbow/gkvsdarH1cq36AxKE9xmCuoQYdsgvAeDw/jccgAHPh nPrcsBNp1ayJjsxFZVCTU+OWmh4eYM9DwuI+1UxFEh+75y/vmvUDP1qNX8QRDyVv K/Y/pQZAvV3644avUZkKdjRlbhScMXy6TXC/pziJImTr3skbK2x2M3s6/pDS5sQC x0cC+w88Vr/h3Rr/DfNLkranWxd0e8T2zfkneFsKqRp5+UoZEn5NiDnu672lrnSM nxtXNwT+CqWPvqJJDPLCkquS1UHNmxDEcKETAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUSqAd/WWqCvLitxQX9HhuW4apPHEwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9TcUFkX1dXcUN2TGl0eFFYOUho dVc0YXBQSEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFjIUg MA0GCSqGSIb3DQEBCwUAA4IBAQB+SvJPKVzv6699Pj/FkCIeMIYAwiLvXg2f4Gzk 7yvssyBxmUcWlUrpu9SCTxvAiG7KnFhNQT9L/d21Q2QfM17DBTvXHZt7YNQ/JOwl jjjcb3HtsWsZcHLP7xp0NIgw2XnwKvjTB7G1lftGG9f6DLK2Iuv6+VPQ9e1lp4yc uEUxAtXhiPntyTre/O1ifFIAryGLJGr8A8aGzNy4FvSSjYO8PgM6Rrx+cYMiay6h w7Tv7KTWPUUqQTqocfan91liuvwB8I8d8BWCP9SfvoTjDSgM21R7+WdX/RU3xMHi MVga3HdLKj0Q7iC5P7JT/LtIYIhhoWthQzfIXrLSrdL34vFQ -----END CERTIFICATE-----Generated at Mon Apr 7 08:45:56 2025 by rpki-client