$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/iSLhi5lcGevrresGm09sVOKRk88.roa File: iSLhi5lcGevrresGm09sVOKRk88.roa (raw, json) Hash identifier: +ikscN/u1nUrZbVNH2pXF//Q6P/CKONVbVexBUfXPQ0= Subject key identifier: 89:22:E1:8B:99:5C:19:EB:EB:AD:EB:06:9B:4F:6C:54:E2:91:93:CF Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0E76 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/iSLhi5lcGevrresGm09sVOKRk88.roa Signing time: Mon 10 Feb 2025 14:16:23 +0000 ROA not before: Mon 10 Feb 2025 14:16:23 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9916 IP address blocks: 140.129.64.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:26:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3702 (0xe76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 10 14:16:23 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8922E18B995C19EBEBADEB069B4F6C54E29193CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:02:26:7f:0c:0f:71:68:f3:8b:c9:42:23:97: 88:02:9c:bd:74:37:ca:85:f0:51:46:7a:21:03:42: 70:47:5c:3e:23:ea:1e:7d:91:2f:14:6e:b7:6b:f1: c5:11:fb:ef:d4:d3:bb:ad:c6:3e:b2:a8:0f:f3:ba: 19:76:7e:30:d3:81:11:9d:81:68:a1:94:92:b4:22: 1b:34:ee:68:9f:12:02:83:35:f0:f6:01:6e:e9:80: 09:54:8a:6c:9d:85:ec:44:16:56:9a:95:59:46:df: 80:21:b5:eb:88:8a:ad:b1:29:52:ce:5e:ab:b4:54: e4:0a:b2:4d:19:c6:52:07:15:cf:b1:c7:0f:d8:bb: fe:f5:21:16:72:17:5e:84:60:3d:27:ae:3f:7a:2b: 36:65:d1:f9:1c:99:ce:22:c4:f9:10:2f:9f:35:3e: 31:87:4e:8f:c3:24:47:86:9b:09:42:94:f9:87:b4: 25:c2:54:07:dd:77:a6:70:1a:ef:ce:14:d2:ff:4e: 00:24:e4:b6:4b:a3:a2:40:82:84:0d:ea:74:d3:6e: 32:27:43:3d:83:ab:dd:08:d5:3a:9e:22:fe:2b:81: 70:b3:b6:8d:19:a6:f5:7f:ff:60:61:06:15:31:1e: 21:e6:29:c1:08:d6:f4:16:9f:c4:ae:b8:bd:84:83: 03:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:22:E1:8B:99:5C:19:EB:EB:AD:EB:06:9B:4F:6C:54:E2:91:93:CF X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/iSLhi5lcGevrresGm09sVOKRk88.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.129.64.0/20 Signature Algorithm: sha256WithRSAEncryption 8b:5d:ee:2e:d2:f8:81:19:03:1e:7f:67:0e:3c:de:55:0c:ea: bd:dd:81:3c:67:e2:c8:15:0f:a7:84:30:c2:a3:08:a7:af:21: 4d:0a:5f:d0:16:99:21:b3:fe:8d:81:37:1f:a9:65:78:49:5c: 84:16:8c:88:59:9a:db:ce:eb:17:a1:80:69:87:10:96:82:f7: 77:0a:a7:44:89:f5:f0:9a:d9:e5:46:00:38:8e:89:c1:29:f5: 83:1c:59:42:ff:67:0a:1e:a2:ca:a2:c3:4a:fb:41:33:4f:85: 78:66:5e:14:f6:84:c4:44:01:12:a1:b9:7a:2d:64:21:c6:bb: d3:e0:8d:eb:db:2d:6b:11:24:0f:2f:9a:f7:95:53:10:c6:dd: fc:7a:02:15:63:a3:54:ac:07:2a:84:7e:59:d1:80:7c:fe:88: b8:8a:29:80:39:b2:70:ce:cb:c6:07:bd:97:41:ac:90:18:fd: 3d:59:56:28:df:fc:06:34:47:60:f7:0f:2a:40:ea:a6:9f:2c: 83:4c:26:db:a5:68:2b:12:8e:c7:14:d2:7a:cc:4d:05:d3:bf: 24:5e:82:8a:5b:61:88:af:e3:54:ca:82:70:9d:e2:50:56:f5: f8:ac:81:0a:d0:a4:14:bc:40:60:ee:c1:fa:50:0f:ca:93:e6: 8b:52:a2:56 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx NDE2MjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5MjJFMThCOTk1QzE5 RUJFQkFERUIwNjlCNEY2QzU0RTI5MTkzQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiAiZ/DA9xaPOLyUIjl4gCnL10N8qF8FFGeiEDQnBHXD4j6h59 kS8Ubrdr8cUR++/U07utxj6yqA/zuhl2fjDTgRGdgWihlJK0Ihs07mifEgKDNfD2 AW7pgAlUimydhexEFlaalVlG34AhteuIiq2xKVLOXqu0VOQKsk0ZxlIHFc+xxw/Y u/71IRZyF16EYD0nrj96KzZl0fkcmc4ixPkQL581PjGHTo/DJEeGmwlClPmHtCXC VAfdd6ZwGu/OFNL/TgAk5LZLo6JAgoQN6nTTbjInQz2Dq90I1TqeIv4rgXCzto0Z pvV//2BhBhUxHiHmKcEI1vQWn8SuuL2EgwOxAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUiSLhi5lcGevrresGm09sVOKRk88wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9pU0xoaTVsY0dldnJyZXNHbTA5 c1ZPS1JrODgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEjIFA MA0GCSqGSIb3DQEBCwUAA4IBAQCLXe4u0viBGQMef2cOPN5VDOq93YE8Z+LIFQ+n hDDCowinryFNCl/QFpkhs/6NgTcfqWV4SVyEFoyIWZrbzusXoYBphxCWgvd3CqdE ifXwmtnlRgA4jonBKfWDHFlC/2cKHqLKosNK+0EzT4V4Zl4U9oTERAESobl6LWQh xrvT4I3r2y1rESQPL5r3lVMQxt38egIVY6NUrAcqhH5Z0YB8/oi4iimAObJwzsvG B72XQayQGP09WVYo3/wGNEdg9w8qQOqmnyyDTCbbpWgrEo7HFNJ6zE0F078kXoKK W2GIr+NUyoJwneJQVvX4rIEK0KQUvEBg7sH6UA/Kk+aLUqJW -----END CERTIFICATE-----Generated at Wed Feb 19 22:02:24 2025 by rpki-client