$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/oKZ1Hm6xxFr1DFtMlOwvDt8TLUk.roa File: oKZ1Hm6xxFr1DFtMlOwvDt8TLUk.roa (raw, json) Hash identifier: wL0alKVV/zRFBCmOjzOjYkjgrhSs8AReRZuA5uVcYOI= Subject key identifier: A0:A6:75:1E:6E:B1:C4:5A:F5:0C:5B:4C:94:EC:2F:0E:DF:13:2D:49 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0E8B Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/oKZ1Hm6xxFr1DFtMlOwvDt8TLUk.roa Signing time: Mon 10 Feb 2025 14:16:29 +0000 ROA not before: Mon 10 Feb 2025 14:16:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38845 IP address blocks: 140.136.0.0/16 maxlen: 18 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 05:08:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3723 (0xe8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 10 14:16:29 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A0A6751E6EB1C45AF50C5B4C94EC2F0EDF132D49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:04:ed:4a:08:e4:25:93:a5:df:bb:5d:a1:96: 56:1c:35:27:e5:54:17:5b:6c:2b:95:ff:e4:b5:24: 65:d5:20:41:03:e3:73:a4:dd:56:19:f1:4d:43:de: 34:0b:19:7d:0e:e2:8b:8c:72:f8:b0:14:3a:e9:af: 10:dd:f7:83:3a:be:97:58:1a:7c:0c:64:53:d1:dd: 25:17:f4:12:ad:d4:f5:42:31:ec:a8:2d:da:64:46: 1c:ca:54:e4:8a:a2:e7:4d:fb:32:f2:ef:63:cc:04: b2:aa:9b:36:f2:39:96:95:90:9c:b7:7c:14:60:43: a7:ce:02:88:33:5a:4b:68:08:4d:e2:6a:7d:27:25: c5:c8:a8:42:1d:dd:7e:a0:15:33:2c:a0:fb:a0:05: aa:64:8a:89:fc:c0:11:f5:dc:41:7d:8d:ff:9d:7f: 83:70:dc:a6:51:74:36:6c:02:f8:33:5a:0b:c2:48: 37:c1:7b:5e:a7:94:d9:8c:ab:c6:f3:44:f0:c9:f7: d0:8d:49:41:00:df:6a:9a:be:69:8f:96:ad:54:14: 18:04:b0:a0:75:09:80:0d:f6:11:cb:b5:ae:ee:de: 54:26:4f:22:8b:6c:92:6b:95:24:be:31:46:07:c6: 89:3b:73:a1:38:5c:8d:59:7f:3b:48:5e:3b:ab:ab: 36:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:A6:75:1E:6E:B1:C4:5A:F5:0C:5B:4C:94:EC:2F:0E:DF:13:2D:49 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/oKZ1Hm6xxFr1DFtMlOwvDt8TLUk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.136.0.0/16 Signature Algorithm: sha256WithRSAEncryption 7d:7f:0c:1a:1d:7a:63:85:2f:24:d9:9f:7b:95:4f:d5:48:38: d1:39:a4:93:a3:3e:fb:d4:01:d3:0b:5c:99:ca:f9:d2:4f:de: 68:4e:4d:f8:f4:b9:77:af:cd:e8:6e:9c:06:62:1b:85:b2:5e: bd:bd:37:9d:05:28:a2:74:b7:b6:cb:07:cf:8f:3d:ef:af:33: 0e:8f:d4:78:8a:bc:0a:91:d8:15:67:9d:e6:47:d5:7e:9e:eb: 5d:5c:11:29:2d:4e:45:08:63:2e:c3:96:28:48:f1:01:37:77: fe:69:0a:e3:74:8a:db:c0:85:cd:87:6e:80:93:b0:99:ce:d4: 04:97:12:ca:95:4e:57:47:d1:a2:cb:91:39:60:79:f1:1a:f2: 28:44:e3:73:10:a2:6d:3f:bc:b7:c7:4f:fa:00:c7:a7:40:0c: c8:a6:3b:0f:48:98:1f:c3:c2:62:fb:47:0f:61:0e:a8:8a:92: 0b:f2:02:40:25:ef:48:1e:b5:46:70:7c:ea:42:59:70:dc:83: d2:10:4c:42:b9:a4:e6:87:22:ec:7a:60:16:00:22:89:0a:e0: cb:d8:f7:61:e5:89:8e:2c:65:a5:4f:a3:59:c0:35:66:9a:63: a6:fe:3a:3b:90:ea:63:ad:1d:e7:26:a2:38:08:9b:18:7c:4e: b9:18:1f:36 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDoswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx NDE2MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEwQTY3NTFFNkVCMUM0 NUFGNTBDNUI0Qzk0RUMyRjBFREYxMzJENDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDpBO1KCOQlk6Xfu12hllYcNSflVBdbbCuV/+S1JGXVIEED43Ok 3VYZ8U1D3jQLGX0O4ouMcviwFDrprxDd94M6vpdYGnwMZFPR3SUX9BKt1PVCMeyo LdpkRhzKVOSKoudN+zLy72PMBLKqmzbyOZaVkJy3fBRgQ6fOAogzWktoCE3ian0n JcXIqEId3X6gFTMsoPugBapkion8wBH13EF9jf+df4Nw3KZRdDZsAvgzWgvCSDfB e16nlNmMq8bzRPDJ99CNSUEA32qavmmPlq1UFBgEsKB1CYAN9hHLta7u3lQmTyKL bJJrlSS+MUYHxok7c6E4XI1ZfztIXjurqzaPAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUoKZ1Hm6xxFr1DFtMlOwvDt8TLUkwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9vS1oxSG02eHhGcjFERnRNbE93 dkR0OFRMVWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjIgw DQYJKoZIhvcNAQELBQADggEBAH1/DBodemOFLyTZn3uVT9VIONE5pJOjPvvUAdML XJnK+dJP3mhOTfj0uXevzehunAZiG4WyXr29N50FKKJ0t7bLB8+PPe+vMw6P1HiK vAqR2BVnneZH1X6e611cESktTkUIYy7DlihI8QE3d/5pCuN0itvAhc2HboCTsJnO 1ASXEsqVTldH0aLLkTlgefEa8ihE43MQom0/vLfHT/oAx6dADMimOw9ImB/DwmL7 Rw9hDqiKkgvyAkAl70getUZwfOpCWXDcg9IQTEK5pOaHIux6YBYAIokK4MvY92Hl iY4sZaVPo1nANWaaY6b+OjuQ6mOtHecmojgImxh8TrkYHzY= -----END CERTIFICATE-----Generated at Wed Apr 16 04:40:07 2025 by rpki-client