$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/oNkP3UCvZp3bVLi1t6hMyiWkJNo.roa File: oNkP3UCvZp3bVLi1t6hMyiWkJNo.roa (raw, json) Hash identifier: 4N/UmwOk4BJCL17nReeSjxyH9NvfJoIzF8VnKPKhNcI= Subject key identifier: A0:D9:0F:DD:40:AF:66:9D:DB:54:B8:B5:B7:A8:4C:CA:25:A4:24:DA Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0F32 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/oNkP3UCvZp3bVLi1t6hMyiWkJNo.roa Signing time: Tue 25 Feb 2025 00:18:42 +0000 ROA not before: Tue 25 Feb 2025 00:18:42 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18047 IP address blocks: 140.114.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 10:06:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3890 (0xf32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 25 00:18:42 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A0D90FDD40AF669DDB54B8B5B7A84CCA25A424DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:96:33:ca:6f:b6:c7:09:9b:aa:da:70:4e:4f: 17:d1:ab:dd:72:bd:26:b9:f6:8c:e7:70:be:30:40: 54:f7:20:34:19:e3:b1:4f:e9:26:f8:c6:36:3e:cd: 7f:96:b3:27:68:9c:2e:3b:20:5c:25:9a:ea:62:ce: c8:52:10:43:6f:47:9e:ee:29:d7:cf:5b:05:53:86: 27:65:8b:21:fd:a9:e0:36:96:46:d4:56:bc:f0:a8: b6:58:ed:05:7a:f4:fc:46:9e:b2:d3:1e:eb:79:1d: 74:f6:de:6a:10:fc:29:43:a0:24:1c:e5:82:80:93: a7:c2:b3:71:5e:ae:65:7f:a3:14:50:0a:f8:e7:8c: 62:a3:90:b8:2c:f4:40:b0:58:70:f6:92:e8:0f:00: 0f:1c:93:a7:12:29:ca:91:5d:36:f9:3e:83:8d:57: 39:f1:1f:0c:38:fe:f9:6a:c1:7b:d7:7e:97:42:c5: af:bc:83:c6:3d:5b:23:e1:96:22:70:48:ca:85:6a: 7d:29:99:ab:9b:f1:48:19:34:56:e4:97:3b:95:c9: f9:8b:79:af:35:60:0b:c4:12:97:2d:95:9b:cd:f7: 13:40:dc:4e:88:a1:b0:0f:a0:7e:9b:01:56:54:a0: fe:39:da:25:f6:65:7b:3e:02:cf:99:03:4e:89:7e: a4:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:D9:0F:DD:40:AF:66:9D:DB:54:B8:B5:B7:A8:4C:CA:25:A4:24:DA X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/oNkP3UCvZp3bVLi1t6hMyiWkJNo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.114.0.0/16 Signature Algorithm: sha256WithRSAEncryption 2d:65:07:66:53:87:74:9e:2a:8f:5d:ad:3d:0a:8f:a3:81:15: 50:e0:d5:bd:7d:38:da:01:a9:92:f4:05:36:f0:47:d4:a5:2e: c5:49:01:3d:8f:98:1f:0a:ff:13:69:11:52:12:30:f7:7c:7a: cb:90:54:6b:63:23:c2:c6:f7:f2:b4:c2:72:bf:62:0d:48:32: 6b:f8:b8:93:02:44:42:61:35:ba:47:3f:65:8d:9a:ed:59:42: 2f:ca:ca:9d:05:9d:78:78:fb:d3:9b:15:7f:f9:c7:71:d0:7d: 1a:d7:50:ce:84:8b:5c:cc:f0:86:01:09:cf:65:47:8d:04:cb: 10:1c:48:da:da:68:21:c7:e4:48:c9:9c:5c:ee:51:40:c1:2e: 1e:4f:12:b1:79:2e:01:51:4e:59:57:91:12:13:62:36:c9:99: 6f:06:84:44:78:59:59:77:7a:2c:01:c7:2e:2a:3d:b1:78:0a: dc:61:ed:3e:ab:80:1d:8a:51:68:6a:84:4e:71:37:0c:f2:80: d2:46:d1:7d:3a:a0:98:7a:91:f4:0e:2c:e6:25:be:95:d4:fb: 33:2c:62:67:50:2a:c3:72:1d:40:6d:2b:12:65:68:6b:d5:d4: df:78:2e:1b:cf:ac:36:58:4f:bd:99:89:97:9a:81:51:ca:2f: 5a:8e:b0:d4 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDzIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMjUw MDE4NDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEwRDkwRkRENDBBRjY2 OUREQjU0QjhCNUI3QTg0Q0NBMjVBNDI0REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbljPKb7bHCZuq2nBOTxfRq91yvSa59ozncL4wQFT3IDQZ47FP 6Sb4xjY+zX+WsydonC47IFwlmupizshSEENvR57uKdfPWwVThidliyH9qeA2lkbU VrzwqLZY7QV69PxGnrLTHut5HXT23moQ/ClDoCQc5YKAk6fCs3FermV/oxRQCvjn jGKjkLgs9ECwWHD2kugPAA8ck6cSKcqRXTb5PoONVznxHww4/vlqwXvXfpdCxa+8 g8Y9WyPhliJwSMqFan0pmaub8UgZNFbklzuVyfmLea81YAvEEpctlZvN9xNA3E6I obAPoH6bAVZUoP452iX2ZXs+As+ZA06JfqRfAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUoNkP3UCvZp3bVLi1t6hMyiWkJNowHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9vTmtQM1VDdlpwM2JWTGkxdDZo TXlpV2tKTm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHIw DQYJKoZIhvcNAQELBQADggEBAC1lB2ZTh3SeKo9drT0Kj6OBFVDg1b19ONoBqZL0 BTbwR9SlLsVJAT2PmB8K/xNpEVISMPd8esuQVGtjI8LG9/K0wnK/Yg1IMmv4uJMC REJhNbpHP2WNmu1ZQi/Kyp0FnXh4+9ObFX/5x3HQfRrXUM6Ei1zM8IYBCc9lR40E yxAcSNraaCHH5EjJnFzuUUDBLh5PErF5LgFRTllXkRITYjbJmW8GhER4WVl3eiwB xy4qPbF4Ctxh7T6rgB2KUWhqhE5xNwzygNJG0X06oJh6kfQOLOYlvpXU+zMsYmdQ KsNyHUBtKxJlaGvV1N94LhvPrDZYT72ZiZeagVHKL1qOsNQ= -----END CERTIFICATE-----Generated at Mon Apr 7 09:12:36 2025 by rpki-client