$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/w1hqoYuVI7YhBtlEAfc4ViJ1ZUk.roa File: w1hqoYuVI7YhBtlEAfc4ViJ1ZUk.roa (raw, json) Hash identifier: pw1szmjskhsoerf3tBdT9CPLjMEJuScrYn1tEFRTy20= Subject key identifier: C3:58:6A:A1:8B:95:23:B6:21:06:D9:44:01:F7:38:56:22:75:65:49 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0E72 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/w1hqoYuVI7YhBtlEAfc4ViJ1ZUk.roa Signing time: Mon 10 Feb 2025 14:16:22 +0000 ROA not before: Mon 10 Feb 2025 14:16:22 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 1659 IP address blocks: 140.128.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 05:08:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3698 (0xe72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 10 14:16:22 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C3586AA18B9523B62106D94401F7385622756549 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:21:17:bb:34:7d:b6:7c:b4:4f:2d:49:c0:3c: 22:42:3e:a0:8c:a1:8d:44:43:9a:60:0e:09:a7:6b: 46:cd:b8:3d:36:88:69:c9:ce:d4:b1:b8:32:0f:6f: ca:c4:7f:6f:0d:8a:26:73:37:c3:e2:b7:68:c9:de: 99:aa:89:e2:04:a8:db:40:a9:12:6a:d8:83:92:38: 4e:6f:f3:fe:d0:06:59:ba:de:f0:75:ba:97:cb:39: 00:8f:9a:79:20:94:a5:ff:43:3a:d5:03:7d:d0:0d: 2c:0e:ec:dc:6b:d1:55:d9:f7:fe:a4:d4:c7:55:fa: f7:4a:a5:e1:13:ba:24:1b:11:29:bf:55:77:fe:55: 45:63:d6:9c:18:6d:60:95:b3:3f:40:c1:f4:f4:f3: cb:3a:59:f9:53:f3:90:17:00:f3:28:15:73:97:8e: ec:42:47:f5:44:01:77:3f:48:1f:a9:28:fb:c5:6b: a4:74:8a:bb:6f:62:36:40:71:76:ec:65:73:4e:a5: ce:d7:d3:68:15:4f:df:a7:28:19:63:0f:64:90:dc: a2:ad:10:2d:3e:1e:1d:6c:d9:71:1d:bb:35:ee:45: 68:04:65:08:46:78:0a:45:ac:e6:c1:33:50:43:0a: 3e:c7:ef:a9:e9:17:95:55:35:ab:37:cd:81:7e:bf: 99:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:58:6A:A1:8B:95:23:B6:21:06:D9:44:01:F7:38:56:22:75:65:49 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/w1hqoYuVI7YhBtlEAfc4ViJ1ZUk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.128.0.0/16 Signature Algorithm: sha256WithRSAEncryption 13:9d:39:9e:b2:bd:8b:62:5b:f4:fa:ca:68:06:01:d7:be:ad: 43:3d:96:00:b0:ae:db:10:03:b6:ba:8a:da:aa:b3:a7:08:9a: 98:aa:19:28:3d:d3:78:41:48:a8:4d:7b:79:b3:b6:04:0b:94: 68:1c:a3:8f:07:56:99:9e:57:0d:a0:56:f4:8a:94:59:5f:55: e9:ef:e5:1d:66:cd:d8:f8:b0:f4:6a:63:fb:38:4d:a2:ca:6b: f8:10:11:92:a7:44:17:1d:51:c9:1d:04:82:47:14:7b:c5:a6: 6b:85:6f:c4:bd:ba:46:b4:c1:6f:38:a9:b0:46:ae:a6:09:65: 3d:06:cc:c4:36:f6:2e:3f:ac:f0:da:71:b8:f6:5c:1f:dc:e8: 9c:06:a4:9a:95:23:ff:6c:c0:ff:71:c9:ae:55:43:46:05:1a: 12:ca:5c:af:ed:52:b4:a4:9d:1c:f7:5e:03:d4:9b:72:54:f4: 4f:44:03:9d:67:cc:1a:4e:1b:54:b8:1f:2e:a4:bc:2f:ae:de: c2:64:56:06:68:b3:88:f0:e9:5d:f1:e4:e9:4b:4e:20:c4:9c: 9c:d6:58:0f:30:34:c8:05:1f:3a:b6:89:f0:58:02:a9:76:31: bd:96:1f:ad:a3:ea:22:7d:1f:40:a2:41:04:8c:c0:3e:2f:8d: 56:98:76:90 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx NDE2MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMzNTg2QUExOEI5NTIz QjYyMTA2RDk0NDAxRjczODU2MjI3NTY1NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzIRe7NH22fLRPLUnAPCJCPqCMoY1EQ5pgDgmna0bNuD02iGnJ ztSxuDIPb8rEf28NiiZzN8Pit2jJ3pmqieIEqNtAqRJq2IOSOE5v8/7QBlm63vB1 upfLOQCPmnkglKX/QzrVA33QDSwO7Nxr0VXZ9/6k1MdV+vdKpeETuiQbESm/VXf+ VUVj1pwYbWCVsz9AwfT088s6WflT85AXAPMoFXOXjuxCR/VEAXc/SB+pKPvFa6R0 irtvYjZAcXbsZXNOpc7X02gVT9+nKBljD2SQ3KKtEC0+Hh1s2XEduzXuRWgEZQhG eApFrObBM1BDCj7H76npF5VVNas3zYF+v5mLAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUw1hqoYuVI7YhBtlEAfc4ViJ1ZUkwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC93MWhxb1l1Vkk3WWhCdGxFQWZj NFZpSjFaVWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjIAw DQYJKoZIhvcNAQELBQADggEBABOdOZ6yvYtiW/T6ymgGAde+rUM9lgCwrtsQA7a6 itqqs6cImpiqGSg903hBSKhNe3mztgQLlGgco48HVpmeVw2gVvSKlFlfVenv5R1m zdj4sPRqY/s4TaLKa/gQEZKnRBcdUckdBIJHFHvFpmuFb8S9uka0wW84qbBGrqYJ ZT0GzMQ29i4/rPDacbj2XB/c6JwGpJqVI/9swP9xya5VQ0YFGhLKXK/tUrSknRz3 XgPUm3JU9E9EA51nzBpOG1S4Hy6kvC+u3sJkVgZos4jw6V3x5OlLTiDEnJzWWA8w NMgFHzq2ifBYAql2Mb2WH62j6iJ9H0CiQQSMwD4vjVaYdpA= -----END CERTIFICATE-----Generated at Wed Apr 16 04:38:20 2025 by rpki-client