$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/zKmNRqsGMiMbd0qEa7cCND3jOr0.roa File: zKmNRqsGMiMbd0qEa7cCND3jOr0.roa (raw, json) Hash identifier: 8OvWtYKf2e/wYj1W3zNJXz77pbvz06OJyh0zBDxA+Hc= Subject key identifier: CC:A9:8D:46:AB:06:32:23:1B:77:4A:84:6B:B7:02:34:3D:E3:3A:BD Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0E7F Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/zKmNRqsGMiMbd0qEa7cCND3jOr0.roa Signing time: Mon 10 Feb 2025 14:16:26 +0000 ROA not before: Mon 10 Feb 2025 14:16:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9264 IP address blocks: 140.109.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 05:08:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3711 (0xe7f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Feb 10 14:16:26 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CCA98D46AB0632231B774A846BB702343DE33ABD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:df:d0:cd:f4:bd:79:7b:77:35:07:be:2d:70: ab:d5:cb:58:5f:46:43:5b:2f:f9:83:6b:a2:73:44: b4:bb:61:58:d3:1a:24:d1:eb:15:12:7c:b0:74:90: be:c9:22:d4:13:11:44:27:2f:d7:e1:15:86:b2:64: 17:67:2c:00:92:eb:fe:08:6f:94:12:51:28:19:82: a8:8b:12:db:3d:79:5f:82:9c:ce:f2:70:46:c0:51: d9:f6:67:6a:e7:54:a5:a0:3c:c5:6e:38:0c:32:a7: 64:7d:79:d8:7e:81:94:e1:a7:18:88:bb:f4:79:a8: 45:45:ae:8b:68:0a:39:9f:76:6f:f6:e1:50:7e:d6: 7f:6c:d8:19:02:e7:26:a5:9f:67:4a:4e:05:36:da: a0:bb:cb:83:fb:02:e2:dd:19:c0:dd:c8:fe:bf:e7: 8a:ba:d9:65:7f:58:15:e9:bc:71:15:c3:c7:ff:4e: b8:d6:fa:80:8e:d1:b0:5f:94:64:71:a1:06:f4:45: 0c:75:2e:40:2c:61:9d:62:0a:93:92:f5:34:46:73: ef:33:58:54:47:2c:24:40:79:5f:14:0f:57:a1:95: 7a:01:1d:f3:bc:31:37:ad:a0:8d:0d:24:a0:08:8f: 9a:b2:ad:d4:a2:cb:6b:b0:fa:9e:5d:b5:c8:2e:e0: cf:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:A9:8D:46:AB:06:32:23:1B:77:4A:84:6B:B7:02:34:3D:E3:3A:BD X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/zKmNRqsGMiMbd0qEa7cCND3jOr0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.109.0.0/16 Signature Algorithm: sha256WithRSAEncryption 99:53:b4:47:63:56:1f:59:fa:bb:68:b6:f6:0f:92:91:cb:32: 1c:8a:61:92:15:d8:1d:d6:82:63:d9:9b:35:7b:78:34:82:7f: 30:c8:63:d8:20:a6:e3:90:d2:90:a2:08:7e:e7:31:0e:b4:85: b9:07:bd:d7:29:26:95:13:6c:9c:f0:9a:83:79:de:2b:5c:11: a0:ec:f8:fe:1f:46:ae:9b:5c:6d:7b:4a:64:1a:d7:26:4a:79: cf:24:e6:c3:92:51:fb:fa:54:d5:62:11:71:69:5c:d0:e0:88: 47:df:c6:2e:46:2f:c9:9b:46:00:50:31:01:f6:b4:57:fe:0a: 86:7d:f6:3a:a5:1b:e6:39:e0:f6:96:4b:f8:9b:63:b3:41:74: 3e:59:a1:86:dd:d9:26:77:60:ac:fd:22:05:85:41:15:5b:70: b8:f1:35:2a:99:77:8d:d3:b8:54:6e:0a:d6:21:77:e8:70:bf: 25:b3:7f:4e:f4:45:a3:d8:57:4b:40:c1:3b:47:a9:13:08:56: 54:5b:c3:41:82:14:0c:6d:a4:cf:02:50:76:64:d3:66:1a:23: fa:40:4d:c2:b4:37:28:e9:24:81:b0:2d:a1:07:d4:25:86:8f: a6:25:fe:7c:9c:b7:7f:c6:aa:16:87:ea:ce:52:03:c2:60:d0: b3:97:2f:c9 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDn8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx NDE2MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENDQTk4RDQ2QUIwNjMy MjMxQjc3NEE4NDZCQjcwMjM0M0RFMzNBQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC439DN9L15e3c1B74tcKvVy1hfRkNbL/mDa6JzRLS7YVjTGiTR 6xUSfLB0kL7JItQTEUQnL9fhFYayZBdnLACS6/4Ib5QSUSgZgqiLEts9eV+CnM7y cEbAUdn2Z2rnVKWgPMVuOAwyp2R9edh+gZThpxiIu/R5qEVFrotoCjmfdm/24VB+ 1n9s2BkC5yaln2dKTgU22qC7y4P7AuLdGcDdyP6/54q62WV/WBXpvHEVw8f/TrjW +oCO0bBflGRxoQb0RQx1LkAsYZ1iCpOS9TRGc+8zWFRHLCRAeV8UD1ehlXoBHfO8 MTetoI0NJKAIj5qyrdSiy2uw+p5dtcgu4M9TAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUzKmNRqsGMiMbd0qEa7cCND3jOr0wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC96S21OUnFzR01pTWJkMHFFYTdj Q05EM2pPcjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjG0w DQYJKoZIhvcNAQELBQADggEBAJlTtEdjVh9Z+rtotvYPkpHLMhyKYZIV2B3WgmPZ mzV7eDSCfzDIY9ggpuOQ0pCiCH7nMQ60hbkHvdcpJpUTbJzwmoN53itcEaDs+P4f Rq6bXG17SmQa1yZKec8k5sOSUfv6VNViEXFpXNDgiEffxi5GL8mbRgBQMQH2tFf+ CoZ99jqlG+Y54PaWS/ibY7NBdD5ZoYbd2SZ3YKz9IgWFQRVbcLjxNSqZd43TuFRu CtYhd+hwvyWzf070RaPYV0tAwTtHqRMIVlRbw0GCFAxtpM8CUHZk02YaI/pATcK0 NyjpJIGwLaEH1CWGj6Yl/nyct3/GqhaH6s5SA8Jg0LOXL8k= -----END CERTIFICATE-----Generated at Wed Apr 16 04:39:13 2025 by rpki-client