$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa File: 0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa (raw, json) Hash identifier: 24D4mx/uH5LvCFZuHi9VL8FD4fAuH87qD+r4s8KSvsc= Subject key identifier: D1:00:4D:F0:DD:E0:59:E1:9F:3C:3D:4C:CC:B3:66:4C:13:9E:DD:D9 Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0CD2 Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa Signing time: Mon 10 Feb 2025 13:49:21 +0000 ROA not before: Mon 10 Feb 2025 13:49:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 5065 IP address blocks: 103.129.144.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 02:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3282 (0xcd2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Feb 10 13:49:21 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D1004DF0DDE059E19F3C3D4CCCB3664C139EDDD9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:11:46:14:f2:0b:97:ae:d0:a2:57:a0:d6:b7: 9c:2c:a7:d2:7d:5f:82:00:4f:d7:64:b4:ef:ab:4b: 44:0b:4e:b4:8f:d0:c7:a6:d4:dd:5d:6c:aa:b7:cc: 5a:20:fe:a7:50:6a:b4:73:b0:1b:7d:98:6d:79:08: 50:41:76:a9:18:27:6c:68:e6:80:76:f1:43:41:fb: 62:e9:df:d8:09:01:dc:04:f8:82:8c:f6:d7:a1:a4: 3b:0d:f0:c2:2c:b3:8f:16:05:23:97:43:6d:9c:ab: a8:3d:6a:d7:0c:71:1b:63:ef:45:6b:03:d1:ec:af: 4e:e1:2b:0e:fd:5d:ee:7f:d3:5a:6f:dc:da:d8:b9: 6f:9a:e2:4d:1b:4a:47:23:fe:cb:ac:22:fb:2e:50: 5a:a3:8f:9d:84:e8:37:fa:21:34:5f:45:84:06:97: 3f:0a:72:92:a6:2c:43:5b:4f:7d:89:82:1e:aa:45: c9:e3:bc:ac:62:a5:d7:a0:2f:3b:c7:86:d5:de:23: 07:51:13:ba:73:de:7f:ef:ad:6b:10:d5:34:14:9c: 1a:e4:d7:93:a3:bf:5a:e1:e6:3a:8c:40:0c:2f:99: 1c:f7:f7:13:65:e5:68:0b:2f:46:f2:76:da:ec:3e: ff:47:58:bc:99:42:1b:23:53:d5:af:d6:b4:4a:ac: 3d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:00:4D:F0:DD:E0:59:E1:9F:3C:3D:4C:CC:B3:66:4C:13:9E:DD:D9 X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.129.144.0/24 Signature Algorithm: sha256WithRSAEncryption 82:11:86:36:54:ef:94:cb:e7:f9:ae:1a:db:6d:47:6b:f8:50: c2:6d:28:86:f1:0d:da:78:de:92:60:28:0a:3d:63:1e:01:c9: f4:b8:72:4f:b8:5d:18:31:e7:09:c6:23:36:6e:d8:f3:52:31: d8:69:02:f2:5d:94:3d:e9:9e:85:f7:17:d1:59:1e:e7:2f:df: dd:37:5b:d4:39:a1:17:2d:a0:a5:05:c4:6d:70:67:14:f2:2d: 29:84:57:bc:54:0f:a1:f1:a0:79:a4:04:d2:2f:4e:c1:9f:67: b6:5b:d3:9a:eb:11:12:49:41:18:c6:95:34:b5:df:89:99:59: da:f7:c0:21:2c:e7:c4:32:b2:5a:09:ed:f8:e2:75:35:31:16: 4c:41:26:3a:d4:16:52:63:4f:de:36:b6:46:19:81:bd:bd:bf: 76:e0:77:ab:c1:a5:06:04:0e:36:7d:98:1b:eb:f9:04:7c:10: 62:ef:c6:7b:a9:04:67:30:f2:cd:31:bf:dd:90:66:43:3a:e0: e1:12:7e:10:e5:29:f6:74:74:ac:c6:b5:e7:5d:72:e5:83:d8: 0b:e5:08:d6:47:eb:2b:a0:22:87:e9:81:e5:72:db:0b:1c:18: ae:97:b6:19:7e:11:77:f1:72:0b:97:b9:39:72:02:02:5f:1a: f5:19:f7:e9 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTAyMTAx MzQ5MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQxMDA0REYwRERFMDU5 RTE5RjNDM0Q0Q0NDQjM2NjRDMTM5RURERDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDyEUYU8guXrtCiV6DWt5wsp9J9X4IAT9dktO+rS0QLTrSP0Mem 1N1dbKq3zFog/qdQarRzsBt9mG15CFBBdqkYJ2xo5oB28UNB+2Lp39gJAdwE+IKM 9tehpDsN8MIss48WBSOXQ22cq6g9atcMcRtj70VrA9Hsr07hKw79Xe5/01pv3NrY uW+a4k0bSkcj/susIvsuUFqjj52E6Df6ITRfRYQGlz8KcpKmLENbT32Jgh6qRcnj vKxipdegLzvHhtXeIwdRE7pz3n/vrWsQ1TQUnBrk15Ojv1rh5jqMQAwvmRz39xNl 5WgLL0bydtrsPv9HWLyZQhsjU9Wv1rRKrD1XAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU0QBN8N3gWeGfPD1MzLNmTBOe3dkwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzBRQk44TjNnV2VHZlBEMU16TE5tVEJP ZTNkay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZAwDQYJ KoZIhvcNAQELBQADggEBAIIRhjZU75TL5/muGtttR2v4UMJtKIbxDdp43pJgKAo9 Yx4ByfS4ck+4XRgx5wnGIzZu2PNSMdhpAvJdlD3pnoX3F9FZHucv3903W9Q5oRct oKUFxG1wZxTyLSmEV7xUD6HxoHmkBNIvTsGfZ7Zb05rrERJJQRjGlTS134mZWdr3 wCEs58QysloJ7fjidTUxFkxBJjrUFlJjT942tkYZgb29v3bgd6vBpQYEDjZ9mBvr +QR8EGLvxnupBGcw8s0xv92QZkM64OESfhDlKfZ0dKzGteddcuWD2AvlCNZH6yug IofpgeVy2wscGK6Xthl+EXfxcguXuTlyAgJfGvUZ9+k= -----END CERTIFICATE-----Generated at Mon Apr 7 01:55:20 2025 by rpki-client