$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/Y6Au06HGgYpXuNHgjf36sLWv-kg.roa File: Y6Au06HGgYpXuNHgjf36sLWv-kg.roa (raw, json) Hash identifier: MflbpmMzl7dCiLZ1z4sTf/8mnqhF3ZlnhF0SvzJuXzQ= Subject key identifier: 63:A0:2E:D3:A1:C6:81:8A:57:B8:D1:E0:8D:FD:FA:B0:B5:AF:FA:48 Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0CD5 Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/Y6Au06HGgYpXuNHgjf36sLWv-kg.roa Signing time: Mon 10 Feb 2025 13:49:21 +0000 ROA not before: Mon 10 Feb 2025 13:49:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 20473 IP address blocks: 2403:7f40:ff00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 13:06:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3285 (0xcd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Feb 10 13:49:21 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=63A02ED3A1C6818A57B8D1E08DFDFAB0B5AFFA48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:d9:72:9b:8a:cd:da:b3:74:f9:3d:7c:5f:36: bf:d3:0e:ea:c9:5a:8c:66:31:1e:10:00:62:7c:b8: 16:69:72:3f:64:9e:c7:01:d5:bb:29:85:b2:3e:65: e5:5a:20:9e:7a:dc:d0:02:05:c8:63:e4:c1:ed:47: a7:63:88:1c:de:ce:ab:58:cc:ed:55:26:e9:54:e2: 28:72:25:b3:ce:d6:cc:45:f3:07:42:38:bb:a7:69: 77:c6:e9:99:a1:d7:b5:35:38:85:36:94:6e:d7:51: 31:1f:0b:29:ea:df:d1:50:aa:bc:98:42:d8:0e:85: 63:5f:ee:dc:5d:4c:95:ce:1e:0b:4b:9c:1a:13:5b: b6:66:57:10:89:15:3e:ca:d5:e4:59:8d:07:c5:d7: 1b:84:2c:54:5b:4c:97:37:99:d1:fa:71:96:e2:80: c9:4f:26:7e:ed:aa:cb:eb:03:44:f6:bd:0f:23:55: 00:c9:ea:33:c2:8b:5e:d7:d8:14:b6:4c:1e:28:56: f7:65:6b:30:b5:75:a7:18:70:a5:21:4a:74:ef:87: 00:67:34:7b:51:a1:1d:bf:09:ab:52:aa:37:e3:8e: 9d:fb:ff:71:7f:50:77:6e:34:d5:a4:88:db:46:bd: 7c:81:9b:2f:bd:64:e7:6f:e4:c5:39:1b:72:14:3f: 59:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:A0:2E:D3:A1:C6:81:8A:57:B8:D1:E0:8D:FD:FA:B0:B5:AF:FA:48 X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/Y6Au06HGgYpXuNHgjf36sLWv-kg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:7f40:ff00::/48 Signature Algorithm: sha256WithRSAEncryption 17:02:22:93:b1:1f:44:fe:16:d5:58:64:3c:08:cc:f0:3d:76: cb:00:a8:92:b7:81:ad:47:e8:e8:d3:a7:79:19:0a:89:f5:8a: 3d:a4:82:70:6c:5d:92:c0:20:7b:05:75:8a:8c:4a:4e:a7:7f: ff:f2:11:5f:69:c8:0f:9a:75:01:cd:c9:37:7f:16:df:67:73: 02:c6:3e:f3:ab:83:b6:32:89:0c:1c:6e:60:71:a9:7a:1e:3c: cb:41:69:46:d5:4a:b3:19:a7:a0:54:68:77:07:a6:bc:a4:84: e3:8b:41:5b:3f:75:40:e7:6e:8f:11:a3:77:3f:e7:16:ae:89: 0c:41:83:37:cb:c4:d0:01:5a:a5:ae:6e:b9:f7:ad:2f:3c:df: 4e:d7:15:11:5a:6d:40:31:49:55:da:28:16:0d:a2:12:d9:61: 35:89:57:82:b6:4b:86:d6:ae:41:c2:cc:7f:67:d9:7f:31:f9: 85:79:28:e5:6b:da:d4:6c:3a:b5:7b:70:48:1b:d0:a0:fd:0e: 0c:28:bf:cd:fb:11:58:83:df:26:a9:b2:44:59:db:b7:b0:7e: 80:a0:0f:90:3d:52:5f:8e:f4:1b:e8:42:f4:9a:f1:3b:f3:cc: e9:ee:6e:20:19:f6:c6:63:2e:be:7a:22:b0:a7:ed:eb:e9:80: 8c:ad:e0:af -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDNUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTAyMTAx MzQ5MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYzQTAyRUQzQTFDNjgx OEE1N0I4RDFFMDhERkRGQUIwQjVBRkZBNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDc2XKbis3as3T5PXxfNr/TDurJWoxmMR4QAGJ8uBZpcj9knscB 1bsphbI+ZeVaIJ563NACBchj5MHtR6djiBzezqtYzO1VJulU4ihyJbPO1sxF8wdC OLunaXfG6Zmh17U1OIU2lG7XUTEfCynq39FQqryYQtgOhWNf7txdTJXOHgtLnBoT W7ZmVxCJFT7K1eRZjQfF1xuELFRbTJc3mdH6cZbigMlPJn7tqsvrA0T2vQ8jVQDJ 6jPCi17X2BS2TB4oVvdlazC1dacYcKUhSnTvhwBnNHtRoR2/CatSqjfjjp37/3F/ UHduNNWkiNtGvXyBmy+9ZOdv5MU5G3IUP1nzAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUY6Au06HGgYpXuNHgjf36sLWv+kgwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL1k2QXUwNkhHZ1lwWHVOSGdqZjM2c0xX di1rZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A/wAw DQYJKoZIhvcNAQELBQADggEBABcCIpOxH0T+FtVYZDwIzPA9dssAqJK3ga1H6OjT p3kZCon1ij2kgnBsXZLAIHsFdYqMSk6nf//yEV9pyA+adQHNyTd/Ft9ncwLGPvOr g7YyiQwcbmBxqXoePMtBaUbVSrMZp6BUaHcHprykhOOLQVs/dUDnbo8Ro3c/5xau iQxBgzfLxNABWqWubrn3rS88307XFRFabUAxSVXaKBYNohLZYTWJV4K2S4bWrkHC zH9n2X8x+YV5KOVr2tRsOrV7cEgb0KD9Dgwov837EViD3yapskRZ27ewfoCgD5A9 Ul+O9BvoQvSa8TvzzOnubiAZ9sZjLr56IrCn7evpgIyt4K8= -----END CERTIFICATE-----Generated at Sat Apr 5 12:05:01 2025 by rpki-client