$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/9wLcRw6CnXQTS3Izy7GOk3bmSKQ.roa File: 9wLcRw6CnXQTS3Izy7GOk3bmSKQ.roa (raw, json) Hash identifier: zN1IyloxmyaS4UxP+CgPG6Dq7VB0am8NhiL6LICiE8I= Subject key identifier: F7:02:DC:47:0E:82:9D:74:13:4B:72:33:CB:B1:8E:93:76:E6:48:A4 Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 35AD Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/9wLcRw6CnXQTS3Izy7GOk3bmSKQ.roa Signing time: Mon 10 Feb 2025 13:53:35 +0000 ROA not before: Mon 10 Feb 2025 13:53:35 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38841 IP address blocks: 123.195.150.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13741 (0x35ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Feb 10 13:53:35 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=F702DC470E829D74134B7233CBB18E9376E648A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:9c:1e:3f:85:40:f4:6b:dd:29:2c:d8:14:1b: 48:8c:1e:f6:24:3f:3e:3f:38:ed:4e:e3:90:28:e5: c4:36:21:9c:95:aa:a2:d8:ce:fe:ee:8a:f4:4e:0e: 4b:23:04:eb:9b:2e:e7:b1:5a:71:01:a6:f8:33:3d: 2d:02:47:e2:3d:7f:ba:2c:17:98:1b:c9:d1:c3:ae: a9:41:cb:d9:ce:c5:bc:96:27:a8:fd:a3:fb:10:a2: da:b6:96:98:db:16:88:c1:2b:3e:70:0f:ef:ca:0e: cf:d4:45:6f:f1:7e:f6:b2:a1:53:0a:f5:e7:4b:29: 25:5e:56:af:37:f4:24:77:a8:77:45:68:43:f8:e6: aa:17:39:70:1b:bb:0b:b2:78:5b:64:c5:df:a3:24: 89:95:bf:82:45:6c:a1:27:61:40:ab:94:d2:a9:3e: 50:e8:f2:84:9e:9e:60:7e:b8:1a:45:c3:8a:73:03: 44:3a:55:3c:3a:3f:32:cd:ef:59:92:3a:b2:e4:bf: b1:79:2e:4c:79:e0:0c:07:80:d1:f8:1f:3b:8e:f7: 8c:13:4c:3c:ba:f7:1b:97:d0:30:9c:e6:85:fd:50: 7d:8d:e4:d0:c4:7b:25:40:a5:d9:03:b8:3c:58:07: 3b:33:25:5b:45:74:58:c0:c4:04:db:b7:2b:4d:01: a0:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:02:DC:47:0E:82:9D:74:13:4B:72:33:CB:B1:8E:93:76:E6:48:A4 X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/9wLcRw6CnXQTS3Izy7GOk3bmSKQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.195.150.0/24 Signature Algorithm: sha256WithRSAEncryption 76:51:46:12:97:45:7e:1a:ec:72:9e:bc:27:6f:d3:a7:8f:bf: ef:f0:c7:80:b5:5f:bd:3b:e7:ee:1c:e4:9a:25:45:e3:d6:a2: f3:69:a8:ca:9e:7f:73:77:56:7b:ad:e9:4b:da:59:f2:83:d3: a0:a4:3a:e3:a0:e4:49:e3:02:cf:92:ef:e3:7b:09:01:54:27: 91:78:e7:7a:1c:0d:4e:ac:ed:9d:7c:be:27:8e:03:fc:1e:5b: 56:5f:e8:50:7c:da:75:6c:b7:9f:40:40:46:fa:83:35:85:80: d0:52:15:10:e3:f1:93:56:c3:5f:d1:19:4a:57:14:c6:34:2f: 5c:da:2b:9b:ca:d7:86:bf:73:17:3f:51:a7:ed:64:bd:8d:a5: b6:bb:2e:a5:1a:ad:8a:08:e3:5b:8f:bf:ef:7b:8e:7f:ca:e8: 3a:d7:f1:a7:fa:a6:d6:f4:8a:be:45:ae:8e:d0:68:95:f1:39: 7d:a4:34:f3:9b:48:d7:98:ea:e5:f0:c3:f3:05:f8:04:9c:e5: a3:23:ee:b1:c1:d1:af:b9:0d:b5:be:ed:ac:e6:88:c3:37:1b: c1:b1:88:07:ea:cf:86:b9:6f:32:4d:ae:7b:bb:6c:2d:d8:af: 5c:d8:a3:83:93:9b:19:02:f9:49:97:bf:a8:75:71:c3:ea:34: 7b:d4:27:15 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICNa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTAyMTAx MzUzMzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY3MDJEQzQ3MEU4MjlE NzQxMzRCNzIzM0NCQjE4RTkzNzZFNjQ4QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4nB4/hUD0a90pLNgUG0iMHvYkPz4/OO1O45Ao5cQ2IZyVqqLY zv7uivRODksjBOubLuexWnEBpvgzPS0CR+I9f7osF5gbydHDrqlBy9nOxbyWJ6j9 o/sQotq2lpjbFojBKz5wD+/KDs/URW/xfvayoVMK9edLKSVeVq839CR3qHdFaEP4 5qoXOXAbuwuyeFtkxd+jJImVv4JFbKEnYUCrlNKpPlDo8oSenmB+uBpFw4pzA0Q6 VTw6PzLN71mSOrLkv7F5Lkx54AwHgNH4HzuO94wTTDy69xuX0DCc5oX9UH2N5NDE eyVApdkDuDxYBzszJVtFdFjAxATbtytNAaD1AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU9wLcRw6CnXQTS3Izy7GOk3bmSKQwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzl3TGNSdzZDblhRVFMzSXp5 N0dPazNibVNLUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB7 w5YwDQYJKoZIhvcNAQELBQADggEBAHZRRhKXRX4a7HKevCdv06ePv+/wx4C1X707 5+4c5JolRePWovNpqMqef3N3Vnut6UvaWfKD06CkOuOg5EnjAs+S7+N7CQFUJ5F4 53ocDU6s7Z18vieOA/weW1Zf6FB82nVst59AQEb6gzWFgNBSFRDj8ZNWw1/RGUpX FMY0L1zaK5vK14a/cxc/UaftZL2Npba7LqUarYoI41uPv+97jn/K6DrX8af6ptb0 ir5Fro7QaJXxOX2kNPObSNeY6uXww/MF+ASc5aMj7rHB0a+5DbW+7azmiMM3G8Gx iAfqz4a5bzJNrnu7bC3Yr1zYo4OTmxkC+UmXv6h1ccPqNHvUJxU= -----END CERTIFICATE-----Generated at Wed Feb 19 21:58:03 2025 by rpki-client