$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/SXu5KV0NnbVW2WXbnOP2KETRNB8.roa File: SXu5KV0NnbVW2WXbnOP2KETRNB8.roa (raw, json) Hash identifier: Nfh/xJsIQh/DY5E4Af774INitFFnUGhdWMaxKWhVkbI= Subject key identifier: 49:7B:B9:29:5D:0D:9D:B5:56:D9:65:DB:9C:E3:F6:28:44:D1:34:1F Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3633 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/SXu5KV0NnbVW2WXbnOP2KETRNB8.roa Signing time: Mon 10 Feb 2025 13:54:05 +0000 ROA not before: Mon 10 Feb 2025 13:54:05 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38841 IP address blocks: 123.195.148.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13875 (0x3633) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Feb 10 13:54:05 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=497BB9295D0D9DB556D965DB9CE3F62844D1341F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:72:99:23:c9:b0:45:61:a4:c9:e8:a3:4d:f6: b5:f8:25:9b:98:cf:e1:4c:8a:d6:25:e0:33:0e:21: 79:a6:ba:96:b0:f1:bb:79:b8:63:2a:3a:06:50:21: 2a:dd:98:d2:9e:42:b8:43:ee:09:d5:89:61:d6:62: bd:a8:62:30:a0:7c:0b:40:15:18:bf:c2:90:1b:4d: 46:58:c7:11:98:24:da:c2:b4:be:d7:ff:74:2d:f1: 31:46:16:17:60:28:e1:19:fa:ad:b7:ce:99:c2:44: 57:df:8e:2b:05:76:06:d4:f1:94:82:45:f3:3a:49: 5f:0f:d8:ff:a2:57:7a:c5:41:c2:a8:64:7b:ce:8f: e1:67:dd:9f:4c:09:90:4c:0e:f7:78:c8:fc:f8:62: 83:db:f6:cd:6e:91:2b:0e:cf:a0:6a:11:00:c4:13: 99:8f:c4:b9:0b:0b:0d:58:a5:fe:9b:0f:bd:94:30: ce:bc:73:c4:1d:0a:56:ec:a9:c4:db:28:e7:df:77: bb:1a:1c:d6:c6:4f:08:b4:13:e3:a6:2f:fe:f5:f5: 92:bd:b9:27:9c:bb:ed:bd:53:82:f0:55:c2:aa:eb: 2f:6c:f1:82:be:18:31:bf:4a:c3:10:3f:4e:9f:62: 8f:10:77:14:9e:41:d7:9b:71:82:37:44:3f:d8:d5: ac:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:7B:B9:29:5D:0D:9D:B5:56:D9:65:DB:9C:E3:F6:28:44:D1:34:1F X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/SXu5KV0NnbVW2WXbnOP2KETRNB8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.195.148.0/22 Signature Algorithm: sha256WithRSAEncryption 83:50:03:cf:71:27:1b:b0:e3:fc:2e:6d:a5:e9:01:3a:e5:c7: e1:96:ae:2c:27:2d:6b:ce:3d:5b:65:b0:ec:04:7f:cb:d6:55: 24:52:b6:af:14:fb:11:d0:49:f6:c0:8d:41:4c:f3:88:85:d4: ee:ac:d2:cd:d1:ca:e7:c6:56:1c:a7:dc:55:8a:17:ac:6e:42: 93:89:42:3c:27:b9:2f:d3:73:6b:28:e7:6b:ac:6b:ce:32:8b: df:57:3c:cb:78:f9:80:23:16:d9:14:65:53:e5:6a:31:b2:e5: b0:ca:eb:e9:59:09:47:15:7b:c6:21:62:d1:cb:f6:76:65:ac: 14:92:3f:1e:c8:ec:8a:eb:7f:8b:6e:0e:ea:17:62:79:80:1c: 01:4a:ae:41:8b:c1:43:d1:23:e8:ea:3d:46:ab:cd:30:d9:15: 1d:c5:bd:31:96:0f:96:42:ba:14:41:00:b9:f6:94:12:02:4a: 08:6b:6c:f4:88:20:a2:17:5f:89:a3:5b:be:0d:99:e2:53:12: d0:57:8b:12:3e:2e:ce:4b:02:06:48:d6:9e:69:24:ea:cc:0e: 01:44:96:1a:3a:56:0f:b0:1c:ef:07:6c:24:d4:3e:79:53:89: bc:72:5d:ca:fe:06:a6:20:d4:00:a3:df:4f:1e:b5:69:d3:38: fd:7d:4a:42 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICNjMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTAyMTAx MzU0MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ5N0JCOTI5NUQwRDlE QjU1NkQ5NjVEQjlDRTNGNjI4NDREMTM0MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCscpkjybBFYaTJ6KNN9rX4JZuYz+FMitYl4DMOIXmmupaw8bt5 uGMqOgZQISrdmNKeQrhD7gnViWHWYr2oYjCgfAtAFRi/wpAbTUZYxxGYJNrCtL7X /3Qt8TFGFhdgKOEZ+q23zpnCRFffjisFdgbU8ZSCRfM6SV8P2P+iV3rFQcKoZHvO j+Fn3Z9MCZBMDvd4yPz4YoPb9s1ukSsOz6BqEQDEE5mPxLkLCw1Ypf6bD72UMM68 c8QdClbsqcTbKOffd7saHNbGTwi0E+OmL/719ZK9uSecu+29U4LwVcKq6y9s8YK+ GDG/SsMQP06fYo8QdxSeQdebcYI3RD/Y1ayPAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUSXu5KV0NnbVW2WXbnOP2KETRNB8wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1NYdTVLVjBObmJWVzJXWGJu T1AyS0VUUk5COC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7 w5QwDQYJKoZIhvcNAQELBQADggEBAINQA89xJxuw4/wubaXpATrlx+GWriwnLWvO PVtlsOwEf8vWVSRStq8U+xHQSfbAjUFM84iF1O6s0s3RyufGVhyn3FWKF6xuQpOJ QjwnuS/Tc2so52usa84yi99XPMt4+YAjFtkUZVPlajGy5bDK6+lZCUcVe8YhYtHL 9nZlrBSSPx7I7Irrf4tuDuoXYnmAHAFKrkGLwUPRI+jqPUarzTDZFR3FvTGWD5ZC uhRBALn2lBICSghrbPSIIKIXX4mjW74NmeJTEtBXixI+Ls5LAgZI1p5pJOrMDgFE lho6Vg+wHO8HbCTUPnlTibxyXcr+BqYg1ACj308etWnTOP19SkI= -----END CERTIFICATE-----Generated at Wed Feb 19 22:05:31 2025 by rpki-client