$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hxpAa28sYUyaN2MoZ9Nxt0fpSRk.roa File: hxpAa28sYUyaN2MoZ9Nxt0fpSRk.roa (raw, json) Hash identifier: c50f8u5wwAxVZZyXM3tyIzclObg9SD4D/BX/+O5Jxxk= Subject key identifier: 87:1A:40:6B:6F:2C:61:4C:9A:37:63:28:67:D3:71:B7:47:E9:49:19 Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3582 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hxpAa28sYUyaN2MoZ9Nxt0fpSRk.roa Signing time: Mon 10 Feb 2025 13:53:24 +0000 ROA not before: Mon 10 Feb 2025 13:53:24 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38841 IP address blocks: 123.195.20.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13698 (0x3582) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Feb 10 13:53:24 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=871A406B6F2C614C9A37632867D371B747E94919 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:e3:b7:d2:06:f4:ce:62:a9:b7:d2:c5:7e:0c: b6:00:32:35:e0:61:a7:1e:1c:fb:2f:4d:e5:df:18: 17:1f:dd:a5:a3:78:1c:b2:bb:ab:4f:c7:b3:f4:1f: b2:1d:5b:4c:4f:83:66:49:00:45:8e:b7:09:cf:82: 21:71:75:b8:74:32:de:c2:39:00:f9:33:c9:f6:97: 90:b1:c8:42:e2:c5:12:64:b3:06:03:55:2e:8e:10: be:a4:d0:c0:e8:7c:f0:e1:0b:72:75:3b:45:9d:aa: 62:59:c8:95:92:17:b4:06:6c:2e:df:78:05:2f:3f: 29:07:71:67:ef:48:cc:d1:27:b0:cd:30:9a:4e:ea: d1:8c:1d:c3:09:7f:14:55:2a:f4:11:02:ff:a6:02: 05:a1:ce:09:7f:5f:52:c7:7f:4a:34:06:2f:81:40: 75:64:5e:9e:08:91:c0:cc:25:7b:05:e3:e1:c1:3e: f8:9a:df:66:cd:8d:64:28:f3:69:fd:7d:9e:18:06: 3e:77:d0:ab:64:40:03:09:c5:4d:67:04:44:6a:e1: 31:b4:08:62:dd:8d:c7:d5:ba:5b:c8:57:76:bf:d9: 87:1e:36:fb:aa:5c:b5:f7:c5:ba:bb:19:25:7a:b7: 05:48:83:d7:e5:a6:67:87:c7:8e:5b:36:90:c9:28: 97:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:1A:40:6B:6F:2C:61:4C:9A:37:63:28:67:D3:71:B7:47:E9:49:19 X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hxpAa28sYUyaN2MoZ9Nxt0fpSRk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.195.20.0/22 Signature Algorithm: sha256WithRSAEncryption ac:f3:5d:21:e8:d0:c6:bb:8b:8f:46:f6:7b:9e:4a:aa:2b:f7: 82:0e:3b:5f:a6:3d:3a:03:c5:2f:f5:03:65:65:25:d9:8a:60: 5d:e4:95:7a:62:9b:61:f3:34:85:33:26:ef:c7:20:e8:a9:53: c8:e2:50:e3:d8:2c:4d:f9:83:ee:7c:33:f0:b4:3a:d1:ab:ca: f0:6b:07:dc:19:cf:31:d3:9b:11:32:6c:e5:a2:77:9a:2a:38: bc:fd:cb:85:2d:58:1e:35:1a:5f:90:ef:4c:f2:db:4f:9e:0f: 90:c5:30:3a:48:e3:48:01:c7:37:e6:1c:22:c6:6d:ef:de:fb: 31:25:4b:9e:80:d9:4d:d5:0d:4f:79:74:88:9a:86:94:be:9b: 00:19:c0:a2:8d:e4:38:18:bb:d1:59:e4:f4:b8:bc:af:e0:0d: d3:65:fd:5b:82:96:67:9c:f3:ec:67:09:3e:01:66:3e:cd:b0: c8:69:d8:ca:1a:90:c3:51:e2:8d:fb:6e:cb:8f:ba:8e:a6:24: f3:dc:59:67:b8:91:26:9f:c3:b1:8a:95:c9:d2:78:18:0f:da: cf:3c:ec:d7:c4:19:2a:e0:08:3c:eb:4d:84:89:5d:3a:57:2e: e1:a3:1a:ff:12:cb:9f:94:44:07:de:bc:4a:24:a4:11:9c:23: 1b:6d:0b:e0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICNYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTAyMTAx MzUzMjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg3MUE0MDZCNkYyQzYx NEM5QTM3NjMyODY3RDM3MUI3NDdFOTQ5MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDG47fSBvTOYqm30sV+DLYAMjXgYaceHPsvTeXfGBcf3aWjeByy u6tPx7P0H7IdW0xPg2ZJAEWOtwnPgiFxdbh0Mt7COQD5M8n2l5CxyELixRJkswYD VS6OEL6k0MDofPDhC3J1O0WdqmJZyJWSF7QGbC7feAUvPykHcWfvSMzRJ7DNMJpO 6tGMHcMJfxRVKvQRAv+mAgWhzgl/X1LHf0o0Bi+BQHVkXp4IkcDMJXsF4+HBPvia 32bNjWQo82n9fZ4YBj530KtkQAMJxU1nBERq4TG0CGLdjcfVulvIV3a/2YceNvuq XLX3xbq7GSV6twVIg9flpmeHx45bNpDJKJeRAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUhxpAa28sYUyaN2MoZ9Nxt0fpSRkwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2h4cEFhMjhzWVV5YU4yTW9a OU54dDBmcFNSay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7 wxQwDQYJKoZIhvcNAQELBQADggEBAKzzXSHo0Ma7i49G9nueSqor94IOO1+mPToD xS/1A2VlJdmKYF3klXpim2HzNIUzJu/HIOipU8jiUOPYLE35g+58M/C0OtGryvBr B9wZzzHTmxEybOWid5oqOLz9y4UtWB41Gl+Q70zy20+eD5DFMDpI40gBxzfmHCLG be/e+zElS56A2U3VDU95dIiahpS+mwAZwKKN5DgYu9FZ5PS4vK/gDdNl/VuClmec 8+xnCT4BZj7NsMhp2MoakMNR4o37bsuPuo6mJPPcWWe4kSafw7GKlcnSeBgP2s88 7NfEGSrgCDzrTYSJXTpXLuGjGv8Sy5+URAfevEokpBGcIxttC+A= -----END CERTIFICATE-----Generated at Wed Feb 19 21:58:35 2025 by rpki-client