$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/l-3oP9S5tgvmRo7x6BNoXPfTDSs.roa File: l-3oP9S5tgvmRo7x6BNoXPfTDSs.roa (raw, json) Hash identifier: pEHfgg8O9b6uYYWhK/AJAZCXk6RR0ckZeRICgAg2V/c= Subject key identifier: 97:ED:E8:3F:D4:B9:B6:0B:E6:46:8E:F1:E8:13:68:5C:F7:D3:0D:2B Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3533 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/l-3oP9S5tgvmRo7x6BNoXPfTDSs.roa Signing time: Mon 10 Feb 2025 13:53:07 +0000 ROA not before: Mon 10 Feb 2025 13:53:07 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38841 IP address blocks: 118.233.176.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13619 (0x3533) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Feb 10 13:53:07 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=97EDE83FD4B9B60BE6468EF1E813685CF7D30D2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:40:23:79:6a:cb:d6:73:49:58:50:8e:79:a7: f9:e1:f2:a5:e0:71:59:a1:d8:5a:51:96:c2:31:47: 04:10:d9:d3:0d:c2:2b:4c:67:6d:c7:f6:24:a3:8c: f2:cf:0f:74:53:81:32:b7:0e:b5:89:31:4e:07:d0: 38:5c:d1:19:c4:f4:92:6e:2e:6d:d2:7d:60:3b:82: f2:5d:df:3c:4e:f0:06:3a:98:e1:8b:14:14:90:a5: 39:9c:3f:a8:62:78:2e:4b:3e:02:5c:d3:9a:40:84: 3f:a4:1d:d9:b0:7c:01:57:55:74:95:06:09:87:69: 70:51:28:86:d2:18:a3:38:8a:b0:b9:99:e7:fd:a6: fb:c2:ff:d0:f6:65:18:e5:0c:36:91:5f:da:d5:f0: 1c:19:a6:60:67:96:ad:1f:12:8f:b1:6e:c1:09:47: 66:28:1a:2f:51:06:ea:c3:de:85:16:06:01:a4:c5: f3:95:ff:7d:52:9b:39:da:5b:aa:b5:49:29:28:ae: 83:7d:2a:d6:9f:7f:eb:4e:78:f5:a2:3d:b5:72:c3: e4:7d:12:0b:f8:7e:7c:f0:fd:a4:37:cb:b5:d9:1d: 33:f7:b5:b7:31:28:fb:6d:07:20:29:56:31:1c:e1: 1a:fd:cf:cb:d5:e4:11:77:66:1a:fd:b2:1d:44:f3: 1e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:ED:E8:3F:D4:B9:B6:0B:E6:46:8E:F1:E8:13:68:5C:F7:D3:0D:2B X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/l-3oP9S5tgvmRo7x6BNoXPfTDSs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.233.176.0/23 Signature Algorithm: sha256WithRSAEncryption 2c:40:42:17:ba:0e:3c:fb:90:b5:00:df:2a:65:88:2a:cc:17: bd:8b:0e:42:76:a3:01:18:b3:a6:1b:ee:84:93:d7:ba:64:c9: fb:1d:90:80:bd:17:69:8f:36:b9:0d:d8:b5:eb:ec:e0:c8:83: 88:9d:74:41:83:f9:1f:e6:1d:56:1b:b3:56:b9:52:67:cb:df: 2a:2f:6e:e1:ad:42:82:ca:06:49:f5:32:a6:8c:65:57:00:98: ac:cf:7f:77:43:80:8d:66:18:ea:9e:0c:06:81:cc:3f:5f:34: d2:1e:1c:a1:2d:84:38:3a:29:83:ab:2e:2f:d3:e9:78:1d:95: 04:c4:33:d6:d5:6c:f3:f3:56:33:47:d4:04:68:92:9a:be:bb: 76:50:9c:e6:19:79:5c:3c:9e:8e:e0:d2:3d:2f:74:16:23:14: 6b:50:83:77:e7:ef:72:7b:18:c7:a2:3d:e3:e8:f0:c9:81:3b: e6:96:a9:03:6e:8d:84:b3:7d:83:b3:ee:83:05:f2:99:af:cd: 44:08:f7:ef:af:a4:fb:4b:9a:b6:e7:b8:1f:67:34:40:82:71: 6f:25:8e:c0:2b:29:3d:53:2a:bc:67:39:c0:19:a6:a6:8b:7c: f1:50:77:d1:68:62:e6:01:4f:63:ff:03:52:41:b1:00:f0:dd: fa:55:aa:82 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICNTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTAyMTAx MzUzMDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk3RURFODNGRDRCOUI2 MEJFNjQ2OEVGMUU4MTM2ODVDRjdEMzBEMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjQCN5asvWc0lYUI55p/nh8qXgcVmh2FpRlsIxRwQQ2dMNwitM Z23H9iSjjPLPD3RTgTK3DrWJMU4H0Dhc0RnE9JJuLm3SfWA7gvJd3zxO8AY6mOGL FBSQpTmcP6hieC5LPgJc05pAhD+kHdmwfAFXVXSVBgmHaXBRKIbSGKM4irC5mef9 pvvC/9D2ZRjlDDaRX9rV8BwZpmBnlq0fEo+xbsEJR2YoGi9RBurD3oUWBgGkxfOV /31SmznaW6q1SSkoroN9Ktaff+tOePWiPbVyw+R9Egv4fnzw/aQ3y7XZHTP3tbcx KPttByApVjEc4Rr9z8vV5BF3Zhr9sh1E8x7xAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUl+3oP9S5tgvmRo7x6BNoXPfTDSswHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2wtM29QOVM1dGd2bVJvN3g2 Qk5vWFBmVERTcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAF2 6bAwDQYJKoZIhvcNAQELBQADggEBACxAQhe6Djz7kLUA3ypliCrMF72LDkJ2owEY s6Yb7oST17pkyfsdkIC9F2mPNrkN2LXr7ODIg4iddEGD+R/mHVYbs1a5UmfL3yov buGtQoLKBkn1MqaMZVcAmKzPf3dDgI1mGOqeDAaBzD9fNNIeHKEthDg6KYOrLi/T 6XgdlQTEM9bVbPPzVjNH1ARokpq+u3ZQnOYZeVw8no7g0j0vdBYjFGtQg3fn73J7 GMeiPePo8MmBO+aWqQNujYSzfYOz7oMF8pmvzUQI9++vpPtLmrbnuB9nNECCcW8l jsArKT1TKrxnOcAZpqaLfPFQd9FoYuYBT2P/A1JBsQDw3fpVqoI= -----END CERTIFICATE-----Generated at Wed Feb 19 22:00:37 2025 by rpki-client