$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/5Cj0lHFWPOmCJwd5ORjZlRBI7f0.roa File: 5Cj0lHFWPOmCJwd5ORjZlRBI7f0.roa (raw, json) Hash identifier: p7e24jZCCW65IWPQH9N6RiEJkMJKMgvhu0uKhReIMKo= Subject key identifier: E4:28:F4:94:71:56:3C:E9:82:27:07:79:39:18:D9:95:10:48:ED:FD Certificate issuer: /CN=1D92BE0ACF9887B1A8192875CFE732238DE322A9 Certificate serial: 0C71 Authority key identifier: 1D:92:BE:0A:CF:98:87:B1:A8:19:28:75:CF:E7:32:23:8D:E3:22:A9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/5Cj0lHFWPOmCJwd5ORjZlRBI7f0.roa Signing time: Mon 10 Feb 2025 14:02:11 +0000 ROA not before: Mon 10 Feb 2025 14:02:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9916 IP address blocks: 2001:f18::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 18:17:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3185 (0xc71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1D92BE0ACF9887B1A8192875CFE732238DE322A9 Validity Not Before: Feb 10 14:02:11 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E428F49471563CE9822707793918D9951048EDFD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:09:c6:c1:46:80:5a:8b:34:79:94:f9:88:7d: ce:19:ee:bf:c6:3b:95:dc:3c:a0:28:b8:9b:75:3e: 9f:4c:a6:a2:c2:6c:f6:5c:ab:80:a8:b9:e0:8b:88: 68:ec:7d:cd:eb:96:ef:b3:92:2e:c0:c3:3f:a8:c0: a4:00:84:87:10:2d:fc:d0:7a:52:4e:fc:06:b1:85: d8:e5:9b:ac:65:d2:95:ac:0f:d1:37:48:01:dd:0b: 2d:74:bb:5e:15:3f:49:f0:39:98:59:ed:cc:67:85: e7:55:a9:b6:cc:3b:5f:c0:61:31:cc:3f:4c:36:fa: 1c:6f:e0:97:37:03:fc:65:67:be:66:c6:38:8a:85: 36:16:54:10:24:06:db:4a:6d:af:21:9a:34:28:14: 62:6c:1b:4c:e8:fe:90:32:bf:af:9b:bf:3d:67:5d: 46:ae:10:94:1f:e4:15:85:fa:ed:dd:86:18:55:fb: a1:bf:8b:34:2b:15:e6:67:3a:76:a9:69:12:38:6c: 26:5c:17:91:a4:16:7a:1b:f2:ac:28:7a:27:97:2d: ab:4b:87:1f:ae:77:c2:bb:0f:0c:05:5c:ef:c3:cd: c7:4d:4a:a7:b4:4d:f6:ba:32:0e:92:17:c2:b7:a0: 43:1e:a3:34:f3:71:eb:eb:6e:e6:7b:44:00:f7:d1: ab:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:28:F4:94:71:56:3C:E9:82:27:07:79:39:18:D9:95:10:48:ED:FD X509v3 Authority Key Identifier: keyid:1D:92:BE:0A:CF:98:87:B1:A8:19:28:75:CF:E7:32:23:8D:E3:22:A9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HZK-Cs-Yh7GoGSh1z-cyI43jIqk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNCTU/5Cj0lHFWPOmCJwd5ORjZlRBI7f0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:f18::/32 Signature Algorithm: sha256WithRSAEncryption b8:06:ea:e3:e9:99:63:10:c6:f5:f2:fd:e5:19:eb:88:f1:c6: 47:df:d1:8e:55:21:9a:23:e8:4f:53:9d:78:c7:08:9b:b0:af: 75:4c:f8:64:de:36:9f:ca:63:ad:a1:e2:3e:e4:ff:75:43:2e: b7:82:73:2e:27:58:d3:a1:6c:ef:8b:4b:f2:fb:14:1d:69:65: 11:62:0b:b7:6e:47:4d:a7:8a:e8:91:d2:1f:8a:b9:4b:72:c1: e7:7e:20:57:8e:30:49:e6:52:de:eb:59:bf:71:75:49:00:42: 56:fc:e2:db:6e:0d:62:4c:a2:18:7c:fe:03:e3:23:69:2e:6c: 80:62:e8:6d:9b:47:ed:e6:05:4f:ff:c4:0d:c5:72:e1:14:d8: 8c:4a:f6:67:a0:66:49:39:58:2e:ec:a4:8a:51:d2:c3:3f:35: 65:81:c0:f4:fb:42:53:70:62:ae:b6:2f:ef:9f:59:6b:c9:f7: 51:2c:71:9b:52:e5:29:d2:1b:57:c6:74:d8:92:9c:fc:de:07: 42:31:ca:35:cd:c7:10:c8:e7:dd:d7:4e:e4:38:8b:76:cf:3a: 7f:c0:61:01:9b:06:1c:9e:5e:6b:7d:67:85:85:60:9f:8d:0f: 35:75:24:2b:75:1d:04:a3:0e:b9:9e:d7:35:2e:f5:14:bd:42: a3:11:e7:96 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICDHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUQ5 MkJFMEFDRjk4ODdCMUE4MTkyODc1Q0ZFNzMyMjM4REUzMjJBOTAeFw0yNTAyMTAx NDAyMTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEU0MjhGNDk0NzE1NjND RTk4MjI3MDc3OTM5MThEOTk1MTA0OEVERkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDACcbBRoBaizR5lPmIfc4Z7r/GO5XcPKAouJt1Pp9MpqLCbPZc q4CoueCLiGjsfc3rlu+zki7Awz+owKQAhIcQLfzQelJO/Aaxhdjlm6xl0pWsD9E3 SAHdCy10u14VP0nwOZhZ7cxnhedVqbbMO1/AYTHMP0w2+hxv4Jc3A/xlZ75mxjiK hTYWVBAkBttKba8hmjQoFGJsG0zo/pAyv6+bvz1nXUauEJQf5BWF+u3dhhhV+6G/ izQrFeZnOnapaRI4bCZcF5GkFnob8qwoeieXLatLhx+ud8K7DwwFXO/DzcdNSqe0 Tfa6Mg6SF8K3oEMeozTzcevrbuZ7RAD30asXAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQU5Cj0lHFWPOmCJwd5ORjZlRBI7f0wHwYDVR0jBBgwFoAUHZK+Cs+Yh7GoGSh1 z+cyI43jIqkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOQ1RV L0haSy1Dcy1ZaDdHb0dTaDF6LWN5STQzaklxay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSFpLLUNzLVloN0dvR1NoMXotY3lJNDNqSXFrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOQ1RVLzVDajBsSEZXUE9tQ0p3ZDVP UmpabFJCSTdmMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAg AQ8YMA0GCSqGSIb3DQEBCwUAA4IBAQC4Burj6ZljEMb18v3lGeuI8cZH39GOVSGa I+hPU514xwibsK91TPhk3jafymOtoeI+5P91Qy63gnMuJ1jToWzvi0vy+xQdaWUR Ygu3bkdNp4rokdIfirlLcsHnfiBXjjBJ5lLe61m/cXVJAEJW/OLbbg1iTKIYfP4D 4yNpLmyAYuhtm0ft5gVP/8QNxXLhFNiMSvZnoGZJOVgu7KSKUdLDPzVlgcD0+0JT cGKuti/vn1lryfdRLHGbUuUp0htXxnTYkpz83gdCMco1zccQyOfd107kOIt2zzp/ wGEBmwYcnl5rfWeFhWCfjQ81dSQrdR0Eow65ntc1LvUUvUKjEeeW -----END CERTIFICATE-----Generated at Fri Apr 18 16:51:37 2025 by rpki-client