$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/RFOc5BCmg7ll9DnYrZ1z-uqIdDg.roa File: RFOc5BCmg7ll9DnYrZ1z-uqIdDg.roa (raw, json) Hash identifier: dqRiPpFlZ61PYDWkDkWSiVTI6+zK2du+zXvOfUaahS8= Subject key identifier: 44:53:9C:E4:10:A6:83:B9:65:F4:39:D8:AD:9D:73:FA:EA:88:74:38 Certificate issuer: /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214 Certificate serial: 0CED Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/RFOc5BCmg7ll9DnYrZ1z-uqIdDg.roa Signing time: Mon 10 Feb 2025 13:50:56 +0000 ROA not before: Mon 10 Feb 2025 13:50:56 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18018 IP address blocks: 122.255.95.128/25 maxlen: 25 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 22:38:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3309 (0xced) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214 Validity Not Before: Feb 10 13:50:56 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=44539CE410A683B965F439D8AD9D73FAEA887438 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:4d:5f:bf:98:ef:27:9f:e5:e2:48:c6:39:99: ab:49:6c:54:74:68:e2:57:0f:f9:fa:57:21:3a:aa: 70:de:95:2d:89:a2:c7:34:60:8d:c2:7e:d9:f3:55: 29:93:50:ec:58:2e:30:0c:b6:e8:de:4d:9d:0e:87: 7c:8b:ae:d1:13:cc:25:37:9f:a9:e6:7c:22:08:0c: ca:0e:5d:b3:24:2e:bf:8b:38:c6:42:bc:0e:7d:28: 39:b6:15:4d:3a:5a:a7:0e:a1:04:5d:f5:c3:54:ff: c2:9d:cd:98:bd:b3:ac:35:35:f5:64:b3:0a:8a:de: 6f:88:0e:21:88:f1:ea:28:cb:2f:14:6e:a9:1e:85: 46:94:bd:75:e4:4a:3f:6c:cc:df:55:69:72:b4:c9: aa:c0:5b:5b:b6:07:08:03:fd:73:9a:62:67:59:42: 66:9d:f2:7d:e7:2b:c5:82:fc:e2:59:34:a8:1b:0f: 5e:4d:f5:39:57:68:36:91:5f:15:9d:64:96:ba:57: 0a:00:ef:2e:19:53:35:6e:54:97:f2:7a:68:90:ec: 4d:22:3b:f4:48:e6:b4:f7:64:17:af:34:b9:ab:2d: 34:98:59:9a:15:37:b1:3e:54:2e:58:d8:eb:54:ad: aa:0b:81:db:3f:2a:1c:bd:ae:aa:5c:a5:85:9e:50: 1a:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:53:9C:E4:10:A6:83:B9:65:F4:39:D8:AD:9D:73:FA:EA:88:74:38 X509v3 Authority Key Identifier: keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/RFOc5BCmg7ll9DnYrZ1z-uqIdDg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 122.255.95.128/25 Signature Algorithm: sha256WithRSAEncryption 70:06:63:06:fe:dd:7d:b4:72:27:40:ab:68:37:9a:d5:7f:96: d3:7c:9e:b1:46:7b:a7:2a:e9:32:fa:d5:5d:ed:3b:11:92:e4: 39:08:14:0e:95:6e:30:85:88:cd:41:ec:14:02:5c:fd:8f:9e: be:05:a6:c5:29:70:68:eb:d0:91:5b:b9:93:27:f0:07:04:0d: 1e:e3:6a:a0:a3:3a:de:92:65:1a:27:dc:8d:4b:d9:99:58:73: 0f:57:30:e9:0b:e3:a1:96:0b:e5:28:42:8d:de:57:0e:0e:78: c3:3a:9a:94:1b:3e:c7:19:ae:7f:db:5b:f9:e3:fb:d6:12:1a: 0d:75:0a:4c:f5:7f:6c:23:4f:0a:7b:ab:01:82:19:0b:7b:4d: 5a:35:72:c4:36:67:24:b1:cf:bb:38:91:7e:ac:43:ff:82:11: 10:be:2e:9c:70:b3:e4:87:d7:8e:fd:65:9c:ff:3a:19:4d:d8: fa:e9:c0:84:95:d1:e3:5a:06:e0:58:c0:f4:64:51:1c:06:e0: 64:87:9c:c3:13:1e:32:04:79:12:7f:d0:80:9e:87:08:fb:0f: 2d:77:08:16:18:97:7c:b9:24:ea:b2:4e:51:f3:5b:0b:c4:75: 4c:62:7f:c9:87:03:15:aa:d0:87:b7:91:25:ba:2e:c8:b2:af: 03:55:1c:b1 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICDO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yNTAyMTAx MzUwNTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ0NTM5Q0U0MTBBNjgz Qjk2NUY0MzlEOEFEOUQ3M0ZBRUE4ODc0MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5TV+/mO8nn+XiSMY5matJbFR0aOJXD/n6VyE6qnDelS2Josc0 YI3CftnzVSmTUOxYLjAMtujeTZ0Oh3yLrtETzCU3n6nmfCIIDMoOXbMkLr+LOMZC vA59KDm2FU06WqcOoQRd9cNU/8KdzZi9s6w1NfVkswqK3m+IDiGI8eooyy8Ubqke hUaUvXXkSj9szN9VaXK0yarAW1u2BwgD/XOaYmdZQmad8n3nK8WC/OJZNKgbD15N 9TlXaDaRXxWdZJa6VwoA7y4ZUzVuVJfyemiQ7E0iO/RI5rT3ZBevNLmrLTSYWZoV N7E+VC5Y2OtUraoLgds/Khy9rqpcpYWeUBoBAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQURFOc5BCmg7ll9DnYrZ1z+uqIdDgwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9SRk9jNUJDbWc3bGw5RG5Zclox ei11cUlkRGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHev9f gDANBgkqhkiG9w0BAQsFAAOCAQEAcAZjBv7dfbRyJ0CraDea1X+W03yesUZ7pyrp MvrVXe07EZLkOQgUDpVuMIWIzUHsFAJc/Y+evgWmxSlwaOvQkVu5kyfwBwQNHuNq oKM63pJlGifcjUvZmVhzD1cw6QvjoZYL5ShCjd5XDg54wzqalBs+xxmuf9tb+eP7 1hIaDXUKTPV/bCNPCnurAYIZC3tNWjVyxDZnJLHPuziRfqxD/4IREL4unHCz5IfX jv1lnP86GU3Y+unAhJXR41oG4FjA9GRRHAbgZIecwxMeMgR5En/QgJ6HCPsPLXcI FhiXfLkk6rJOUfNbC8R1TGJ/yYcDFarQh7eRJbouyLKvA1UcsQ== -----END CERTIFICATE-----Generated at Thu Apr 17 20:37:52 2025 by rpki-client