$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/VOCOM/PEOj5FyW9BuIVXOAUaY1ejD2KxQ.roa File: PEOj5FyW9BuIVXOAUaY1ejD2KxQ.roa (raw, json) Hash identifier: k0DOXEIOK2EltV1xHJaBbkd337mNLIoYlv7+IB6kXFc= Subject key identifier: 3C:43:A3:E4:5C:96:F4:1B:88:55:73:80:51:A6:35:7A:30:F6:2B:14 Certificate issuer: /CN=9E847108EBA0B550BC020FD9B1DC6DEB29E0DBEF Certificate serial: 01C7 Authority key identifier: 9E:84:71:08:EB:A0:B5:50:BC:02:0F:D9:B1:DC:6D:EB:29:E0:DB:EF Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/noRxCOugtVC8Ag_Zsdxt6yng2-8.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/VOCOM/PEOj5FyW9BuIVXOAUaY1ejD2KxQ.roa Signing time: Mon 10 Feb 2025 14:17:17 +0000 ROA not before: Mon 10 Feb 2025 14:17:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 63897 IP address blocks: 103.178.36.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/VOCOM/noRxCOugtVC8Ag_Zsdxt6yng2-8.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/VOCOM/noRxCOugtVC8Ag_Zsdxt6yng2-8.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/noRxCOugtVC8Ag_Zsdxt6yng2-8.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 22:38:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 455 (0x1c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9E847108EBA0B550BC020FD9B1DC6DEB29E0DBEF Validity Not Before: Feb 10 14:17:17 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=3C43A3E45C96F41B8855738051A6357A30F62B14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b5:31:0e:a3:44:2f:42:2d:dd:da:24:47:28: 3a:75:bc:7a:13:0e:c4:dc:1b:3c:bd:56:86:54:40: 43:47:dd:98:2b:0b:87:9a:85:7d:4d:95:25:bb:65: 3c:e2:0c:8a:33:18:fe:4e:8d:13:c7:b8:44:c3:b9: 5b:de:f9:f2:47:42:8e:18:4a:f0:fa:23:9a:4b:d9: 23:fe:71:89:7b:e8:15:14:b7:b1:e3:3e:d7:a4:e2: 9f:35:60:9a:07:2d:2a:77:aa:00:ea:d5:36:c3:90: a8:f8:e8:3a:fd:7d:fc:ea:6e:93:a7:b5:25:e5:eb: 4e:60:99:d5:7e:e1:e0:5e:6f:08:4d:e3:9a:72:e6: 5c:49:b8:c0:29:c3:eb:e5:08:43:f0:03:46:8f:36: a6:ec:ad:9a:0d:e0:26:4c:b1:74:09:ff:8d:2a:fc: 63:40:3f:e4:f3:32:52:48:6d:73:cb:62:6f:46:ad: f7:a3:b2:4e:3a:4d:b7:59:45:38:be:97:12:91:15: ca:ed:fb:37:7b:e5:04:5a:60:0c:fd:11:74:2b:42: 6f:4d:32:72:bd:fb:74:eb:d7:46:71:10:a4:93:15: c7:30:7f:26:56:48:de:dc:e9:a4:84:67:0e:9c:48: bc:74:fd:6e:36:a3:9c:cc:f4:74:57:3f:b6:e1:64: f3:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:43:A3:E4:5C:96:F4:1B:88:55:73:80:51:A6:35:7A:30:F6:2B:14 X509v3 Authority Key Identifier: keyid:9E:84:71:08:EB:A0:B5:50:BC:02:0F:D9:B1:DC:6D:EB:29:E0:DB:EF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VOCOM/noRxCOugtVC8Ag_Zsdxt6yng2-8.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/noRxCOugtVC8Ag_Zsdxt6yng2-8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VOCOM/PEOj5FyW9BuIVXOAUaY1ejD2KxQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.178.36.0/24 Signature Algorithm: sha256WithRSAEncryption 90:8b:74:81:51:36:6d:2d:60:5c:dd:75:51:a9:3b:1a:d4:38: 18:b2:59:88:d7:14:e4:20:75:4c:5c:64:cb:69:c9:a2:e6:b1: 57:10:2e:15:ef:e9:af:e6:53:e3:a9:d9:4a:7b:c2:9e:38:94: 58:2c:d4:28:bb:ac:60:32:a5:e1:05:62:5e:7b:d7:00:af:e7: 48:e7:ab:a5:5c:07:cb:d1:e9:99:68:69:d5:77:7c:07:d3:52: 12:73:d3:65:e0:c6:dc:5f:86:1c:05:1b:ed:06:b4:da:e9:5d: 05:42:8f:9c:74:5b:03:65:c1:23:f5:05:22:22:64:a5:8d:8d: 21:64:0e:71:ff:6e:d4:e2:37:bf:ff:49:4d:09:0a:49:58:25: 2a:22:c6:f9:04:12:9d:fa:72:61:b7:47:dd:d1:bf:73:ef:e6: c4:a4:2e:7b:23:c7:fc:dc:4f:a8:70:88:fd:89:2e:ad:16:c1: cf:bf:db:1e:05:5a:4f:4f:b0:c7:23:0a:11:ea:0f:5d:ea:60: 45:0d:6e:12:9e:1b:fd:b5:a1:dc:5f:ba:0a:6d:e5:8c:9b:d9: 49:a1:3b:d1:24:2c:64:04:6a:ea:14:b4:75:ea:10:26:b2:08: a7:54:4b:7e:09:c2:5e:29:d8:37:0a:21:a3:78:00:6d:70:b0: 64:32:99:d5 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAccwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUU4 NDcxMDhFQkEwQjU1MEJDMDIwRkQ5QjFEQzZERUIyOUUwREJFRjAeFw0yNTAyMTAx NDE3MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNDNDNBM0U0NUM5NkY0 MUI4ODU1NzM4MDUxQTYzNTdBMzBGNjJCMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8tTEOo0QvQi3d2iRHKDp1vHoTDsTcGzy9VoZUQENH3ZgrC4ea hX1NlSW7ZTziDIozGP5OjRPHuETDuVve+fJHQo4YSvD6I5pL2SP+cYl76BUUt7Hj Ptek4p81YJoHLSp3qgDq1TbDkKj46Dr9ffzqbpOntSXl605gmdV+4eBebwhN45py 5lxJuMApw+vlCEPwA0aPNqbsrZoN4CZMsXQJ/40q/GNAP+TzMlJIbXPLYm9Grfej sk46TbdZRTi+lxKRFcrt+zd75QRaYAz9EXQrQm9NMnK9+3Tr10ZxEKSTFccwfyZW SN7c6aSEZw6cSLx0/W42o5zM9HRXP7bhZPO9AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUPEOj5FyW9BuIVXOAUaY1ejD2KxQwHwYDVR0jBBgwFoAUnoRxCOugtVC8Ag/Z sdxt6yng2+8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVk9DT00v bm9SeENPdWd0VkM4QWdfWnNkeHQ2eW5nMi04LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9ub1J4Q091Z3RWQzhBZ19ac2R4dDZ5bmcyLTguY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9WT0NPTS9QRU9qNUZ5VzlCdUlWWE9BVWFZ MWVqRDJLeFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ7Ik MA0GCSqGSIb3DQEBCwUAA4IBAQCQi3SBUTZtLWBc3XVRqTsa1DgYslmI1xTkIHVM XGTLacmi5rFXEC4V7+mv5lPjqdlKe8KeOJRYLNQou6xgMqXhBWJee9cAr+dI56ul XAfL0emZaGnVd3wH01ISc9Nl4MbcX4YcBRvtBrTa6V0FQo+cdFsDZcEj9QUiImSl jY0hZA5x/27U4je//0lNCQpJWCUqIsb5BBKd+nJht0fd0b9z7+bEpC57I8f83E+o cIj9iS6tFsHPv9seBVpPT7DHIwoR6g9d6mBFDW4Snhv9taHcX7oKbeWMm9lJoTvR JCxkBGrqFLR16hAmsginVEt+CcJeKdg3CiGjeABtcLBkMpnV -----END CERTIFICATE-----Generated at Thu Apr 17 22:15:54 2025 by rpki-client