$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/XINANG/6NhAKoPMlHFZULe2MFQGUpnJ9Gs.roa File: 6NhAKoPMlHFZULe2MFQGUpnJ9Gs.roa (raw, json) Hash identifier: JhK4684O9dnAo3CjbQ603rF0C1zfVppI4B6+qoolK0M= Subject key identifier: E8:D8:40:2A:83:CC:94:71:59:50:B7:B6:30:54:06:52:99:C9:F4:6B Certificate issuer: /CN=032D33664F780B2C501EE623E7BBF1D226B26248 Certificate serial: 01FA Authority key identifier: 03:2D:33:66:4F:78:0B:2C:50:1E:E6:23:E7:BB:F1:D2:26:B2:62:48 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Ay0zZk94CyxQHuYj57vx0iayYkg.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/6NhAKoPMlHFZULe2MFQGUpnJ9Gs.roa Signing time: Mon 10 Feb 2025 14:10:25 +0000 ROA not before: Mon 10 Feb 2025 14:10:25 +0000 ROA not after: Tue 04 Nov 2025 15:30:21 +0000 asID: 131642 IP address blocks: 160.191.168.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/Ay0zZk94CyxQHuYj57vx0iayYkg.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/Ay0zZk94CyxQHuYj57vx0iayYkg.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Ay0zZk94CyxQHuYj57vx0iayYkg.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:26:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 506 (0x1fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=032D33664F780B2C501EE623E7BBF1D226B26248 Validity Not Before: Feb 10 14:10:25 2025 GMT Not After : Nov 4 15:30:21 2025 GMT Subject: CN=E8D8402A83CC94715950B7B63054065299C9F46B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:50:01:71:ff:1d:d6:d9:f5:1c:2e:15:91:ec: d0:94:44:d0:61:bc:61:51:af:8d:16:3b:88:f1:77: ce:75:4d:f2:32:a5:c7:47:f7:8d:46:37:98:c1:49: 5f:4d:14:37:a8:49:2b:5a:5d:b6:f7:b1:e5:55:af: 98:16:11:c4:36:de:96:2d:36:82:02:db:26:0d:ab: 0c:1d:c0:72:0b:eb:e6:0e:fc:57:48:9c:d2:07:58: 11:68:d3:12:eb:20:9e:f4:3d:17:c9:36:d2:3a:40: 38:f0:65:e3:26:ba:ff:16:89:9b:f0:4c:b4:4d:1b: e1:70:09:62:ff:8d:38:c4:d4:52:e5:24:97:ca:26: e1:76:85:0e:ce:04:d6:77:58:50:67:7f:e0:09:6a: 5b:1c:91:3d:4a:30:9a:13:4d:39:df:d1:e5:66:9d: 7e:55:84:97:43:01:8f:65:88:d6:66:df:91:a3:6e: 92:fc:87:17:22:d6:f4:8d:54:4b:3b:20:67:bb:9f: 76:69:be:c0:90:71:6d:3f:c9:af:6b:10:44:c6:35: 22:a3:0f:ff:a5:35:e5:c9:e3:91:b0:08:a0:ba:39: d0:8a:4b:a6:3c:bf:2d:d1:3f:05:f1:dc:a5:09:ac: 5e:8f:df:20:b8:2e:3d:eb:13:91:19:7a:88:27:96: e1:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:D8:40:2A:83:CC:94:71:59:50:B7:B6:30:54:06:52:99:C9:F4:6B X509v3 Authority Key Identifier: keyid:03:2D:33:66:4F:78:0B:2C:50:1E:E6:23:E7:BB:F1:D2:26:B2:62:48 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/Ay0zZk94CyxQHuYj57vx0iayYkg.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Ay0zZk94CyxQHuYj57vx0iayYkg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/6NhAKoPMlHFZULe2MFQGUpnJ9Gs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.191.168.0/23 Signature Algorithm: sha256WithRSAEncryption 06:9d:ac:f0:09:0c:fd:5f:21:2e:63:f3:91:37:9f:d8:f3:1c: e1:29:0b:de:25:7e:0f:1d:5f:97:c0:bc:64:e5:ad:97:43:6c: e0:e2:5a:51:9f:99:13:01:00:6b:a9:80:4c:dd:96:fd:f0:67: 17:ed:f0:62:d3:ea:e3:3c:88:94:1c:73:20:97:20:4a:c7:ae: 15:32:39:63:56:a0:62:62:f9:07:00:ce:ec:57:e0:be:84:17: b1:7c:b9:7e:8e:7c:04:53:b4:25:b3:89:78:bf:ef:05:76:d3: 78:68:fa:c4:2a:e2:74:77:0a:0b:f9:52:35:5d:12:14:bd:e6: e1:41:91:f8:21:d5:66:39:a8:d3:74:f9:1b:c8:37:50:7a:39: 3b:9a:60:91:16:8b:c8:32:76:e5:b6:76:b8:53:45:fc:85:05: 71:ab:b0:47:a8:2a:08:6f:fa:3c:38:a9:1b:90:b6:5d:87:06: 43:15:c3:ff:b8:db:24:d8:80:d7:61:f5:10:0a:21:22:a1:a1: 25:60:7f:7b:5d:7e:0b:dc:dc:b4:d2:3a:ad:a8:b7:6c:f4:dd: 59:65:63:35:e0:26:c4:02:4d:1b:62:b5:a6:c1:41:cc:3c:f1: c1:c9:3a:8f:95:ad:9e:47:ae:ea:13:37:7b:d0:30:ce:d0:fe: b6:c0:6b:f1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICAfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDMy RDMzNjY0Rjc4MEIyQzUwMUVFNjIzRTdCQkYxRDIyNkIyNjI0ODAeFw0yNTAyMTAx NDEwMjVaFw0yNTExMDQxNTMwMjFaMDMxMTAvBgNVBAMTKEU4RDg0MDJBODNDQzk0 NzE1OTUwQjdCNjMwNTQwNjUyOTlDOUY0NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpUAFx/x3W2fUcLhWR7NCURNBhvGFRr40WO4jxd851TfIypcdH 941GN5jBSV9NFDeoSStaXbb3seVVr5gWEcQ23pYtNoIC2yYNqwwdwHIL6+YO/FdI nNIHWBFo0xLrIJ70PRfJNtI6QDjwZeMmuv8WiZvwTLRNG+FwCWL/jTjE1FLlJJfK JuF2hQ7OBNZ3WFBnf+AJalsckT1KMJoTTTnf0eVmnX5VhJdDAY9liNZm35GjbpL8 hxci1vSNVEs7IGe7n3ZpvsCQcW0/ya9rEETGNSKjD/+lNeXJ45GwCKC6OdCKS6Y8 vy3RPwXx3KUJrF6P3yC4Lj3rE5EZeognluGBAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU6NhAKoPMlHFZULe2MFQGUpnJ9GswHwYDVR0jBBgwFoAUAy0zZk94CyxQHuYj 57vx0iayYkgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOQU5H L0F5MHpaazk0Q3l4UUh1WWo1N3Z4MGlheVlrZy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQXkwelprOTRDeXhRSHVZajU3dngwaWF5WWtnLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOQU5HLzZOaEFLb1BNbEhGWlVMZTJN RlFHVXBuSjlHcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGg v6gwDQYJKoZIhvcNAQELBQADggEBAAadrPAJDP1fIS5j85E3n9jzHOEpC94lfg8d X5fAvGTlrZdDbODiWlGfmRMBAGupgEzdlv3wZxft8GLT6uM8iJQccyCXIErHrhUy OWNWoGJi+QcAzuxX4L6EF7F8uX6OfARTtCWziXi/7wV203ho+sQq4nR3Cgv5UjVd EhS95uFBkfgh1WY5qNN0+RvIN1B6OTuaYJEWi8gyduW2drhTRfyFBXGrsEeoKghv +jw4qRuQtl2HBkMVw/+42yTYgNdh9RAKISKhoSVgf3tdfgvc3LTSOq2ot2z03Vll YzXgJsQCTRtitabBQcw88cHJOo+VrZ5HruoTN3vQMM7Q/rbAa/E= -----END CERTIFICATE-----Generated at Wed Feb 19 22:02:31 2025 by rpki-client