$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ZAT/DVC2snTj-5fGKr1rlp0VEeRsAdU.roa File: DVC2snTj-5fGKr1rlp0VEeRsAdU.roa (raw, json) Hash identifier: onNPZSd7Gs/VNNfrdiEg9Txmlf2vheRFvg/Qse95V04= Subject key identifier: 0D:50:B6:B2:74:E3:FB:97:C6:2A:BD:6B:96:9D:15:11:E4:6C:01:D5 Certificate issuer: /CN=41D608336CCF0EDFEA4A24614F1D7234884E8991 Certificate serial: 0139 Authority key identifier: 41:D6:08:33:6C:CF:0E:DF:EA:4A:24:61:4F:1D:72:34:88:4E:89:91 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/QdYIM2zPDt_qSiRhTx1yNIhOiZE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ZAT/DVC2snTj-5fGKr1rlp0VEeRsAdU.roa Signing time: Mon 10 Feb 2025 13:45:07 +0000 ROA not before: Mon 10 Feb 2025 13:45:07 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18041 IP address blocks: 2401:55a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ZAT/QdYIM2zPDt_qSiRhTx1yNIhOiZE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ZAT/QdYIM2zPDt_qSiRhTx1yNIhOiZE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/QdYIM2zPDt_qSiRhTx1yNIhOiZE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 313 (0x139) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41D608336CCF0EDFEA4A24614F1D7234884E8991 Validity Not Before: Feb 10 13:45:07 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0D50B6B274E3FB97C62ABD6B969D1511E46C01D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0f:59:d5:18:b4:b4:f0:8b:b3:71:17:0b:b8: 2d:9d:2c:6b:1b:52:65:b3:29:f5:a5:2b:86:ce:76: 37:82:e0:4a:9d:cc:4e:08:b0:84:76:f9:c4:52:1b: 9e:96:75:8d:cd:d3:11:b5:cb:ce:5b:1d:85:99:1e: 52:5a:61:ad:d2:f5:24:e6:43:ef:6f:ee:f6:2b:e4: 73:45:cb:ef:99:7c:28:bd:06:d5:0a:73:a5:f0:e9: df:4f:35:2d:7e:68:9a:6b:83:df:3b:4d:37:51:df: 5f:1e:f7:49:e9:9e:3d:96:d9:9f:13:5f:2c:cc:1b: 1b:6c:b4:3a:24:36:05:92:44:7e:c1:db:0a:f5:a3: 8e:e2:fd:b8:07:f2:c1:9a:0f:c2:7d:bf:fa:35:83: 7b:be:c1:0a:8a:c1:c9:92:5f:9f:58:f9:38:32:cf: 4a:b9:a2:a3:f3:f9:2b:47:85:04:25:c1:45:db:e2: 6d:71:92:ba:5e:5b:e3:ad:77:bc:e3:d4:7b:1d:15: 6c:d5:74:e8:50:ea:03:4e:bd:bd:ca:65:9c:be:27: 32:1e:96:be:bf:93:cf:94:99:7d:0a:10:2f:9c:3f: 5c:08:5d:d0:2e:bc:95:23:a2:8c:8a:df:1e:0e:be: ca:56:b4:9b:eb:e7:44:a0:6a:35:61:7d:23:63:59: b4:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:50:B6:B2:74:E3:FB:97:C6:2A:BD:6B:96:9D:15:11:E4:6C:01:D5 X509v3 Authority Key Identifier: keyid:41:D6:08:33:6C:CF:0E:DF:EA:4A:24:61:4F:1D:72:34:88:4E:89:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZAT/QdYIM2zPDt_qSiRhTx1yNIhOiZE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/QdYIM2zPDt_qSiRhTx1yNIhOiZE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZAT/DVC2snTj-5fGKr1rlp0VEeRsAdU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:55a0::/32 Signature Algorithm: sha256WithRSAEncryption 07:9f:f6:a0:e1:24:ad:31:8a:f5:8a:37:0e:2d:48:90:47:7d: d1:d9:3b:8e:11:90:0c:13:74:88:19:39:e8:d0:a2:50:1c:89: 45:01:de:f3:90:e5:d7:f1:f4:fa:e0:8b:68:05:99:8b:cc:99: eb:ab:b3:c4:6d:9f:6e:d9:43:0c:b9:c5:be:52:86:63:9b:72: e4:27:c2:18:03:4e:2e:41:87:8d:14:c0:f1:45:77:48:c1:1c: 57:af:7b:9c:a6:40:7e:f7:e2:b3:6b:12:1f:03:dc:17:d4:9c: 88:6b:c9:59:c1:24:34:68:9a:c5:22:fe:3b:69:f8:06:86:4e: 4e:4a:ea:13:f7:b2:83:c2:19:a7:29:44:70:0b:ed:a7:1e:da: 5c:8e:01:59:3a:f1:ed:f9:fa:66:78:d2:da:c9:d6:ed:d2:ab: 83:37:61:ef:bf:0a:10:74:69:b8:cc:f3:a9:c3:44:7b:a8:d1: 56:63:ab:f8:f6:eb:14:53:e1:e0:c6:89:f8:07:67:a8:71:4f: a4:cf:0e:79:71:ec:67:08:e6:35:5e:21:a0:4e:95:1a:05:dc: 45:32:c4:d4:a0:f5:d0:92:50:8c:89:1b:11:c7:56:06:52:3b: 6b:76:4b:41:46:91:e2:ef:0a:a1:ce:27:80:b3:56:bc:98:ec: df:5f:a1:02 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICATkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDFE NjA4MzM2Q0NGMEVERkVBNEEyNDYxNEYxRDcyMzQ4ODRFODk5MTAeFw0yNTAyMTAx MzQ1MDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBENTBCNkIyNzRFM0ZC OTdDNjJBQkQ2Qjk2OUQxNTExRTQ2QzAxRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCTD1nVGLS08IuzcRcLuC2dLGsbUmWzKfWlK4bOdjeC4EqdzE4I sIR2+cRSG56WdY3N0xG1y85bHYWZHlJaYa3S9STmQ+9v7vYr5HNFy++ZfCi9BtUK c6Xw6d9PNS1+aJprg987TTdR318e90npnj2W2Z8TXyzMGxtstDokNgWSRH7B2wr1 o47i/bgH8sGaD8J9v/o1g3u+wQqKwcmSX59Y+Tgyz0q5oqPz+StHhQQlwUXb4m1x krpeW+Otd7zj1HsdFWzVdOhQ6gNOvb3KZZy+JzIelr6/k8+UmX0KEC+cP1wIXdAu vJUjooyK3x4OvspWtJvr50SgajVhfSNjWbQ9AgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUDVC2snTj+5fGKr1rlp0VEeRsAdUwHwYDVR0jBBgwFoAUQdYIM2zPDt/qSiRh Tx1yNIhOiZEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWkFUL1Fk WUlNMnpQRHRfcVNpUmhUeDF5TkloT2laRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UWRZSU0yelBEdF9xU2lSaFR4MXlOSWhPaVpFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvWkFUL0RWQzJzblRqLTVmR0tyMXJscDBWRWVS c0FkVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAVWgMA0G CSqGSIb3DQEBCwUAA4IBAQAHn/ag4SStMYr1ijcOLUiQR33R2TuOEZAME3SIGTno 0KJQHIlFAd7zkOXX8fT64ItoBZmLzJnrq7PEbZ9u2UMMucW+UoZjm3LkJ8IYA04u QYeNFMDxRXdIwRxXr3ucpkB+9+KzaxIfA9wX1JyIa8lZwSQ0aJrFIv47afgGhk5O SuoT97KDwhmnKURwC+2nHtpcjgFZOvHt+fpmeNLaydbt0quDN2HvvwoQdGm4zPOp w0R7qNFWY6v49usUU+Hgxon4B2eocU+kzw55cexnCOY1XiGgTpUaBdxFMsTUoPXQ klCMiRsRx1YGUjtrdktBRpHi7wqhzieAs1a8mOzfX6EC -----END CERTIFICATE-----Generated at Wed Feb 19 20:32:43 2025 by rpki-client