$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3I2LCKAv70ys99-P_YeR7kYVXuI.roa File: 3I2LCKAv70ys99-P_YeR7kYVXuI.roa (raw, json) Hash identifier: +JHqbQkOnkRmL8Rs88Xln+i5aljBJsjXYeaCnPC7rqs= Subject key identifier: DC:8D:8B:08:A0:2F:EF:4C:AC:F7:DF:8F:FD:87:91:EE:46:15:5E:E2 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1293 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3I2LCKAv70ys99-P_YeR7kYVXuI.roa Signing time: Mon 10 Feb 2025 14:15:00 +0000 ROA not before: Mon 10 Feb 2025 14:15:00 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17408 IP address blocks: 113.21.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4755 (0x1293) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:15:00 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DC8D8B08A02FEF4CACF7DF8FFD8791EE46155EE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:45:40:2e:8c:7f:dc:8f:e4:18:9b:98:fc:b3: 8c:dd:81:54:17:4a:5c:a6:26:76:53:55:0e:01:56: be:18:d7:34:9c:14:b9:83:d1:94:a9:bf:51:80:5a: 5e:3b:6f:04:62:f9:c5:73:15:72:99:33:f5:a7:5f: 25:6c:ba:a9:00:1b:3b:68:fd:00:36:7c:f2:5f:a2: a5:9d:ee:06:97:7c:9a:bc:83:8e:1d:42:a9:b8:c3: e3:33:77:61:9c:b3:58:12:5d:83:4d:0a:17:7b:6b: 33:a0:93:69:90:a2:59:de:72:12:c9:d4:c0:2d:69: 94:db:e8:5f:d1:69:2b:2d:57:81:5d:33:cd:ef:cc: 98:b4:ed:63:19:fe:bb:79:1d:bb:98:c9:c3:3a:f9: 03:0c:46:d8:c1:1b:e0:8b:41:d9:ef:bc:64:10:58: e0:46:08:19:f0:e8:2e:a8:97:a8:eb:19:cf:a4:8a: 0b:21:6b:25:35:29:ab:7c:67:d0:4f:8c:78:59:b6: 59:ed:86:06:1d:69:07:e4:02:1c:49:19:07:ba:de: de:07:4e:d4:5c:de:c1:31:fc:80:cf:17:76:c7:2f: 67:c8:b2:7a:0c:dd:52:0b:f1:ab:04:c9:88:7a:e0: 6e:1f:ff:a0:7f:ac:4f:e4:55:73:5a:b5:8c:57:7c: 00:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8D:8B:08:A0:2F:EF:4C:AC:F7:DF:8F:FD:87:91:EE:46:15:5E:E2 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3I2LCKAv70ys99-P_YeR7kYVXuI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.21.95.0/24 Signature Algorithm: sha256WithRSAEncryption aa:88:fb:f3:0d:c5:b5:6e:cb:b7:03:9a:df:e0:d4:f5:88:a1: e0:f5:ca:ef:48:a1:26:7c:72:76:a3:c7:41:1d:70:de:dd:57: c1:10:b0:ba:d3:99:e7:ad:cb:72:15:5e:99:e4:8e:a6:01:cc: 35:e9:f3:2e:4d:ab:38:06:b1:b1:be:10:69:21:89:94:2b:13: aa:85:af:e3:87:a7:f4:f8:aa:ab:0e:d5:cc:28:4e:18:28:8d: f8:cf:c1:b5:cc:54:54:9f:01:c0:fa:a7:91:dc:60:39:25:e6: 0d:3c:27:d8:c7:be:51:65:d6:46:d2:02:95:35:27:84:83:9a: 4d:8c:35:2c:77:6d:9c:f3:b3:45:7e:a0:97:b3:72:77:bb:68: 24:f9:7c:73:7e:6b:fa:8d:22:86:ae:31:05:cf:aa:92:d8:dd: f6:0e:5d:a8:dd:d7:90:92:98:63:c8:57:bf:9e:a5:c4:ac:4f: 59:5b:44:55:50:39:5f:6e:47:05:47:aa:66:6e:67:20:b3:a6: 52:c9:d6:75:17:7d:ce:31:ff:94:7e:99:c6:02:9a:9d:f1:80: bb:e5:18:0f:6a:ab:94:28:90:53:3d:64:c4:87:a7:fc:69:0d: 38:1d:33:da:5d:17:28:3d:2e:9a:60:38:f2:58:9e:e6:24:c8: be:12:3b:32 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEpMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE1MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDOEQ4QjA4QTAyRkVG NENBQ0Y3REY4RkZEODc5MUVFNDYxNTVFRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDsRUAujH/cj+QYm5j8s4zdgVQXSlymJnZTVQ4BVr4Y1zScFLmD 0ZSpv1GAWl47bwRi+cVzFXKZM/WnXyVsuqkAGzto/QA2fPJfoqWd7gaXfJq8g44d Qqm4w+Mzd2Gcs1gSXYNNChd7azOgk2mQolnechLJ1MAtaZTb6F/RaSstV4FdM83v zJi07WMZ/rt5HbuYycM6+QMMRtjBG+CLQdnvvGQQWOBGCBnw6C6ol6jrGc+kigsh ayU1Kat8Z9BPjHhZtlnthgYdaQfkAhxJGQe63t4HTtRc3sEx/IDPF3bHL2fIsnoM 3VIL8asEyYh64G4f/6B/rE/kVXNatYxXfAApAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU3I2LCKAv70ys99+P/YeR7kYVXuIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8zSTJMQ0tBdjcweXM5 OS1QX1llUjdrWVZYdUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAcRVfMA0GCSqGSIb3DQEBCwUAA4IBAQCqiPvzDcW1bsu3A5rf4NT1iKHg9crv SKEmfHJ2o8dBHXDe3VfBELC605nnrctyFV6Z5I6mAcw16fMuTas4BrGxvhBpIYmU KxOqha/jh6f0+KqrDtXMKE4YKI34z8G1zFRUnwHA+qeR3GA5JeYNPCfYx75RZdZG 0gKVNSeEg5pNjDUsd22c87NFfqCXs3J3u2gk+Xxzfmv6jSKGrjEFz6qS2N32Dl2o 3deQkphjyFe/nqXErE9ZW0RVUDlfbkcFR6pmbmcgs6ZSydZ1F33OMf+UfpnGApqd 8YC75RgPaquUKJBTPWTEh6f8aQ04HTPaXRcoPS6aYDjyWJ7mJMi+Ejsy -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:34 2025 by rpki-client on console.sobornost.net