$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/NHMCDivn-FX0TwMroSs1Izs3LsA.roa File: NHMCDivn-FX0TwMroSs1Izs3LsA.roa (raw, json) Hash identifier: hYKvHEfg1Dg+rsaDR7oiafy/WHRC35+z74VjL67UmtE= Subject key identifier: 34:73:02:0E:2B:E7:F8:55:F4:4F:03:2B:A1:2B:35:23:3B:37:2E:C0 Certificate issuer: /CN=18133C9A82B6428B8BE77F62804D22E218A45745 Certificate serial: 013F Authority key identifier: 18:13:3C:9A:82:B6:42:8B:8B:E7:7F:62:80:4D:22:E2:18:A4:57:45 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GBM8moK2QouL539igE0i4hikV0U.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/NHMCDivn-FX0TwMroSs1Izs3LsA.roa Signing time: Mon 10 Feb 2025 14:16:06 +0000 ROA not before: Mon 10 Feb 2025 14:16:06 +0000 ROA not after: Thu 27 Nov 2025 15:30:38 +0000 asID: 17413 IP address blocks: 160.250.98.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/GBM8moK2QouL539igE0i4hikV0U.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/GBM8moK2QouL539igE0i4hikV0U.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GBM8moK2QouL539igE0i4hikV0U.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 319 (0x13f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18133C9A82B6428B8BE77F62804D22E218A45745 Validity Not Before: Feb 10 14:16:06 2025 GMT Not After : Nov 27 15:30:38 2025 GMT Subject: CN=3473020E2BE7F855F44F032BA12B35233B372EC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:aa:d5:5a:ca:58:55:13:3a:03:63:62:b7:1a: e7:7d:01:f0:19:12:ac:80:13:92:46:59:34:a4:8b: c6:a0:7a:16:ee:ee:79:f3:31:27:60:bd:0d:fe:0c: d4:0a:cf:6e:82:bc:2e:85:a1:b5:fa:cb:12:9c:c3: 03:a5:e1:c6:61:f3:aa:1f:3a:81:45:d8:1f:42:16: b3:26:b9:ad:2e:3b:c1:04:69:70:0a:43:da:a5:49: 47:ac:2e:c6:ee:aa:df:db:5e:8a:94:f8:6f:b4:3a: ba:15:5e:3e:93:a3:71:ee:85:21:92:7c:61:3b:06: 89:3c:d7:6b:92:01:be:dc:00:5b:03:fc:f8:e7:0e: e6:88:11:32:27:d9:2a:91:bb:2e:e9:a2:a9:26:e0: 16:96:0b:c1:c9:05:ce:2b:18:91:ef:34:1c:be:a7: 14:d7:a8:45:ac:23:28:bf:25:75:ff:b5:2b:6d:80: 95:86:6a:b1:0e:dd:29:ec:8e:91:7b:e9:b0:25:0f: 0b:56:ce:b5:8e:7f:96:42:48:1e:79:b0:ac:3c:0d: 5c:8b:9a:0b:a5:7f:fe:b8:b6:35:cc:0a:2c:c9:e3: 07:9c:05:48:50:b9:51:ac:46:9f:03:fc:2f:6a:4c: 6c:6e:a1:b1:24:95:33:fc:69:c0:12:a8:da:9d:a4: 75:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:73:02:0E:2B:E7:F8:55:F4:4F:03:2B:A1:2B:35:23:3B:37:2E:C0 X509v3 Authority Key Identifier: keyid:18:13:3C:9A:82:B6:42:8B:8B:E7:7F:62:80:4D:22:E2:18:A4:57:45 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/GBM8moK2QouL539igE0i4hikV0U.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GBM8moK2QouL539igE0i4hikV0U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/NHMCDivn-FX0TwMroSs1Izs3LsA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.250.98.0/23 Signature Algorithm: sha256WithRSAEncryption a2:ab:5c:d2:43:d2:74:e6:d0:3b:ba:54:13:67:59:66:67:a7: 2f:bd:78:ce:2c:bf:7e:89:e6:7e:54:74:d7:0b:03:4f:41:1a: 5b:bb:0a:55:f6:33:0e:f2:ee:7e:5d:bf:d9:a1:e6:7d:bb:e6: a0:c0:42:ea:21:09:9f:da:63:8f:39:b9:54:b3:bc:e6:d8:97: cd:2d:36:07:e9:c9:33:f1:d6:32:fe:ab:48:c1:84:30:59:d7: 9b:75:d8:5c:1d:5c:a0:60:c3:e4:73:9e:cc:14:0a:67:8f:e8: dd:d6:cf:c1:ea:58:3a:d7:6f:db:91:8b:87:94:01:ca:4f:25: c9:03:00:93:08:0f:49:5d:46:ab:a7:55:ed:73:0a:62:4a:af: ac:fa:d6:1e:8e:3d:1c:e4:7b:a9:0f:11:74:cd:b5:b4:e5:06: 60:7d:bd:9e:14:41:02:01:fe:f1:fb:dd:b4:b5:5b:3e:46:f4: f7:1f:ec:81:91:d1:13:be:15:0d:ce:8b:cd:82:a8:44:c5:80: 9c:81:93:00:ed:ab:44:7d:e1:a0:e2:3c:f7:ac:1c:24:71:44: d4:52:48:81:fd:4d:84:0e:3f:ce:f2:8b:81:51:37:38:e0:0b: 40:d4:9f:fd:33:e3:e8:93:a2:55:1e:2a:f1:f8:4a:c3:76:21: b0:e8:53:63 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICAT8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgx MzNDOUE4MkI2NDI4QjhCRTc3RjYyODA0RDIyRTIxOEE0NTc0NTAeFw0yNTAyMTAx NDE2MDZaFw0yNTExMjcxNTMwMzhaMDMxMTAvBgNVBAMTKDM0NzMwMjBFMkJFN0Y4 NTVGNDRGMDMyQkExMkIzNTIzM0IzNzJFQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBqtVaylhVEzoDY2K3Gud9AfAZEqyAE5JGWTSki8agehbu7nnz MSdgvQ3+DNQKz26CvC6FobX6yxKcwwOl4cZh86ofOoFF2B9CFrMmua0uO8EEaXAK Q9qlSUesLsbuqt/bXoqU+G+0OroVXj6To3HuhSGSfGE7Bok812uSAb7cAFsD/Pjn DuaIETIn2SqRuy7poqkm4BaWC8HJBc4rGJHvNBy+pxTXqEWsIyi/JXX/tSttgJWG arEO3SnsjpF76bAlDwtWzrWOf5ZCSB55sKw8DVyLmgulf/64tjXMCizJ4wecBUhQ uVGsRp8D/C9qTGxuobEklTP8acASqNqdpHUnAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUNHMCDivn+FX0TwMroSs1Izs3LsAwHwYDVR0jBBgwFoAUGBM8moK2QouL539i gE0i4hikV0UwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9ET0xU RC9HQk04bW9LMlFvdUw1MzlpZ0UwaTRoaWtWMFUuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dCTThtb0syUW91TDUzOWlnRTBpNGhpa1YwVS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RPRE9MVEQvTkhNQ0Rpdm4tRlgwVHdN cm9TczFJenMzTHNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AaD6YjANBgkqhkiG9w0BAQsFAAOCAQEAoqtc0kPSdObQO7pUE2dZZmenL714ziy/ fonmflR01wsDT0EaW7sKVfYzDvLufl2/2aHmfbvmoMBC6iEJn9pjjzm5VLO85tiX zS02B+nJM/HWMv6rSMGEMFnXm3XYXB1coGDD5HOezBQKZ4/o3dbPwepYOtdv25GL h5QByk8lyQMAkwgPSV1Gq6dV7XMKYkqvrPrWHo49HOR7qQ8RdM21tOUGYH29nhRB AgH+8fvdtLVbPkb09x/sgZHRE74VDc6LzYKoRMWAnIGTAO2rRH3hoOI896wcJHFE 1FJIgf1NhA4/zvKLgVE3OOALQNSf/TPj6JOiVR4q8fhKw3YhsOhTYw== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:35 2025 by rpki-client on console.sobornost.net