$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/XMnsdgY0khLvNmkbO5YvYbPHkdk.roa File: XMnsdgY0khLvNmkbO5YvYbPHkdk.roa (raw, json) Hash identifier: H0kp7AcqWuS+me3arqu9bHq0Ym/Eq/ydrYjNPbh7xNE= Subject key identifier: 5C:C9:EC:76:06:34:92:12:EF:36:69:1B:3B:96:2F:61:B3:C7:91:D9 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 111B Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XMnsdgY0khLvNmkbO5YvYbPHkdk.roa Signing time: Mon 10 Feb 2025 13:56:50 +0000 ROA not before: Mon 10 Feb 2025 13:56:50 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17809 IP address blocks: 203.222.28.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4379 (0x111b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Feb 10 13:56:50 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5CC9EC7606349212EF36691B3B962F61B3C791D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d8:00:6c:80:fa:c3:7c:72:7e:7b:00:28:5a: e1:a5:76:dd:bf:61:44:f4:ec:89:ea:83:d3:a9:c9: 06:d2:97:a4:20:10:43:1f:f1:dd:5f:38:13:cb:4f: 82:2a:13:f6:57:f5:c4:98:20:63:03:4a:05:24:29: b5:ea:5d:93:fd:16:b5:df:b2:6f:60:15:d3:87:39: 46:53:eb:54:8f:c1:4e:d9:ae:f4:f1:e4:04:d2:ec: 1e:80:cc:80:ad:39:0b:28:3b:a7:11:35:6c:91:8e: cd:fb:59:0b:6f:c9:da:02:48:33:8d:03:43:a9:a4: 63:e2:0e:76:03:26:83:67:12:93:be:f1:48:6b:7c: b5:bd:28:b8:e0:86:b8:3e:38:13:88:40:7e:ef:07: 17:13:06:f1:51:18:f5:03:34:d6:6e:97:29:87:9e: 6c:ef:ab:3d:89:0a:bf:95:94:0f:a8:0f:ec:06:5c: 57:28:38:03:e0:e4:9f:cf:ff:be:26:c5:52:c1:fd: 3b:48:89:e7:07:44:d0:fa:3f:45:99:94:49:97:84: bb:a7:ce:82:8d:8f:5b:1e:dc:ab:0f:21:11:05:e6: 06:c1:0d:3c:ac:de:a4:12:d2:70:2b:81:5d:01:c2: 11:67:14:e6:df:55:a9:dc:8a:b0:07:40:90:20:74: 22:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:C9:EC:76:06:34:92:12:EF:36:69:1B:3B:96:2F:61:B3:C7:91:D9 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XMnsdgY0khLvNmkbO5YvYbPHkdk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.222.28.0/22 Signature Algorithm: sha256WithRSAEncryption 31:7f:fe:ea:2c:1d:e0:5a:08:29:46:79:a7:c0:38:bf:34:b0: a0:eb:9a:57:ac:5f:e0:9c:c4:06:c6:b0:33:c7:27:6c:03:a5: 96:14:7d:61:3a:f6:6a:94:8c:06:34:da:7f:30:46:ce:e1:4b: b5:9c:30:69:66:0e:cc:54:18:86:e2:e6:e5:24:1c:3e:a0:2e: 6a:d9:ee:79:7d:08:5e:9d:06:55:64:6e:09:4f:c8:9d:fb:3b: b9:8e:7c:b2:56:35:00:b3:0f:95:40:83:79:5c:c0:c8:de:d0: 8d:5a:fd:60:0c:4c:54:4a:b9:ff:59:54:78:d2:63:cc:78:b3: f8:9d:5a:7d:35:7a:29:ae:56:bc:19:29:e2:86:25:7a:86:8b: ea:b2:41:06:62:16:88:73:43:12:4b:bc:1c:ce:dc:ed:cc:86: 24:f4:ba:62:7b:67:50:f9:5b:00:ec:37:b3:13:9f:d7:c4:4d: e2:ea:f9:67:72:e2:0b:d2:51:ff:1a:0e:f6:6e:5d:1c:7b:53: 57:fe:16:a7:47:84:0f:44:dd:71:a0:ef:be:cf:c6:3c:68:c3: 2f:0b:fe:02:a6:36:b7:68:65:ea:9f:11:49:d5:c1:2c:90:42: a5:ff:7d:1d:bb:2c:0b:71:15:a3:1b:86:ec:66:04:a4:78:ca: 04:3d:11:e0 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICERswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx MzU2NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVDQzlFQzc2MDYzNDky MTJFRjM2NjkxQjNCOTYyRjYxQjNDNzkxRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDP2ABsgPrDfHJ+ewAoWuGldt2/YUT07Inqg9OpyQbSl6QgEEMf 8d1fOBPLT4IqE/ZX9cSYIGMDSgUkKbXqXZP9FrXfsm9gFdOHOUZT61SPwU7ZrvTx 5ATS7B6AzICtOQsoO6cRNWyRjs37WQtvydoCSDONA0OppGPiDnYDJoNnEpO+8Uhr fLW9KLjghrg+OBOIQH7vBxcTBvFRGPUDNNZulymHnmzvqz2JCr+VlA+oD+wGXFco OAPg5J/P/74mxVLB/TtIiecHRND6P0WZlEmXhLunzoKNj1se3KsPIREF5gbBDTys 3qQS0nArgV0BwhFnFObfVancirAHQJAgdCJzAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUXMnsdgY0khLvNmkbO5YvYbPHkdkwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWE1uc2RnWTBraEx2Tm1rYk81WXZZ YlBIa2RrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveHDAN BgkqhkiG9w0BAQsFAAOCAQEAMX/+6iwd4FoIKUZ5p8A4vzSwoOuaV6xf4JzEBsaw M8cnbAOllhR9YTr2apSMBjTafzBGzuFLtZwwaWYOzFQYhuLm5SQcPqAuatnueX0I Xp0GVWRuCU/Infs7uY58slY1ALMPlUCDeVzAyN7QjVr9YAxMVEq5/1lUeNJjzHiz +J1afTV6Ka5WvBkp4oYleoaL6rJBBmIWiHNDEku8HM7c7cyGJPS6YntnUPlbAOw3 sxOf18RN4ur5Z3LiC9JR/xoO9m5dHHtTV/4Wp0eED0TdcaDvvs/GPGjDLwv+AqY2 t2hl6p8RSdXBLJBCpf99HbssC3EVoxuG7GYEpHjKBD0R4A== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:35 2025 by rpki-client on console.sobornost.net