$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/It-gPIOb2JtarR36UI3qdEWldLM.roa File: It-gPIOb2JtarR36UI3qdEWldLM.roa (raw, json) Hash identifier: fxzOw+RJxucqRYEZ7A/YeH6vB/qHN22F49S+GTj0ILM= Subject key identifier: 22:DF:A0:3C:83:9B:D8:9B:5A:AD:1D:FA:50:8D:EA:74:45:A5:74:B3 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 11DD Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/It-gPIOb2JtarR36UI3qdEWldLM.roa Signing time: Mon 10 Feb 2025 14:27:49 +0000 ROA not before: Mon 10 Feb 2025 14:27:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 60.244.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4573 (0x11dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:49 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=22DFA03C839BD89B5AAD1DFA508DEA7445A574B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:99:e9:0f:ed:ec:58:a9:fa:df:de:bb:9d:d3: 26:5b:63:75:1b:30:9e:54:af:91:37:c7:d0:a1:b1: 5d:78:f2:14:0c:fb:bd:21:b5:30:43:f0:a6:0e:fb: dc:85:44:a8:16:70:2c:d5:fd:aa:65:e0:f8:5b:0a: 40:f0:1d:38:71:94:e5:47:07:2f:0d:59:6a:3c:69: c4:21:fe:d5:7f:80:48:f2:95:67:59:29:24:22:52: 1c:95:8e:2c:bf:76:a5:f5:61:32:3a:7f:5d:ec:f4: a1:09:42:18:87:ff:11:28:65:11:46:75:79:07:93: 5d:39:93:39:ef:80:ab:d4:ec:58:c9:c7:4d:07:6a: 39:2a:38:73:d8:45:4a:60:d3:9f:6f:d2:61:fb:7e: f0:09:a7:80:b7:21:ac:a0:44:72:6b:e7:33:3a:da: 30:21:7c:47:57:70:17:0f:a7:b6:ad:ac:c5:1c:2e: 6e:18:eb:29:b5:2d:56:85:8d:29:47:91:0f:92:21: fb:e4:7a:5c:1e:3a:14:f8:9e:ea:00:9e:d4:66:80: 1c:05:cd:f1:eb:cc:1d:a6:69:ff:65:9b:bd:af:36: 61:07:bb:08:f1:22:3b:77:f8:1d:a7:a7:67:c7:9d: d8:95:ee:d4:ce:d8:70:87:7d:20:59:33:3e:2b:4d: 6f:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:DF:A0:3C:83:9B:D8:9B:5A:AD:1D:FA:50:8D:EA:74:45:A5:74:B3 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/It-gPIOb2JtarR36UI3qdEWldLM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.244.0.0/17 Signature Algorithm: sha256WithRSAEncryption 1d:ed:36:7c:4b:a7:6a:ea:6b:9c:c8:ae:0f:ee:f5:e7:94:96: 11:4e:b3:69:5a:d5:f9:af:f5:fa:80:70:c8:cb:cb:78:ed:cd: 82:8b:20:66:27:1e:ba:82:32:35:ca:21:0b:d8:31:af:2e:8b: 33:bf:0f:54:f1:8e:78:8c:86:74:46:a0:05:a5:bc:1e:35:b1: 1e:3b:d9:55:65:22:66:ac:3c:20:a2:3a:4e:66:a9:6a:d7:38: a3:00:ed:ef:fc:55:8b:fc:10:91:ea:c1:78:cf:f3:90:fc:ed: 89:c1:5e:d8:06:02:c5:a9:dd:87:b3:d7:bf:c0:03:91:3d:ec: 75:51:79:3e:5d:05:b9:1f:d5:d0:ba:9f:c2:f8:1c:b9:9d:ba: 50:63:d5:1a:b2:9c:6f:b7:de:28:d7:62:11:80:5d:99:f3:f2: 1e:ab:d1:29:66:d8:e3:ab:62:6c:9f:84:24:e7:7d:14:cf:fd: 9c:dc:f8:9d:58:5d:f3:9a:3a:e1:b9:06:63:4b:b9:62:1c:ac: 59:35:83:02:5b:d0:aa:42:58:23:7d:00:f4:0d:d7:85:fe:78: 1d:7e:a5:4f:29:ae:92:ea:ac:0e:4b:13:b1:a3:72:6c:48:8e: e8:53:d2:b0:39:5f:fb:62:be:25:03:a8:40:99:41:0d:4a:54: fb:b9:88:ef -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIyREZBMDNDODM5QkQ4 OUI1QUFEMURGQTUwOERFQTc0NDVBNTc0QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcmekP7exYqfrf3rud0yZbY3UbMJ5Ur5E3x9ChsV148hQM+70h tTBD8KYO+9yFRKgWcCzV/apl4PhbCkDwHThxlOVHBy8NWWo8acQh/tV/gEjylWdZ KSQiUhyVjiy/dqX1YTI6f13s9KEJQhiH/xEoZRFGdXkHk105kznvgKvU7FjJx00H ajkqOHPYRUpg059v0mH7fvAJp4C3IaygRHJr5zM62jAhfEdXcBcPp7atrMUcLm4Y 6ym1LVaFjSlHkQ+SIfvkelweOhT4nuoAntRmgBwFzfHrzB2maf9lm72vNmEHuwjx Ijt3+B2np2fHndiV7tTO2HCHfSBZMz4rTW/VAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUIt+gPIOb2JtarR36UI3qdEWldLMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0l0LWdQSU9iMkp0YXJSMzZVSTNxZEVX bGRMTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc89AAwDQYJ KoZIhvcNAQELBQADggEBAB3tNnxLp2rqa5zIrg/u9eeUlhFOs2la1fmv9fqAcMjL y3jtzYKLIGYnHrqCMjXKIQvYMa8uizO/D1TxjniMhnRGoAWlvB41sR472VVlImas PCCiOk5mqWrXOKMA7e/8VYv8EJHqwXjP85D87YnBXtgGAsWp3Yez17/AA5E97HVR eT5dBbkf1dC6n8L4HLmdulBj1RqynG+33ijXYhGAXZnz8h6r0Slm2OOrYmyfhCTn fRTP/Zzc+J1YXfOaOuG5BmNLuWIcrFk1gwJb0KpCWCN9APQN14X+eB1+pU8prpLq rA5LE7GjcmxIjuhT0rA5X/tiviUDqECZQQ1KVPu5iO8= -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:36 2025 by rpki-client on console.sobornost.net