$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/ItNGfupAjP8ehZ_-tT8lCG_X7Uk.roa File: ItNGfupAjP8ehZ_-tT8lCG_X7Uk.roa (raw, json) Hash identifier: yYXUotoj5BXjW66zA/XLJm+m6JncP0DGJZx3u0e6NNg= Subject key identifier: 22:D3:46:7E:EA:40:8C:FF:1E:85:9F:FE:B5:3F:25:08:6F:D7:ED:49 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 119A Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ItNGfupAjP8ehZ_-tT8lCG_X7Uk.roa Signing time: Mon 10 Feb 2025 14:27:31 +0000 ROA not before: Mon 10 Feb 2025 14:27:31 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 210.201.72.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4506 (0x119a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:27:31 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=22D3467EEA408CFF1E859FFEB53F25086FD7ED49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:7c:4b:b9:4e:8a:76:fe:d7:b6:b4:0d:90:34: 6d:a7:1f:8b:9d:e6:2e:3d:3b:df:95:6b:44:cf:b6: 88:5f:c9:0a:e0:bd:ba:e7:3b:30:9e:25:2e:bd:5f: 84:01:ba:5e:98:b8:bb:a4:c1:f3:ec:fd:0d:55:62: b2:9c:79:31:9b:dd:16:9d:b2:f8:0d:1d:b4:c3:41: ca:ab:9e:17:e8:fb:b4:e0:bf:34:6c:a9:97:92:9f: 46:9a:02:73:32:7c:78:b0:48:5a:23:b2:4c:da:71: 54:52:a8:1d:79:a1:df:43:8a:dd:6c:c5:be:77:46: e1:ac:3e:f0:7a:22:ea:23:f0:7b:06:54:c8:4f:df: c6:9f:c1:00:13:61:6f:7b:6c:ce:09:a4:36:0e:03: c9:e3:da:50:c6:9d:39:d0:1b:c6:bb:3e:57:08:e9: 5a:ce:88:78:1d:8a:da:de:45:bf:aa:8f:8d:f3:4b: 3c:90:0a:5c:8b:e6:ae:f6:aa:53:a8:91:ac:53:e9: 30:80:f6:91:ca:df:0b:61:aa:72:8a:09:0c:54:6e: 07:a1:5b:0b:65:84:0f:b5:7b:6f:16:ff:da:52:c6: a2:38:95:dc:6e:72:77:57:22:b6:bd:3a:42:7f:ac: cc:53:1d:af:fc:d9:4c:c0:4f:d5:28:cd:07:cb:70: 8d:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:D3:46:7E:EA:40:8C:FF:1E:85:9F:FE:B5:3F:25:08:6F:D7:ED:49 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ItNGfupAjP8ehZ_-tT8lCG_X7Uk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.201.72.0/23 Signature Algorithm: sha256WithRSAEncryption 30:45:80:0d:83:f4:d0:b8:bc:f7:83:7b:12:98:aa:25:ca:76: 07:7b:fe:d8:25:9d:46:75:12:84:f8:a4:78:38:e6:4d:77:34: 1e:96:67:04:99:89:9b:ec:e2:09:ec:9c:89:ac:61:e5:6d:85: 32:0a:aa:a0:db:45:8b:9f:60:b6:9a:b4:8e:7e:88:f4:6d:06: de:34:bb:84:2f:71:e8:4c:5e:d2:30:59:26:a7:53:08:eb:48: 87:c2:f6:af:41:a1:7c:38:72:23:4b:bb:ab:e5:90:87:57:96: 25:a6:8f:e1:3d:97:53:dc:75:81:32:5b:df:1e:58:03:4b:ef: a1:69:04:16:d6:59:5e:d3:cf:6c:20:a7:ef:20:98:d3:87:4b: d5:23:bf:20:a5:75:ec:1b:ae:79:00:93:cf:84:7b:f0:8a:8b: 1a:1e:29:ed:4a:68:24:54:51:26:95:c7:84:58:2e:04:7b:9f: b8:1e:17:61:36:bd:5c:ff:7e:d4:ee:d1:cd:9b:17:eb:e8:12: af:7f:00:7a:82:ba:55:7b:79:af:d4:c5:01:f8:6c:08:9e:02: dd:3f:d0:6a:60:c8:90:92:83:83:4d:f7:16:f0:0c:a3:84:62: 16:f6:e7:3e:87:8e:35:50:66:93:e0:fa:e6:47:ea:d9:ba:e3: 47:28:da:43 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI3MzFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIyRDM0NjdFRUE0MDhD RkYxRTg1OUZGRUI1M0YyNTA4NkZEN0VENDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/fEu5Top2/te2tA2QNG2nH4ud5i49O9+Va0TPtohfyQrgvbrn OzCeJS69X4QBul6YuLukwfPs/Q1VYrKceTGb3RadsvgNHbTDQcqrnhfo+7TgvzRs qZeSn0aaAnMyfHiwSFojskzacVRSqB15od9Dit1sxb53RuGsPvB6Iuoj8HsGVMhP 38afwQATYW97bM4JpDYOA8nj2lDGnTnQG8a7PlcI6VrOiHgditreRb+qj43zSzyQ ClyL5q72qlOokaxT6TCA9pHK3wthqnKKCQxUbgehWwtlhA+1e28W/9pSxqI4ldxu cndXIra9OkJ/rMxTHa/82UzAT9UozQfLcI1zAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUItNGfupAjP8ehZ/+tT8lCG/X7UkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0l0TkdmdXBBalA4ZWhaXy10VDhsQ0df WDdVay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHSyUgwDQYJ KoZIhvcNAQELBQADggEBADBFgA2D9NC4vPeDexKYqiXKdgd7/tglnUZ1EoT4pHg4 5k13NB6WZwSZiZvs4gnsnImsYeVthTIKqqDbRYufYLaatI5+iPRtBt40u4QvcehM XtIwWSanUwjrSIfC9q9BoXw4ciNLu6vlkIdXliWmj+E9l1PcdYEyW98eWANL76Fp BBbWWV7Tz2wgp+8gmNOHS9UjvyCldewbrnkAk8+Ee/CKixoeKe1KaCRUUSaVx4RY LgR7n7geF2E2vVz/ftTu0c2bF+voEq9/AHqCulV7ea/UxQH4bAieAt0/0GpgyJCS g4NN9xbwDKOEYhb25z6HjjVQZpPg+uZH6tm640co2kM= -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:36 2025 by rpki-client on console.sobornost.net