$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/DBxJOiCnY6SMYGYKaRBVJNRd2PY.roa File: DBxJOiCnY6SMYGYKaRBVJNRd2PY.roa (raw, json) Hash identifier: 3z0CBAlBKFT6oEn9TABNcc+gS33CnTgMWl1fqwjFQJw= Subject key identifier: 0C:1C:49:3A:20:A7:63:A4:8C:60:66:0A:69:10:55:24:D4:5D:D8:F6 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 178D Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/DBxJOiCnY6SMYGYKaRBVJNRd2PY.roa Signing time: Wed 12 Feb 2025 01:36:49 +0000 ROA not before: Wed 12 Feb 2025 01:36:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 221.120.25.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6029 (0x178d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:36:49 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0C1C493A20A763A48C60660A69105524D45DD8F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:6a:04:0e:df:d4:ec:98:bd:a4:e6:26:35:4f: ef:5b:69:66:30:f1:91:a3:64:07:9f:e3:be:58:e6: 14:11:49:d0:d6:43:05:05:e1:c8:be:14:6a:f4:c6: fb:8b:6d:87:ff:0e:27:9d:21:af:bc:29:41:92:b9: cd:91:f3:0f:3f:c7:65:9d:7d:69:9a:b9:60:38:c5: 37:50:78:53:92:ad:19:19:85:e6:87:9e:68:e5:4e: a8:28:d6:a3:54:be:5e:f4:2f:0f:5a:84:0d:d2:f6: 9a:ea:a9:4b:ee:c9:ff:41:21:7c:a4:84:4f:8d:c7: a8:ea:c5:b0:24:f4:6a:36:e6:9f:06:b5:3d:cd:87: 21:f7:a1:aa:43:43:82:b3:9c:fd:ea:92:ee:52:87: 6c:0e:13:af:92:36:74:0c:36:c9:9e:6d:45:fc:7a: f6:69:d2:7e:b5:14:9f:b3:48:fb:b4:a8:46:5c:12: 3e:72:2f:ec:17:04:eb:1d:00:27:58:3c:75:18:ee: 41:9f:82:8f:91:d3:51:3b:68:90:df:21:95:98:a1: 86:6d:02:30:62:65:20:69:4d:d9:d2:95:f0:8d:aa: 6a:15:0e:1b:b0:41:c9:b3:15:6f:d5:3b:a7:7b:83: 7a:55:e7:4e:72:5f:d9:60:a7:be:a1:65:39:1c:82: 2b:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:1C:49:3A:20:A7:63:A4:8C:60:66:0A:69:10:55:24:D4:5D:D8:F6 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/DBxJOiCnY6SMYGYKaRBVJNRd2PY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 221.120.25.0/24 Signature Algorithm: sha256WithRSAEncryption 79:04:09:fc:41:f7:88:ce:51:f4:03:21:2d:f6:8a:28:54:52: 08:d1:45:5a:79:e9:2c:7d:2c:7f:7a:d6:b4:69:06:87:b3:b4: ed:d1:d6:1d:63:2e:b6:a7:81:cd:cb:cc:6c:82:e7:0b:4f:09: 24:82:9d:01:30:fe:1f:b1:fd:5f:cb:37:d9:e2:48:0d:e5:17: dc:52:f9:9f:e5:17:47:71:3c:77:b2:08:af:b9:10:65:f3:7e: b0:6f:1e:55:75:b5:c0:ef:ab:14:1f:80:0c:ec:d4:f2:e0:05: b8:9a:d2:db:ee:42:b6:52:f7:b9:15:cc:92:6f:cc:54:a6:b2: d3:d2:bf:ba:b9:0e:26:6a:1c:a1:3d:9f:5b:c5:4a:ea:18:e8: cd:cc:e5:d4:f3:52:32:e2:51:9a:66:69:e3:1c:27:21:cb:12: 24:33:ce:3b:c9:0b:a7:7f:67:10:68:c7:75:86:d7:fd:67:a9: 17:c7:f3:36:fe:c7:24:0d:80:26:f5:c5:79:45:3c:04:53:03: dc:55:46:34:39:27:b7:bf:f0:b8:15:a1:d1:63:dd:4c:c6:16: 21:8a:8c:72:3a:fb:8a:5b:21:82:60:c0:6f:9b:1d:7f:ad:f2: ae:16:aa:8e:2c:55:57:9a:82:14:29:58:80:3e:2f:b7:54:00: 1b:c7:ad:f6 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICF40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM2NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBDMUM0OTNBMjBBNzYz QTQ4QzYwNjYwQTY5MTA1NTI0RDQ1REQ4RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKagQO39TsmL2k5iY1T+9baWYw8ZGjZAef475Y5hQRSdDWQwUF 4ci+FGr0xvuLbYf/DiedIa+8KUGSuc2R8w8/x2WdfWmauWA4xTdQeFOSrRkZheaH nmjlTqgo1qNUvl70Lw9ahA3S9prqqUvuyf9BIXykhE+Nx6jqxbAk9Go25p8GtT3N hyH3oapDQ4KznP3qku5Sh2wOE6+SNnQMNsmebUX8evZp0n61FJ+zSPu0qEZcEj5y L+wXBOsdACdYPHUY7kGfgo+R01E7aJDfIZWYoYZtAjBiZSBpTdnSlfCNqmoVDhuw QcmzFW/VO6d7g3pV505yX9lgp76hZTkcgit5AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUDBxJOiCnY6SMYGYKaRBVJNRd2PYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9EQnhKT2lDblk2U01ZR1lLYVJC VkpOUmQyUFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3XgZ MA0GCSqGSIb3DQEBCwUAA4IBAQB5BAn8QfeIzlH0AyEt9oooVFII0UVaeeksfSx/ eta0aQaHs7Tt0dYdYy62p4HNy8xsgucLTwkkgp0BMP4fsf1fyzfZ4kgN5RfcUvmf 5RdHcTx3sgivuRBl836wbx5VdbXA76sUH4AM7NTy4AW4mtLb7kK2Uve5FcySb8xU prLT0r+6uQ4mahyhPZ9bxUrqGOjNzOXU81Iy4lGaZmnjHCchyxIkM847yQunf2cQ aMd1htf9Z6kXx/M2/sckDYAm9cV5RTwEUwPcVUY0OSe3v/C4FaHRY91MxhYhioxy OvuKWyGCYMBvmx1/rfKuFqqOLFVXmoIUKViAPi+3VAAbx632 -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:37 2025 by rpki-client on console.sobornost.net