$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/aD-1taC-f5t58I3V2vlUxKNTBds.roa File: aD-1taC-f5t58I3V2vlUxKNTBds.roa (raw, json) Hash identifier: edTe3iMtE+21eZxlayCcbn99eVS7mSbQcTWPYg110ns= Subject key identifier: 68:3F:B5:B5:A0:BE:7F:9B:79:F0:8D:D5:DA:F9:54:C4:A3:53:05:DB Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 173C Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/aD-1taC-f5t58I3V2vlUxKNTBds.roa Signing time: Wed 12 Feb 2025 01:36:31 +0000 ROA not before: Wed 12 Feb 2025 01:36:31 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 61.220.0.0/14 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5948 (0x173c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:36:31 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=683FB5B5A0BE7F9B79F08DD5DAF954C4A35305DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:68:3b:bf:b5:34:82:63:4d:5a:51:c5:87:f0: df:d0:ca:d9:73:e9:0c:ee:cb:87:43:6d:08:e2:63: dd:0c:30:fe:4c:84:48:f4:4a:c9:37:b3:4f:0b:06: f2:e6:09:80:35:94:12:97:fe:75:20:2a:d9:f1:ad: 4a:dc:df:8d:75:20:a6:b7:f4:37:ae:ba:5a:95:b3: 49:cf:19:dc:ae:18:74:cf:0d:43:1d:09:37:b9:d6: ec:93:ab:99:f8:2b:6c:81:fa:8b:b1:af:60:eb:2a: 6b:e9:da:1b:2d:90:fb:a9:2a:92:d7:f4:5e:bc:b0: 06:fd:6e:35:31:27:98:34:65:ec:f9:1f:79:c4:ef: f9:ae:77:c0:67:9a:e1:a5:ee:cb:fa:df:55:cd:e8: 9b:1f:8f:25:46:0b:64:f1:3f:97:b6:a6:1d:b4:04: 0d:c9:e5:98:b2:2d:73:fb:93:46:d8:0c:70:b1:00: 2e:94:b6:d4:74:f0:19:cd:9f:80:ef:90:7b:62:5f: b1:90:87:f8:be:a2:cd:6b:3e:70:d0:9b:e9:31:44: 9d:02:20:53:1d:ee:78:af:4d:bb:26:3b:ec:33:a5: fa:33:0b:86:79:a9:b6:12:06:88:42:a8:15:93:bb: 20:af:89:30:d9:ee:4e:23:05:c5:5f:44:66:91:7c: 3b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:3F:B5:B5:A0:BE:7F:9B:79:F0:8D:D5:DA:F9:54:C4:A3:53:05:DB X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/aD-1taC-f5t58I3V2vlUxKNTBds.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.220.0.0/14 Signature Algorithm: sha256WithRSAEncryption 7b:85:a9:cc:cc:74:a7:6b:69:0b:f8:b8:40:68:d6:64:d3:70: 64:a3:38:ba:e3:78:fc:79:eb:84:1f:c1:18:cd:e0:3b:9c:5e: be:d7:74:f5:10:01:ca:9d:f2:82:7f:06:a2:6c:1a:7f:4e:4b: 3e:50:e2:00:a3:16:4c:a9:b5:da:97:e0:70:84:72:bb:c3:24: 07:51:08:0a:95:88:c4:56:c6:42:43:2f:22:59:22:41:a8:a6: 17:d5:7b:a6:78:fd:69:eb:52:4d:c9:ea:02:b6:9a:b6:54:6e: f3:ee:3d:f3:14:2f:09:5f:04:95:7f:10:3e:17:51:9d:63:80: 28:f4:85:96:a6:a8:e1:be:07:21:e4:8e:56:4f:fa:37:8c:8f: 4a:fc:37:60:89:af:e1:9e:1f:2d:5f:9d:49:d5:6a:ee:64:62: e1:07:00:58:e1:83:f8:d9:48:55:8c:68:8c:93:3e:a8:7d:7e: fd:41:ec:5a:31:c2:7a:75:2e:70:ce:11:10:33:c4:1c:4f:3b: 38:15:27:b8:14:63:e5:77:38:93:9e:14:d3:3f:11:14:f9:76: 28:48:ed:19:60:3f:d4:b6:c3:ef:a1:7b:75:9a:63:68:0c:c8: 85:41:17:08:ac:38:d1:67:f8:b0:e8:82:d2:e5:44:2d:91:e9: b5:94:4e:50 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICFzwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM2MzFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY4M0ZCNUI1QTBCRTdG OUI3OUYwOERENURBRjk1NEM0QTM1MzA1REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGaDu/tTSCY01aUcWH8N/Qytlz6Qzuy4dDbQjiY90MMP5MhEj0 Ssk3s08LBvLmCYA1lBKX/nUgKtnxrUrc3411IKa39DeuulqVs0nPGdyuGHTPDUMd CTe51uyTq5n4K2yB+ouxr2DrKmvp2hstkPupKpLX9F68sAb9bjUxJ5g0Zez5H3nE 7/mud8BnmuGl7sv631XN6JsfjyVGC2TxP5e2ph20BA3J5ZiyLXP7k0bYDHCxAC6U ttR08BnNn4DvkHtiX7GQh/i+os1rPnDQm+kxRJ0CIFMd7nivTbsmO+wzpfozC4Z5 qbYSBohCqBWTuyCviTDZ7k4jBcVfRGaRfDsJAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUaD+1taC+f5t58I3V2vlUxKNTBdswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9hRC0xdGFDLWY1dDU4STNWMnZs VXhLTlRCZHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCPdww DQYJKoZIhvcNAQELBQADggEBAHuFqczMdKdraQv4uEBo1mTTcGSjOLrjePx564Qf wRjN4DucXr7XdPUQAcqd8oJ/BqJsGn9OSz5Q4gCjFkyptdqX4HCEcrvDJAdRCAqV iMRWxkJDLyJZIkGophfVe6Z4/WnrUk3J6gK2mrZUbvPuPfMULwlfBJV/ED4XUZ1j gCj0hZamqOG+ByHkjlZP+jeMj0r8N2CJr+GeHy1fnUnVau5kYuEHAFjhg/jZSFWM aIyTPqh9fv1B7Foxwnp1LnDOERAzxBxPOzgVJ7gUY+V3OJOeFNM/ERT5dihI7Rlg P9S2w++he3WaY2gMyIVBFwisONFn+LDogtLlRC2R6bWUTlA= -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:38 2025 by rpki-client on console.sobornost.net