$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/I9bu6jPDS39vMIgi5aUg69Z9GMg.roa File: I9bu6jPDS39vMIgi5aUg69Z9GMg.roa (raw, json) Hash identifier: eTr5swXsdZXVrANbRhz63+9dN4/HFZyin5QvHGx4KzY= Subject key identifier: 23:D6:EE:EA:33:C3:4B:7F:6F:30:88:22:E5:A5:20:EB:D6:7D:18:C8 Certificate issuer: /CN=324A7E6EBF678F98B87228EC8466C3690A43DDB6 Certificate serial: 0C83 Authority key identifier: 32:4A:7E:6E:BF:67:8F:98:B8:72:28:EC:84:66:C3:69:0A:43:DD:B6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Mkp-br9nj5i4cijshGbDaQpD3bY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/I9bu6jPDS39vMIgi5aUg69Z9GMg.roa Signing time: Mon 10 Feb 2025 13:50:40 +0000 ROA not before: Mon 10 Feb 2025 13:50:40 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 133948 IP address blocks: 103.197.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/Mkp-br9nj5i4cijshGbDaQpD3bY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/Mkp-br9nj5i4cijshGbDaQpD3bY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Mkp-br9nj5i4cijshGbDaQpD3bY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3203 (0xc83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=324A7E6EBF678F98B87228EC8466C3690A43DDB6 Validity Not Before: Feb 10 13:50:40 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=23D6EEEA33C34B7F6F308822E5A520EBD67D18C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:08:75:00:c1:d6:35:e1:e5:8c:ba:5e:10:dd: b3:aa:65:44:62:91:33:c1:65:55:7a:60:1d:d0:cd: dd:7f:05:47:45:87:b5:e4:0a:cd:b4:82:b4:c2:fc: 1e:e2:7c:61:f9:5d:de:2d:e4:b5:a2:6e:fb:23:1a: a9:57:c6:d4:aa:80:5b:ac:84:4b:e9:e7:7d:f4:17: c4:cf:4d:87:41:db:64:a5:a5:90:b4:f8:68:f9:d3: 5b:40:00:73:e9:68:9e:01:bd:f2:96:9e:bf:16:e8: f3:89:b0:e9:10:d3:0c:3a:d4:49:90:59:8e:86:10: 97:91:d9:da:3f:cb:1f:75:d9:af:f4:a7:f1:9d:ba: 39:a3:d7:dc:b9:40:b1:5a:aa:13:78:60:c1:3b:82: d2:7c:9d:f9:90:18:ed:85:2a:a0:6c:47:9d:a1:6f: 20:11:e0:c8:43:aa:41:3e:38:15:08:37:c0:37:97: fd:91:db:0b:21:6e:8d:93:25:62:78:4f:80:e0:c4: fb:da:9f:94:af:86:9f:80:27:b5:e7:c3:8e:e1:25: 5f:75:85:e6:fa:5a:7b:ab:25:17:c1:ad:f5:50:bf: d7:b1:7d:32:e2:21:13:47:23:56:12:c1:fd:0d:ec: 48:d0:b4:1c:65:b8:75:9a:ae:8c:b6:85:a4:18:8b: b0:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D6:EE:EA:33:C3:4B:7F:6F:30:88:22:E5:A5:20:EB:D6:7D:18:C8 X509v3 Authority Key Identifier: keyid:32:4A:7E:6E:BF:67:8F:98:B8:72:28:EC:84:66:C3:69:0A:43:DD:B6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/Mkp-br9nj5i4cijshGbDaQpD3bY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Mkp-br9nj5i4cijshGbDaQpD3bY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/I9bu6jPDS39vMIgi5aUg69Z9GMg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.197.172.0/24 Signature Algorithm: sha256WithRSAEncryption 69:5b:45:74:1b:ca:10:14:be:b5:26:c9:58:f3:43:9a:1c:81: 58:a9:6e:0f:9d:77:ba:27:dd:b6:f9:8f:14:30:4a:96:10:3d: 44:ce:9a:d8:8d:4b:f6:32:ee:c2:e8:b9:06:20:79:a0:1c:2f: 2a:54:c9:0c:40:66:0b:7f:0b:57:61:cb:41:d7:86:01:79:26: 07:73:44:97:2d:7c:4a:b6:01:44:39:0b:e7:b4:68:06:04:b1: a1:6b:c8:89:8e:38:16:f5:56:6a:07:c5:c6:a5:1f:7b:9c:56: ee:fa:2d:5f:e4:05:cd:bd:f3:0b:15:96:23:4a:05:c2:08:14: a1:55:75:cc:a2:e2:28:1c:ad:ff:31:79:7c:7b:82:0e:78:9e: 44:df:4d:f7:19:fa:02:ea:6c:ef:c2:53:07:c3:83:14:53:7b: c0:c0:4d:9a:2a:b6:ba:ad:a2:cb:23:d0:d9:27:ce:fc:a5:4a: b8:6f:56:30:e3:30:31:f5:f7:f2:04:c9:27:09:84:43:37:20: e5:4f:c8:4a:3a:fb:6b:91:5c:5e:e8:04:92:23:d3:49:ef:7e: 61:85:17:43:21:b7:52:d2:8a:0a:f4:b2:06:03:bd:25:27:54: b3:e5:a0:b3:7e:e9:04:2f:33:c2:d6:9e:21:49:a4:bb:ed:1b: cc:62:e2:78 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzI0 QTdFNkVCRjY3OEY5OEI4NzIyOEVDODQ2NkMzNjkwQTQzRERCNjAeFw0yNTAyMTAx MzUwNDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIzRDZFRUVBMzNDMzRC N0Y2RjMwODgyMkU1QTUyMEVCRDY3RDE4QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDICHUAwdY14eWMul4Q3bOqZURikTPBZVV6YB3Qzd1/BUdFh7Xk Cs20grTC/B7ifGH5Xd4t5LWibvsjGqlXxtSqgFushEvp5330F8TPTYdB22SlpZC0 +Gj501tAAHPpaJ4BvfKWnr8W6POJsOkQ0ww61EmQWY6GEJeR2do/yx912a/0p/Gd ujmj19y5QLFaqhN4YME7gtJ8nfmQGO2FKqBsR52hbyAR4MhDqkE+OBUIN8A3l/2R 2wshbo2TJWJ4T4DgxPvan5Svhp+AJ7Xnw47hJV91heb6WnurJRfBrfVQv9exfTLi IRNHI1YSwf0N7EjQtBxluHWaroy2haQYi7BpAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUI9bu6jPDS39vMIgi5aUg69Z9GMgwHwYDVR0jBBgwFoAUMkp+br9nj5i4cijs hGbDaQpD3bYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0pB WS9Na3AtYnI5bmo1aTRjaWpzaEdiRGFRcEQzYlkuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL01rcC1icjluajVpNGNpanNoR2JEYVFwRDNiWS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0hPTkdKQVkvSTlidTZqUERTMzl2TUln aTVhVWc2OVo5R01nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGfFrDANBgkqhkiG9w0BAQsFAAOCAQEAaVtFdBvKEBS+tSbJWPNDmhyBWKluD513 uifdtvmPFDBKlhA9RM6a2I1L9jLuwui5BiB5oBwvKlTJDEBmC38LV2HLQdeGAXkm B3NEly18SrYBRDkL57RoBgSxoWvIiY44FvVWagfFxqUfe5xW7votX+QFzb3zCxWW I0oFwggUoVV1zKLiKByt/zF5fHuCDnieRN9N9xn6Aups78JTB8ODFFN7wMBNmiq2 uq2iyyPQ2SfO/KVKuG9WMOMwMfX38gTJJwmEQzcg5U/ISjr7a5FcXugEkiPTSe9+ YYUXQyG3UtKKCvSyBgO9JSdUs+Wgs37pBC8zwtaeIUmku+0bzGLieA== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:39 2025 by rpki-client on console.sobornost.net