$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/s1zSHoMw6AQO_C0BNrC-Uq2n7l4.roa File: s1zSHoMw6AQO_C0BNrC-Uq2n7l4.roa (raw, json) Hash identifier: FdYZrMvFt5aC8Ij6ECcznS0oEhnQ9jVj1hBH/UwwkfA= Subject key identifier: B3:5C:D2:1E:83:30:E8:04:0E:FC:2D:01:36:B0:BE:52:AD:A7:EE:5E Certificate issuer: /CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647 Certificate serial: 3E Authority key identifier: BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/s1zSHoMw6AQO_C0BNrC-Uq2n7l4.roa Signing time: Mon 10 Feb 2025 14:22:47 +0000 ROA not before: Mon 10 Feb 2025 14:22:47 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9678 IP address blocks: 2.58.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0dL1XCbbKFIKeZb_cu0BBCAHmKI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647 Validity Not Before: Feb 10 14:22:47 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B35CD21E8330E8040EFC2D0136B0BE52ADA7EE5E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:34:7f:e4:01:e5:11:be:2c:ff:62:b3:e8:a4: e4:c1:69:97:b0:1d:42:1f:d1:83:af:f5:6a:0f:df: 06:11:6a:e4:d9:f4:aa:48:1c:5d:5b:7e:52:27:97: f8:a3:60:d8:a2:bf:c5:a5:fb:d0:95:77:52:9a:ba: 8d:17:73:ce:61:da:d5:29:e5:11:0e:e8:5b:d2:2b: b6:8c:84:e2:7a:96:23:a9:98:e6:75:91:c5:ff:47: 35:0e:91:af:c6:5c:63:3d:5b:7d:d4:c0:e5:01:74: 47:3f:8c:db:73:91:be:f8:ca:ac:6f:c3:67:52:e7: 5a:6f:94:1c:5e:47:d1:f3:75:a5:3e:6d:71:89:25: d8:61:8a:aa:58:7e:4a:fe:ec:3f:37:78:b9:af:75: 3d:7f:3c:7f:7e:2f:b1:9a:f0:54:3b:46:57:9e:ab: c9:d4:c4:1c:85:1b:6d:65:2a:52:a4:bd:5a:9a:03: 79:1c:8b:dc:03:d2:c8:4b:14:c3:70:9f:56:16:8e: fc:a0:02:2b:ce:0a:7c:49:30:88:69:28:99:d4:9d: bc:c1:1b:d2:52:1a:b4:3d:d8:d5:77:f9:d6:c5:57: f4:64:80:cd:a2:04:7a:5f:cb:4c:3c:bf:3e:0e:08: 16:3d:5b:f6:e9:9b:0a:f8:c8:18:45:82:66:ef:5b: 70:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:5C:D2:1E:83:30:E8:04:0E:FC:2D:01:36:B0:BE:52:AD:A7:EE:5E X509v3 Authority Key Identifier: keyid:BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/s1zSHoMw6AQO_C0BNrC-Uq2n7l4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 2.58.243.0/24 Signature Algorithm: sha256WithRSAEncryption 56:77:2f:be:0d:9e:86:f9:82:d6:eb:bd:63:ee:31:cb:cd:d9: b1:b1:37:9a:d1:cc:15:9e:41:6c:45:d2:1c:c2:18:cb:67:da: a2:53:07:c5:3d:b5:87:ec:27:bc:eb:76:4a:1a:b3:ed:60:12: ef:ee:9c:7c:2e:41:ee:51:60:78:10:cd:93:6e:ec:fb:0f:d2: 0a:66:9c:5b:2b:3b:49:77:35:39:ff:b3:b5:ad:75:59:a5:8c: 21:86:1f:af:d6:c4:0c:0f:18:01:93:3e:cc:8f:de:87:42:50: 65:54:3c:93:48:2c:07:54:b6:c1:4a:91:92:71:7e:b7:00:e6: 73:2f:35:fb:17:14:9e:d2:dd:97:9f:5e:e2:2c:18:b4:c6:3e: 30:80:d3:db:be:d1:5e:80:cc:df:94:42:c4:3c:65:d2:b2:fa: 0a:5e:88:1d:a0:20:5d:e7:c2:08:2c:b3:fc:43:29:4c:24:2e: 89:ee:d9:a5:be:36:d4:ec:0c:1a:27:53:31:38:90:5a:36:c7: 75:fc:61:4a:a2:de:47:e2:e8:0a:cf:d6:d6:65:58:86:cb:e4: ff:64:10:5b:5c:12:4d:c7:02:a3:c5:23:be:15:94:84:4c:1c: 69:79:a7:a3:28:51:c5:f2:82:a0:bb:0e:89:d9:49:ca:d4:c3: a1:b9:80:97 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgIBPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCQjg4 QTkxNzg1QTc4MkM4RUEzQ0RERUQzRTdDMUYwOURBNzlGNjQ3MB4XDTI1MDIxMDE0 MjI0N1oXDTI1MDgyNjAxNTcwM1owMzExMC8GA1UEAxMoQjM1Q0QyMUU4MzMwRTgw NDBFRkMyRDAxMzZCMEJFNTJBREE3RUU1RTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALk0f+QB5RG+LP9is+ik5MFpl7AdQh/Rg6/1ag/fBhFq5Nn0qkgc XVt+UieX+KNg2KK/xaX70JV3Upq6jRdzzmHa1SnlEQ7oW9IrtoyE4nqWI6mY5nWR xf9HNQ6Rr8ZcYz1bfdTA5QF0Rz+M23ORvvjKrG/DZ1LnWm+UHF5H0fN1pT5tcYkl 2GGKqlh+Sv7sPzd4ua91PX88f34vsZrwVDtGV56rydTEHIUbbWUqUqS9WpoDeRyL 3APSyEsUw3CfVhaO/KACK84KfEkwiGkomdSdvMEb0lIatD3Y1Xf51sVX9GSAzaIE el/LTDy/Pg4IFj1b9umbCvjIGEWCZu9bcJcCAwEAAaOCAe4wggHqMB0GA1UdDgQW BBSzXNIegzDoBA78LQE2sL5SrafuXjAfBgNVHSMEGDAWgBS7iKkXhaeCyOo83e0+ fB8J2nn2RzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IT1NUSU4v dTRpcEY0V25nc2pxUE4zdFBud2ZDZHA1OWtjLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS91NGlwRjRXbmdzanFQTjN0UG53ZkNkcDU5a2MuY2VyMA4GA1UdDwEB/wQEAwIH gDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IT1NUSU4vczF6U0hvTXc2QVFPX0MwQk5y Qy1VcTJuN2w0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3 L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI6 8zANBgkqhkiG9w0BAQsFAAOCAQEAVncvvg2ehvmC1uu9Y+4xy83ZsbE3mtHMFZ5B bEXSHMIYy2faolMHxT21h+wnvOt2Shqz7WAS7+6cfC5B7lFgeBDNk27s+w/SCmac Wys7SXc1Of+zta11WaWMIYYfr9bEDA8YAZM+zI/eh0JQZVQ8k0gsB1S2wUqRknF+ twDmcy81+xcUntLdl59e4iwYtMY+MIDT277RXoDM35RCxDxl0rL6Cl6IHaAgXefC CCyz/EMpTCQuie7Zpb421OwMGidTMTiQWjbHdfxhSqLeR+LoCs/W1mVYhsvk/2QQ W1wSTccCo8UjvhWUhEwcaXmnoyhRxfKCoLsOidlJytTDobmAlw== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:39 2025 by rpki-client on console.sobornost.net