$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/1ZcvVn95Uv4WJTrC4OPXmEmhHE0.roa File: 1ZcvVn95Uv4WJTrC4OPXmEmhHE0.roa (raw, json) Hash identifier: Q/F525NLgItfw5z0vpk4FsnjSSpBqOrT6QRCUqAX/Pw= Subject key identifier: D5:97:2F:56:7F:79:52:FE:16:25:3A:C2:E0:E3:D7:98:49:A1:1C:4D Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Certificate serial: 0CA5 Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/1ZcvVn95Uv4WJTrC4OPXmEmhHE0.roa Signing time: Mon 10 Feb 2025 14:06:26 +0000 ROA not before: Mon 10 Feb 2025 14:06:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 10085 IP address blocks: 103.252.128.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3237 (0xca5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Validity Not Before: Feb 10 14:06:26 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D5972F567F7952FE16253AC2E0E3D79849A11C4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:d4:89:93:2a:41:66:60:e6:da:94:c7:90:72: df:64:53:c1:f0:07:95:18:92:d8:36:d2:d4:0c:b4: ca:9e:a1:df:2b:0e:da:00:11:b6:0d:e1:da:93:ac: 7f:09:b3:f8:55:12:e6:b1:ec:99:0a:19:6e:36:33: 48:ec:ad:0f:25:14:64:52:b9:88:7f:7c:96:16:60: 40:5d:92:ce:9a:d5:7d:a5:aa:1d:42:69:fe:c0:d7: 47:4c:f2:1d:54:7a:db:f1:e9:35:5d:59:fa:cd:5c: 76:59:9a:7a:65:f1:24:ba:f7:33:02:dc:fc:4f:e7: 12:86:a2:34:3d:00:61:8a:3b:03:ea:40:10:5d:da: 14:95:bd:1e:ed:c5:e9:c0:a4:6b:ab:7e:fa:65:25: b1:59:dd:04:e2:a1:e8:de:b3:94:9f:a2:17:0e:a1: 8a:b3:6f:05:d5:db:a9:ce:fd:a4:35:55:59:c8:71: ee:88:80:55:1b:a3:2f:d3:5c:5e:92:a4:c9:47:ef: aa:88:25:45:22:74:c3:69:a7:12:15:a6:9e:fa:3d: c9:82:fb:e5:66:d9:5d:12:cd:96:97:fc:10:45:ff: 82:67:95:e1:87:5c:a9:36:45:86:5e:62:83:b4:34: 13:2f:e7:5a:f5:f5:cc:a2:6c:07:eb:f0:0d:24:36: 5c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:97:2F:56:7F:79:52:FE:16:25:3A:C2:E0:E3:D7:98:49:A1:1C:4D X509v3 Authority Key Identifier: keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/1ZcvVn95Uv4WJTrC4OPXmEmhHE0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.252.128.0/22 Signature Algorithm: sha256WithRSAEncryption 7a:cf:46:b3:22:ca:6f:9a:de:f9:c2:c7:8e:ae:47:7c:8c:23: 6e:95:a5:e0:cf:28:da:25:4d:6a:67:e3:57:89:0b:36:2b:57: e5:19:55:7b:41:34:7e:79:63:68:df:3d:47:d4:db:24:7b:5c: b8:e6:57:25:8d:d0:a1:a4:56:47:8b:d6:22:c6:04:b0:71:0c: 93:fc:06:18:98:74:f6:9c:ba:8c:67:a6:f0:f7:65:f2:eb:b5: 8f:ef:30:d0:1c:d0:67:bf:16:f6:f2:54:a2:93:d0:ef:a4:32: e7:b5:bb:58:7d:dc:e2:d1:f3:88:22:2b:71:79:a5:d6:01:70: d1:dd:51:dc:5b:12:60:c9:61:52:6d:17:49:21:41:aa:0c:df: b2:d5:cc:ae:5c:e3:50:5b:8a:bd:3e:5b:12:ee:7e:1b:ac:f2: 3f:dc:31:44:bf:e1:23:e1:15:a3:1a:3b:ae:2a:c4:7e:4e:e5: 00:ba:6a:ba:05:ba:de:76:17:3e:d4:20:45:ed:77:4d:6f:ec: 2a:e1:19:94:6d:83:2e:a4:0a:5c:6c:5a:7a:01:ae:9a:64:9f: f5:33:51:07:ae:9b:4f:98:95:bc:01:83:75:dc:9c:e3:5f:78: 85:72:31:d9:2f:d3:30:bb:35:fb:45:fe:d3:84:d5:b7:cd:aa: e7:4c:da:66 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTAyMTAx NDA2MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ1OTcyRjU2N0Y3OTUy RkUxNjI1M0FDMkUwRTNENzk4NDlBMTFDNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDz1ImTKkFmYObalMeQct9kU8HwB5UYktg20tQMtMqeod8rDtoA EbYN4dqTrH8Js/hVEuax7JkKGW42M0jsrQ8lFGRSuYh/fJYWYEBdks6a1X2lqh1C af7A10dM8h1Uetvx6TVdWfrNXHZZmnpl8SS69zMC3PxP5xKGojQ9AGGKOwPqQBBd 2hSVvR7txenApGurfvplJbFZ3QTioejes5SfohcOoYqzbwXV26nO/aQ1VVnIce6I gFUboy/TXF6SpMlH76qIJUUidMNppxIVpp76PcmC++Vm2V0SzZaX/BBF/4JnleGH XKk2RYZeYoO0NBMv51r19cyibAfr8A0kNlx5AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU1ZcvVn95Uv4WJTrC4OPXmEmhHE0wHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6 /hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBLzFaY3ZWbjk1VXY0V0pUckM0T1BYbUVt aEhFMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/IAwDQYJ KoZIhvcNAQELBQADggEBAHrPRrMiym+a3vnCx46uR3yMI26VpeDPKNolTWpn41eJ CzYrV+UZVXtBNH55Y2jfPUfU2yR7XLjmVyWN0KGkVkeL1iLGBLBxDJP8BhiYdPac uoxnpvD3ZfLrtY/vMNAc0Ge/FvbyVKKT0O+kMue1u1h93OLR84giK3F5pdYBcNHd UdxbEmDJYVJtF0khQaoM37LVzK5c41Bbir0+WxLufhus8j/cMUS/4SPhFaMaO64q xH5O5QC6aroFut52Fz7UIEXtd01v7CrhGZRtgy6kClxsWnoBrppkn/UzUQeum0+Y lbwBg3XcnONfeIVyMdkv0zC7NftF/tOE1bfNqudM2mY= -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:39 2025 by rpki-client on console.sobornost.net