$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/KPXOcgSb1A8x_McR8M_39Q45E3s.roa File: KPXOcgSb1A8x_McR8M_39Q45E3s.roa (raw, json) Hash identifier: R/oNRrgAfS676Kx8i4u+Z9MhX98ryHZ2FgZJpx8wpXg= Subject key identifier: 28:F5:CE:72:04:9B:D4:0F:31:FC:C7:11:F0:CF:F7:F5:0E:39:13:7B Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Certificate serial: 0CA3 Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/KPXOcgSb1A8x_McR8M_39Q45E3s.roa Signing time: Mon 10 Feb 2025 14:06:25 +0000 ROA not before: Mon 10 Feb 2025 14:06:25 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131602 IP address blocks: 114.29.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3235 (0xca3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Validity Not Before: Feb 10 14:06:25 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=28F5CE72049BD40F31FCC711F0CFF7F50E39137B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:2e:93:7a:da:a6:06:20:26:17:51:6e:27:b8: ef:f5:11:0f:ad:88:79:83:ec:87:d3:21:b6:ca:a4: 31:93:ec:e1:95:90:41:66:b2:20:a5:6a:d8:23:ad: 8b:59:9a:c8:54:32:64:ea:df:e9:62:4d:3a:56:d6: 1d:1a:b6:aa:75:81:dd:31:be:bf:39:ac:e8:64:ac: b3:11:04:f5:72:67:e3:01:98:e6:00:ae:a1:24:b8: ec:25:ea:b6:71:22:7a:f6:bc:e7:4c:f5:a3:8b:93: 64:12:3b:a0:81:7d:29:d2:8c:7c:86:b4:d4:de:03: 39:02:d6:ec:b7:f9:cc:06:72:da:32:f4:d7:52:d5: 3c:44:84:29:57:0a:79:a8:ae:e2:08:69:2d:e7:16: 57:f1:d9:db:5e:1f:26:45:c7:56:e2:2b:dd:ab:19: 92:43:e2:c2:d9:95:35:45:41:64:32:f4:03:1a:1d: 0e:63:fd:db:97:75:fd:37:e6:52:21:a7:89:c5:1a: 80:1b:3b:bc:41:b8:41:b1:1b:16:49:00:18:45:c9: c6:55:f9:94:3e:68:4f:31:a0:66:7e:ba:a2:91:2a: 0f:f2:97:91:c2:b1:f3:f0:98:e2:9b:54:8f:4b:46: 30:42:d5:a8:7f:2e:e2:14:c6:d1:46:5a:c0:dc:f8: f2:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:F5:CE:72:04:9B:D4:0F:31:FC:C7:11:F0:CF:F7:F5:0E:39:13:7B X509v3 Authority Key Identifier: keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/KPXOcgSb1A8x_McR8M_39Q45E3s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.29.240.0/22 Signature Algorithm: sha256WithRSAEncryption a0:82:10:0b:bc:c7:9b:dd:ac:71:03:a2:02:e7:cd:56:37:76: 49:56:08:29:8b:97:4f:e2:37:bd:6d:7f:d0:0c:38:70:f9:45: 4c:34:ad:14:8e:84:03:92:50:3f:66:53:e9:13:0e:0e:a7:4a: fb:07:b2:50:ca:b0:79:00:3c:bb:6b:81:f7:49:67:52:29:b0: 2a:55:e1:07:25:ff:6a:35:a6:11:e4:1c:b7:5b:f0:5b:99:be: 90:8a:6a:4e:8e:99:80:af:11:44:26:c9:7e:a8:20:4f:78:4d: b9:dc:40:3d:44:db:f5:d2:93:64:9b:10:96:5a:ab:ba:e4:29: 03:85:66:65:b5:b3:80:63:05:3c:4e:ac:98:8c:27:3e:0f:f2: d0:b0:b1:8a:2f:18:31:90:e5:08:bb:95:ca:c0:cd:3b:bd:ca: 50:c6:ab:98:35:57:cf:17:85:cb:de:25:fa:83:4d:43:16:81: ee:cb:8d:d8:b9:ae:37:d4:e9:cc:fd:99:57:2c:c2:68:94:2f: d3:a8:50:6a:16:bf:d7:db:e3:5f:47:d5:a6:73:f9:2e:5c:8d: e5:11:33:e7:d7:4b:cb:27:b7:2e:f0:81:da:03:53:d4:42:6d: 47:8a:5c:b8:69:03:59:c8:09:29:8d:d1:05:8a:77:7b:db:33: ed:24:d5:3e -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTAyMTAx NDA2MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI4RjVDRTcyMDQ5QkQ0 MEYzMUZDQzcxMUYwQ0ZGN0Y1MEUzOTEzN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJLpN62qYGICYXUW4nuO/1EQ+tiHmD7IfTIbbKpDGT7OGVkEFm siClatgjrYtZmshUMmTq3+liTTpW1h0atqp1gd0xvr85rOhkrLMRBPVyZ+MBmOYA rqEkuOwl6rZxInr2vOdM9aOLk2QSO6CBfSnSjHyGtNTeAzkC1uy3+cwGctoy9NdS 1TxEhClXCnmoruIIaS3nFlfx2dteHyZFx1biK92rGZJD4sLZlTVFQWQy9AMaHQ5j /duXdf035lIhp4nFGoAbO7xBuEGxGxZJABhFycZV+ZQ+aE8xoGZ+uqKRKg/yl5HC sfPwmOKbVI9LRjBC1ah/LuIUxtFGWsDc+PLRAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUKPXOcgSb1A8x/McR8M/39Q45E3swHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6 /hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0tQWE9jZ1NiMUE4eF9NY1I4TV8zOVE0 NUUzcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ KoZIhvcNAQELBQADggEBAKCCEAu8x5vdrHEDogLnzVY3dklWCCmLl0/iN71tf9AM OHD5RUw0rRSOhAOSUD9mU+kTDg6nSvsHslDKsHkAPLtrgfdJZ1IpsCpV4Qcl/2o1 phHkHLdb8FuZvpCKak6OmYCvEUQmyX6oIE94TbncQD1E2/XSk2SbEJZaq7rkKQOF ZmW1s4BjBTxOrJiMJz4P8tCwsYovGDGQ5Qi7lcrAzTu9ylDGq5g1V88XhcveJfqD TUMWge7Ljdi5rjfU6cz9mVcswmiUL9OoUGoWv9fb419H1aZz+S5cjeURM+fXS8sn ty7wgdoDU9RCbUeKXLhpA1nICSmN0QWKd3vbM+0k1T4= -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:39 2025 by rpki-client on console.sobornost.net