$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCDTV/lyYZ1OFa1NGk1xrIOiA96O5xcXY.roa File: lyYZ1OFa1NGk1xrIOiA96O5xcXY.roa (raw, json) Hash identifier: 7RcChM0pn7uSc0KOyzxcqTv76hOsPgb5aeNocDKAnKU= Subject key identifier: 97:26:19:D4:E1:5A:D4:D1:A4:D7:1A:C8:3A:20:3D:E8:EE:71:71:76 Certificate issuer: /CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3 Certificate serial: 0C8F Authority key identifier: 4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/lyYZ1OFa1NGk1xrIOiA96O5xcXY.roa Signing time: Mon 10 Feb 2025 14:16:01 +0000 ROA not before: Mon 10 Feb 2025 14:16:01 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131597 IP address blocks: 103.196.172.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3215 (0xc8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3 Validity Not Before: Feb 10 14:16:01 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=972619D4E15AD4D1A4D71AC83A203DE8EE717176 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:55:c2:0d:72:de:19:68:6a:88:3d:2b:f5:0e: 22:1d:26:b8:72:ba:ca:98:2c:14:af:17:94:f6:49: b3:dd:38:b2:89:ad:90:89:2d:3d:d5:14:ba:ae:ac: c3:30:ab:a3:b5:db:b9:04:75:45:af:2c:ca:76:09: a1:77:2b:77:76:84:29:3b:3c:19:01:b5:5b:11:64: 1a:1b:55:6a:ec:9d:0b:eb:e7:ea:98:8b:33:14:1d: c2:8e:a3:36:85:50:3b:b7:4c:b0:d0:59:c0:5f:a6: 9d:90:46:dc:1a:24:e1:01:0e:76:c6:48:d8:63:95: 52:d9:96:8a:d1:60:e3:5c:51:b7:c6:c0:42:5a:f3: ec:94:98:e4:fd:a7:80:d9:8e:2d:11:ce:b0:51:f8: 86:5c:8e:86:28:1a:2f:08:a1:7e:22:6f:5e:7f:46: 4b:a4:c1:d6:35:6c:d9:a4:07:df:0e:dc:8c:f8:33: 19:72:79:c9:9c:d8:d0:b7:15:fe:76:41:e1:f8:9c: 96:a9:14:af:19:17:f8:2d:84:33:41:3f:4b:6f:15: 7b:9b:1d:78:1d:48:7f:18:73:ee:9c:0f:7c:b7:48: 71:67:4a:cf:34:8a:7f:cd:ad:f4:ba:fc:82:7d:ec: 97:44:ba:32:4d:96:87:02:ad:74:87:79:a0:ce:77: 85:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:26:19:D4:E1:5A:D4:D1:A4:D7:1A:C8:3A:20:3D:E8:EE:71:71:76 X509v3 Authority Key Identifier: keyid:4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/lyYZ1OFa1NGk1xrIOiA96O5xcXY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.196.172.0/22 Signature Algorithm: sha256WithRSAEncryption a3:52:3d:2a:20:1d:5d:76:74:b9:98:42:54:93:ee:74:19:f3: 0c:12:42:1e:5e:7c:ce:f9:b3:f9:21:83:d3:1d:10:8d:b9:39: c1:ab:9b:2b:6a:83:83:78:20:fc:7a:7d:05:b9:24:df:df:69: 4f:f8:81:b1:ed:fa:5a:9e:0b:9f:30:68:6e:62:09:ed:ca:98: 3b:95:3b:1d:d4:08:6c:6c:7a:1e:ef:d6:3b:7f:51:07:04:ac: af:e0:40:4b:95:4f:a1:52:3b:a4:b0:68:81:b0:ae:76:be:d9: 03:4e:d9:14:29:0a:54:f4:c9:2f:f7:c7:54:32:38:b3:65:ef: 65:dc:fd:4a:0d:2f:09:5c:c4:4e:da:f8:27:2a:8d:fb:a3:ac: 75:12:bb:9c:ba:76:10:03:8c:ee:f7:a1:d1:49:bc:23:c0:97: 18:8a:c6:95:aa:ad:2a:c3:0b:da:d9:af:e5:22:15:c8:ba:32: 70:fe:6c:6d:2b:de:3f:d5:b0:c1:cc:ca:dc:44:a9:e3:df:e4: 28:7d:b8:ce:3d:80:8c:d0:22:c4:ea:43:6b:76:fa:b0:1d:b4: 8a:b6:8b:cb:a5:94:20:bd:e5:6d:54:26:61:5e:e2:c4:1f:dd: 0f:51:02:64:bc:75:59:80:28:3b:20:28:ec:8a:77:52:23:e4: 3a:72:bf:0b -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEI4 MUJCMzFGQTUyOTJDODAyNUI4MjhGODAyNzIyREUwRDVFQURFMzAeFw0yNTAyMTAx NDE2MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk3MjYxOUQ0RTE1QUQ0 RDFBNEQ3MUFDODNBMjAzREU4RUU3MTcxNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+VcINct4ZaGqIPSv1DiIdJrhyusqYLBSvF5T2SbPdOLKJrZCJ LT3VFLqurMMwq6O127kEdUWvLMp2CaF3K3d2hCk7PBkBtVsRZBobVWrsnQvr5+qY izMUHcKOozaFUDu3TLDQWcBfpp2QRtwaJOEBDnbGSNhjlVLZlorRYONcUbfGwEJa 8+yUmOT9p4DZji0RzrBR+IZcjoYoGi8IoX4ib15/RkukwdY1bNmkB98O3Iz4Mxly ecmc2NC3Ff52QeH4nJapFK8ZF/gthDNBP0tvFXubHXgdSH8Yc+6cD3y3SHFnSs80 in/NrfS6/IJ97JdEujJNlocCrXSHeaDOd4UbAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUlyYZ1OFa1NGk1xrIOiA96O5xcXYwHwYDVR0jBBgwFoAUS4G7MfpSksgCW4KP gCci3g1ereMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNEVFYv UzRHN01mcFNrc2dDVzRLUGdDY2kzZzFlcmVNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9TNEc3TWZwU2tzZ0NXNEtQZ0NjaTNnMWVyZU0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0RUVi9seVlaMU9GYTFOR2sxeHJJT2lB OTZPNXhjWFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ8Ss MA0GCSqGSIb3DQEBCwUAA4IBAQCjUj0qIB1ddnS5mEJUk+50GfMMEkIeXnzO+bP5 IYPTHRCNuTnBq5sraoODeCD8en0FuSTf32lP+IGx7fpangufMGhuYgntypg7lTsd 1AhsbHoe79Y7f1EHBKyv4EBLlU+hUjuksGiBsK52vtkDTtkUKQpU9Mkv98dUMjiz Ze9l3P1KDS8JXMRO2vgnKo37o6x1ErucunYQA4zu96HRSbwjwJcYisaVqq0qwwva 2a/lIhXIujJw/mxtK94/1bDBzMrcRKnj3+QofbjOPYCM0CLE6kNrdvqwHbSKtovL pZQgveVtVCZhXuLEH90PUQJkvHVZgCg7ICjsindSI+Q6cr8L -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:40 2025 by rpki-client on console.sobornost.net