$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/2nTTSCm2fpjBJGudHl8IJW3HcJM.roa File: 2nTTSCm2fpjBJGudHl8IJW3HcJM.roa (raw, json) Hash identifier: 5pYK8M8BiQ0nMhl8APevik7u6634ukqlOBC0h6GRe8k= Subject key identifier: DA:74:D3:48:29:B6:7E:98:C1:24:6B:9D:1E:5F:08:25:6D:C7:70:93 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 0F65 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2nTTSCm2fpjBJGudHl8IJW3HcJM.roa Signing time: Mon 10 Feb 2025 14:08:02 +0000 ROA not before: Mon 10 Feb 2025 14:08:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 192.72.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3941 (0xf65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Feb 10 14:08:02 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DA74D34829B67E98C1246B9D1E5F08256DC77093 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:68:df:d9:a1:48:6f:ed:7d:b9:1e:64:6c:47: f9:c4:60:cc:83:6b:1d:20:26:ff:8b:d2:80:bb:f6: ee:c3:c6:06:1a:18:38:80:af:50:63:4d:61:ea:48: 14:c1:1a:c3:39:dd:4d:30:88:01:a8:7c:be:b4:b0: 3d:b2:a1:6b:ab:f9:c4:43:c0:60:f6:65:da:bf:b0: 48:78:49:c6:ac:6a:c6:81:67:eb:22:49:b3:54:c7: 54:90:ea:5d:72:4f:77:0d:ba:26:18:ec:b4:90:4d: a3:b3:34:fb:e4:4a:e1:ba:e9:71:9a:9a:d3:ae:66: 11:81:8e:5b:7d:0f:ec:6f:a0:9f:90:2d:2f:50:5a: 80:cf:10:fe:39:60:72:f9:e5:75:d9:2e:71:13:a3: d2:40:f6:9c:99:b2:0c:f0:76:5f:0d:55:f8:0a:f0: 77:83:6c:86:a0:55:43:aa:94:ac:75:8e:af:94:8d: bb:02:8b:8b:02:61:d2:e4:79:59:52:ba:4b:3d:51: 4f:f6:78:e9:fd:8c:ae:9c:48:96:5e:67:fe:93:83: 09:16:62:a2:f2:54:5a:1a:a3:1c:3c:10:98:ef:3a: 5e:7a:fa:ef:27:6d:22:c2:ee:58:ff:6a:a0:3a:5e: 90:91:06:87:5b:0b:ca:68:5d:b1:0c:e0:a0:5b:38: 4f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:74:D3:48:29:B6:7E:98:C1:24:6B:9D:1E:5F:08:25:6D:C7:70:93 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2nTTSCm2fpjBJGudHl8IJW3HcJM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.240.0/21 Signature Algorithm: sha256WithRSAEncryption 67:1b:41:58:68:0a:07:86:e7:f7:33:2f:02:34:18:14:f1:fa: d5:01:01:2b:a4:52:eb:10:1d:58:75:55:69:8a:e8:81:47:16: 59:51:b8:51:a8:d7:2c:22:0a:32:58:b6:cc:2c:7f:43:df:22: 55:cb:be:fa:33:fc:3e:f6:5d:fc:78:89:4f:a7:ba:f6:ce:f5: 17:8d:dc:7f:0e:30:aa:c6:34:c7:58:b0:e7:86:ac:70:04:f4: 9f:d5:2e:f5:03:04:38:0d:b7:c4:65:fd:67:17:26:c6:c5:08: ea:ad:9f:1e:03:01:7b:26:ea:3f:fc:cf:93:1c:9b:64:16:ff: 63:3e:d7:e2:18:47:79:09:1d:ec:00:14:a7:1a:c7:d0:7f:35: 30:ba:19:51:00:c4:fc:ba:74:03:bc:2c:52:e5:36:f1:46:97: f7:43:d6:cd:c4:86:78:55:a0:a0:bd:e2:5a:ae:18:09:d3:fc: 07:53:a5:68:13:d2:32:53:22:c9:2f:ba:d1:31:26:29:33:32: 6c:5b:c1:ea:3f:06:aa:f6:cb:7d:59:0f:7a:83:ee:e1:2d:b3: 6d:f7:32:fc:e1:c4:2f:a9:6c:27:da:c1:f0:cb:ea:71:45:c7: 2a:50:d7:f1:75:5f:ca:1c:12:ef:b0:ad:6a:82:a4:5b:1b:ac: 14:2b:cd:94 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx NDA4MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERBNzREMzQ4MjlCNjdF OThDMTI0NkI5RDFFNUYwODI1NkRDNzcwOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3aN/ZoUhv7X25HmRsR/nEYMyDax0gJv+L0oC79u7DxgYaGDiA r1BjTWHqSBTBGsM53U0wiAGofL60sD2yoWur+cRDwGD2Zdq/sEh4ScasasaBZ+si SbNUx1SQ6l1yT3cNuiYY7LSQTaOzNPvkSuG66XGamtOuZhGBjlt9D+xvoJ+QLS9Q WoDPEP45YHL55XXZLnETo9JA9pyZsgzwdl8NVfgK8HeDbIagVUOqlKx1jq+UjbsC i4sCYdLkeVlSuks9UU/2eOn9jK6cSJZeZ/6TgwkWYqLyVFoaoxw8EJjvOl56+u8n bSLC7lj/aqA6XpCRBodbC8poXbEM4KBbOE/NAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU2nTTSCm2fpjBJGudHl8IJW3HcJMwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMm5UVFNDbTJmcGpCSkd1ZEhsOElK VzNIY0pNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BI8DAN BgkqhkiG9w0BAQsFAAOCAQEAZxtBWGgKB4bn9zMvAjQYFPH61QEBK6RS6xAdWHVV aYrogUcWWVG4UajXLCIKMli2zCx/Q98iVcu++jP8PvZd/HiJT6e69s71F43cfw4w qsY0x1iw54ascAT0n9Uu9QMEOA23xGX9ZxcmxsUI6q2fHgMBeybqP/zPkxybZBb/ Yz7X4hhHeQkd7AAUpxrH0H81MLoZUQDE/Lp0A7wsUuU28UaX90PWzcSGeFWgoL3i Wq4YCdP8B1OlaBPSMlMiyS+60TEmKTMybFvB6j8GqvbLfVkPeoPu4S2zbfcy/OHE L6lsJ9rB8MvqcUXHKlDX8XVfyhwS77CtaoKkWxusFCvNlA== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:40 2025 by rpki-client on console.sobornost.net