$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/AYWxS2SJO9pH1cCz1KdNFThYrmU.roa File: AYWxS2SJO9pH1cCz1KdNFThYrmU.roa (raw, json) Hash identifier: FiqmS2R79B3bJEirW80ZAM9IL849wZM5d4SNZIvnkjA= Subject key identifier: 01:85:B1:4B:64:89:3B:DA:47:D5:C0:B3:D4:A7:4D:15:38:58:AE:65 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 17D0 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/AYWxS2SJO9pH1cCz1KdNFThYrmU.roa Signing time: Mon 10 Feb 2025 14:07:17 +0000 ROA not before: Mon 10 Feb 2025 14:07:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 220.228.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6096 (0x17d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Feb 10 14:07:17 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0185B14B64893BDA47D5C0B3D4A74D153858AE65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:10:52:b4:82:e4:f3:a8:c5:c2:76:cf:a3:41: e3:f0:28:2d:d8:56:63:6a:e0:cf:0b:97:f6:2d:fe: 3c:aa:0f:c4:37:cf:d1:52:63:df:04:e2:d9:c4:94: b5:74:12:30:c0:5a:e4:a6:81:22:cf:2f:30:5b:dd: 24:54:d9:d1:ce:46:b9:c4:83:30:f1:f9:be:71:31: 66:c7:f0:3a:be:f1:94:cb:5d:0f:65:a0:b8:b8:20: 8a:1a:b8:cb:ef:99:30:ba:d5:60:98:db:f2:6f:a7: ca:c6:c2:24:f0:60:2f:17:eb:d0:41:42:bc:7d:fe: a0:97:bf:e7:77:9f:fc:ab:73:46:9d:c3:08:37:5d: 7f:5e:e6:1d:8c:00:42:52:d2:32:a0:07:f3:e8:b1: 0f:69:31:16:47:9b:09:12:1d:d4:74:0e:cd:cc:45: 86:03:06:c8:c4:63:76:bd:4f:e4:09:64:20:0d:0a: 92:56:a3:56:2c:6a:89:e9:ce:a0:5f:40:4c:fd:a6: 9e:2f:17:d6:90:0f:55:34:8e:34:c0:7d:60:a7:ff: 80:5e:43:5b:11:b8:71:93:1c:14:10:46:65:41:1c: 99:af:a6:b1:b8:ca:95:7a:6d:b6:bd:0b:1a:7f:d1: a7:b3:51:92:6b:34:1f:7d:82:03:28:3f:81:ee:a0: ba:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:85:B1:4B:64:89:3B:DA:47:D5:C0:B3:D4:A7:4D:15:38:58:AE:65 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/AYWxS2SJO9pH1cCz1KdNFThYrmU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.228.0.0/15 Signature Algorithm: sha256WithRSAEncryption ae:aa:73:a8:1d:c4:34:ae:5e:6f:8c:99:6b:82:33:e9:32:08: 33:1a:f1:5b:53:6c:a5:3a:2f:32:cc:85:c5:b3:87:fd:8f:24: 7e:bd:e9:54:18:7e:e7:2e:8d:15:0d:3d:fd:4c:c3:db:e2:aa: f9:ec:7f:16:6f:6b:19:fd:23:d1:05:99:bf:fe:5d:f0:08:d3: 31:65:95:ce:6d:45:e7:d0:6e:15:bd:76:51:09:50:0a:60:e8: 0f:79:4a:5b:0b:b9:f9:be:29:36:e3:8c:c6:42:23:0e:8e:53: d4:be:fa:ad:28:d3:1a:da:4a:21:4d:4f:a6:e8:7c:51:12:6e: 98:d5:56:17:4a:1d:88:52:b5:aa:7e:a9:be:ed:d1:c7:42:22: e1:b3:5b:2f:7e:e7:76:42:d9:cc:de:97:85:9d:bf:0b:2f:77: ea:73:c8:ba:c7:de:2b:0f:8b:c3:f3:f8:76:c8:c0:36:75:bc: c6:32:b8:80:87:c2:fe:80:d4:af:47:ed:14:13:9f:10:dd:e2: 4d:87:25:76:97:53:14:52:37:dd:76:f9:1d:1b:bb:f7:8b:ff: 06:ba:33:f3:82:33:0b:ef:f7:ef:19:d1:b2:7e:b2:f4:6e:6d: c1:33:48:3b:fb:49:f4:2a:01:f5:15:a3:92:48:40:7b:c6:f9: 3e:bf:d4:8f -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICF9AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx NDA3MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDAxODVCMTRCNjQ4OTNC REE0N0Q1QzBCM0Q0QTc0RDE1Mzg1OEFFNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3EFK0guTzqMXCds+jQePwKC3YVmNq4M8Ll/Yt/jyqD8Q3z9FS Y98E4tnElLV0EjDAWuSmgSLPLzBb3SRU2dHORrnEgzDx+b5xMWbH8Dq+8ZTLXQ9l oLi4IIoauMvvmTC61WCY2/Jvp8rGwiTwYC8X69BBQrx9/qCXv+d3n/yrc0adwwg3 XX9e5h2MAEJS0jKgB/PosQ9pMRZHmwkSHdR0Ds3MRYYDBsjEY3a9T+QJZCANCpJW o1YsaonpzqBfQEz9pp4vF9aQD1U0jjTAfWCn/4BeQ1sRuHGTHBQQRmVBHJmvprG4 ypV6bba9Cxp/0aezUZJrNB99ggMoP4HuoLorAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUAYWxS2SJO9pH1cCz1KdNFThYrmUwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQVlXeFMyU0pPOXBIMWNDejFLZE5G VGhZcm1VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAdzkMA0G CSqGSIb3DQEBCwUAA4IBAQCuqnOoHcQ0rl5vjJlrgjPpMggzGvFbU2ylOi8yzIXF s4f9jyR+velUGH7nLo0VDT39TMPb4qr57H8Wb2sZ/SPRBZm//l3wCNMxZZXObUXn 0G4VvXZRCVAKYOgPeUpbC7n5vik244zGQiMOjlPUvvqtKNMa2kohTU+m6HxREm6Y 1VYXSh2IUrWqfqm+7dHHQiLhs1svfud2QtnM3peFnb8LL3fqc8i6x94rD4vD8/h2 yMA2dbzGMriAh8L+gNSvR+0UE58Q3eJNhyV2l1MUUjfddvkdG7v3i/8GujPzgjML 7/fvGdGyfrL0bm3BM0g7+0n0KgH1FaOSSEB7xvk+v9SP -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:40 2025 by rpki-client on console.sobornost.net