$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/KJxHeqPcv9_IeZifsf9aFzZ4znw.roa File: KJxHeqPcv9_IeZifsf9aFzZ4znw.roa (raw, json) Hash identifier: A/jDh7h71MxreYF/9V6H+XqGfTrpQJLZTedbMrRn4ko= Subject key identifier: 28:9C:47:7A:A3:DC:BF:DF:C8:79:98:9F:B1:FF:5A:17:36:78:CE:7C Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 0F71 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KJxHeqPcv9_IeZifsf9aFzZ4znw.roa Signing time: Mon 10 Feb 2025 14:08:05 +0000 ROA not before: Mon 10 Feb 2025 14:08:05 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 139.175.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3953 (0xf71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Feb 10 14:08:05 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=289C477AA3DCBFDFC879989FB1FF5A173678CE7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:6e:20:6e:2f:24:49:db:ad:b3:a8:6c:bc:aa: 1c:f1:30:15:87:4a:06:8e:ac:ac:24:c9:37:9e:9d: 68:a5:87:ab:98:25:b7:02:fd:3b:d9:d3:9a:2b:e5: f3:17:e3:11:15:00:58:bb:96:c2:40:86:a7:6d:49: 7c:f4:c5:15:b4:7a:cc:51:19:79:cc:ad:b4:2e:30: 5a:7d:93:92:6f:aa:b0:2e:d6:fb:c0:84:81:57:46: 58:a9:1f:ef:0e:cd:4a:bf:04:43:35:4b:db:7c:39: 5d:af:9c:ef:5c:d2:72:fd:e5:d7:44:c0:f4:1b:6e: 5e:0a:3d:e4:09:5f:ba:b1:9e:e8:f2:20:09:03:ed: b6:a0:cb:4e:66:dc:49:91:d7:fd:17:76:10:ec:0a: a2:40:c4:d2:9c:08:93:cf:e5:1c:8d:5c:da:5d:1c: cb:e1:4b:90:41:90:97:92:85:d4:3a:bd:b3:c1:59: f5:73:94:4e:2c:33:00:11:eb:f9:db:bf:29:68:96: 50:7e:c5:a4:4e:50:82:66:62:f7:59:bf:dd:ae:ee: d3:65:6c:69:0d:57:0b:0d:22:85:9a:e0:cf:c9:81: ab:93:d2:21:5d:4e:d7:ea:65:e8:9b:e2:53:a0:38: 15:55:6f:f3:61:8d:ed:1c:93:ba:aa:3e:9b:26:89: f1:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:9C:47:7A:A3:DC:BF:DF:C8:79:98:9F:B1:FF:5A:17:36:78:CE:7C X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KJxHeqPcv9_IeZifsf9aFzZ4znw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.175.0.0/16 Signature Algorithm: sha256WithRSAEncryption 03:4a:58:4d:e9:10:d8:b1:a3:9c:17:22:f5:ef:0b:c8:ed:87: 1f:bf:b8:1f:5d:7b:2f:ce:b3:f3:3a:c7:fb:2d:89:26:1e:99: 82:a9:66:b9:72:20:b8:a0:70:3f:d6:db:66:f0:be:5e:4c:d9: 7a:b6:13:11:70:62:50:69:2a:cd:e1:01:9a:6f:05:fc:e6:88: e7:cf:42:9e:66:6b:da:7f:a8:a7:b2:9c:fe:d2:6e:60:ad:4f: 2d:28:30:ab:ee:c1:b1:db:78:1f:07:2a:0e:97:e4:11:01:cd: e8:93:17:61:45:cb:0f:71:fe:27:4b:d2:f6:ac:f3:b5:1c:4d: 9b:ee:4c:4c:fb:01:1e:b4:d2:cc:27:ba:b1:87:b1:b7:65:e8: c9:0c:ac:64:2a:b5:5c:31:34:47:97:d2:25:8a:da:07:be:e0: 41:e6:66:40:20:1f:8e:78:96:fa:89:6f:13:84:70:9f:ac:3c: 94:c2:54:6a:a4:03:13:40:79:cd:05:54:93:31:41:54:e7:34: 2c:0e:7c:80:65:47:73:08:c8:9a:4c:38:3f:65:c2:7d:31:7d: fa:e8:11:e7:c3:ac:b2:35:4a:70:e7:8c:80:b2:e5:83:89:5b: 78:2a:20:9f:7b:24:9b:c3:98:aa:27:bb:fd:a6:ca:ec:33:72: d3:9e:ce:2b -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICD3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx NDA4MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI4OUM0NzdBQTNEQ0JG REZDODc5OTg5RkIxRkY1QTE3MzY3OENFN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2biBuLyRJ262zqGy8qhzxMBWHSgaOrKwkyTeenWilh6uYJbcC /TvZ05or5fMX4xEVAFi7lsJAhqdtSXz0xRW0esxRGXnMrbQuMFp9k5JvqrAu1vvA hIFXRlipH+8OzUq/BEM1S9t8OV2vnO9c0nL95ddEwPQbbl4KPeQJX7qxnujyIAkD 7bagy05m3EmR1/0XdhDsCqJAxNKcCJPP5RyNXNpdHMvhS5BBkJeShdQ6vbPBWfVz lE4sMwAR6/nbvylollB+xaROUIJmYvdZv92u7tNlbGkNVwsNIoWa4M/JgauT0iFd TtfqZeib4lOgOBVVb/Nhje0ck7qqPpsmifGfAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUKJxHeqPcv9/IeZifsf9aFzZ4znwwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvS0p4SGVxUGN2OV9JZVppZnNmOWFG elo0em53LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIuvMA0G CSqGSIb3DQEBCwUAA4IBAQADSlhN6RDYsaOcFyL17wvI7Ycfv7gfXXsvzrPzOsf7 LYkmHpmCqWa5ciC4oHA/1ttm8L5eTNl6thMRcGJQaSrN4QGabwX85ojnz0KeZmva f6inspz+0m5grU8tKDCr7sGx23gfByoOl+QRAc3okxdhRcsPcf4nS9L2rPO1HE2b 7kxM+wEetNLMJ7qxh7G3ZejJDKxkKrVcMTRHl9IlitoHvuBB5mZAIB+OeJb6iW8T hHCfrDyUwlRqpAMTQHnNBVSTMUFU5zQsDnyAZUdzCMiaTDg/ZcJ9MX366BHnw6yy NUpw54yAsuWDiVt4KiCfeySbw5iqJ7v9psrsM3LTns4r -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:40 2025 by rpki-client on console.sobornost.net