$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Y9oYj49n12Hdk3toPDTQ9XaRsaY.roa File: Y9oYj49n12Hdk3toPDTQ9XaRsaY.roa (raw, json) Hash identifier: bcdSkdI+Tu9lltz6meDsQOl6LZn7r6IKbUMY961mnfQ= Subject key identifier: 63:DA:18:8F:8F:67:D7:61:DD:93:7B:68:3C:34:D0:F5:76:91:B1:A6 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 0F76 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Y9oYj49n12Hdk3toPDTQ9XaRsaY.roa Signing time: Mon 10 Feb 2025 14:08:06 +0000 ROA not before: Mon 10 Feb 2025 14:08:06 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 192.72.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3958 (0xf76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Feb 10 14:08:06 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=63DA188F8F67D761DD937B683C34D0F57691B1A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:fa:82:1d:8d:12:1a:fa:fc:ff:53:ae:d1:64: 8e:c9:22:be:22:66:1a:8a:92:91:57:54:d7:e3:84: 41:e0:81:d3:bf:5a:7e:a1:fa:5d:c1:3d:92:9c:c3: 2d:d0:8c:d7:48:eb:f1:d4:ba:c3:38:4a:40:9d:c7: 47:c2:af:4e:56:2d:24:92:06:06:0f:8e:fd:90:fe: c8:f2:a0:a1:dd:7a:58:80:45:d7:dd:cd:bf:4d:82: db:8c:0e:27:cf:69:d7:85:d0:0f:50:5f:25:ff:62: 87:54:60:e4:2b:d8:8c:8a:3e:74:a1:ae:a2:9f:79: bc:9d:88:4b:b2:56:5c:2f:3b:84:a0:11:47:a1:41: 3f:0c:25:9d:78:34:d7:3e:6f:56:50:80:01:3b:19: 6c:ac:bd:8f:3f:d4:82:89:85:6d:da:27:32:49:96: 91:0a:4f:c8:b7:54:ec:38:69:16:4a:e8:bd:54:98: 3e:1d:2f:be:a9:a7:7a:1b:b7:b2:23:9f:04:78:27: f4:b4:0a:2c:a8:2e:db:28:34:01:4e:b5:05:47:da: 13:7f:57:1a:4b:22:59:dc:01:3c:e7:9c:c2:c7:e1: d5:53:c1:f2:8f:01:04:d1:2e:e7:d1:14:10:55:9b: 97:a5:5a:d2:98:4e:c5:50:62:7c:13:b7:49:a9:ea: f6:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:DA:18:8F:8F:67:D7:61:DD:93:7B:68:3C:34:D0:F5:76:91:B1:A6 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Y9oYj49n12Hdk3toPDTQ9XaRsaY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.3.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:4f:5e:e9:5a:c3:d5:de:62:7b:1d:83:57:43:4c:6d:d3:dd: 15:f1:64:35:30:75:d7:b2:45:f3:75:7a:0e:4d:da:da:72:32: ea:a3:81:1f:57:83:ed:01:3d:49:6e:80:5d:13:a4:06:bd:49: ac:0d:97:cb:1c:a7:61:e4:41:95:be:9e:53:0c:20:25:ec:65: db:4d:26:b2:88:33:db:6e:ef:68:b1:5b:ac:80:cc:88:2b:0b: 71:c8:4f:f7:31:b3:e2:7a:c7:e4:13:a7:dc:74:24:81:e9:cf: 85:8c:5d:93:d3:5b:93:c9:c6:5f:fa:b3:40:4c:16:3f:f9:96: 66:e8:c4:32:9f:73:77:82:91:37:78:b1:fa:44:63:8b:64:c3: cd:73:bf:6d:69:85:9f:cc:44:d0:c6:d4:f7:e1:54:1e:51:0b: 07:70:98:2d:60:e8:4c:13:ad:ed:60:d6:40:96:b8:22:9c:bf: 9c:b7:40:74:da:ac:55:86:11:23:54:23:fe:49:63:cf:5b:a7: 2d:d1:96:96:f2:6d:d2:da:a3:5d:d6:80:0b:73:13:18:3f:b2: d1:5d:01:b0:74:eb:39:86:b0:45:3d:5d:c2:41:44:e9:32:a8: 93:91:8f:2f:c8:b3:86:7e:06:28:ef:b5:11:4d:f7:7c:f3:6e: 11:e4:b2:23 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx NDA4MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYzREExODhGOEY2N0Q3 NjFERDkzN0I2ODNDMzREMEY1NzY5MUIxQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5+oIdjRIa+vz/U67RZI7JIr4iZhqKkpFXVNfjhEHggdO/Wn6h +l3BPZKcwy3QjNdI6/HUusM4SkCdx0fCr05WLSSSBgYPjv2Q/sjyoKHdeliARdfd zb9NgtuMDifPadeF0A9QXyX/YodUYOQr2IyKPnShrqKfebydiEuyVlwvO4SgEUeh QT8MJZ14NNc+b1ZQgAE7GWysvY8/1IKJhW3aJzJJlpEKT8i3VOw4aRZK6L1UmD4d L76pp3obt7IjnwR4J/S0CiyoLtsoNAFOtQVH2hN/VxpLIlncATznnMLH4dVTwfKP AQTRLufRFBBVm5elWtKYTsVQYnwTt0mp6vZPAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUY9oYj49n12Hdk3toPDTQ9XaRsaYwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWTlvWWo0OW4xMkhkazN0b1BEVFE5 WGFSc2FZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBIAzAN BgkqhkiG9w0BAQsFAAOCAQEAPU9e6VrD1d5iex2DV0NMbdPdFfFkNTB117JF83V6 Dk3a2nIy6qOBH1eD7QE9SW6AXROkBr1JrA2XyxynYeRBlb6eUwwgJexl200msogz 227vaLFbrIDMiCsLcchP9zGz4nrH5BOn3HQkgenPhYxdk9Nbk8nGX/qzQEwWP/mW ZujEMp9zd4KRN3ix+kRji2TDzXO/bWmFn8xE0MbU9+FUHlELB3CYLWDoTBOt7WDW QJa4Ipy/nLdAdNqsVYYRI1Qj/kljz1unLdGWlvJt0tqjXdaAC3MTGD+y0V0BsHTr OYawRT1dwkFE6TKok5GPL8izhn4GKO+1EU33fPNuEeSyIw== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:41 2025 by rpki-client on console.sobornost.net