$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/U9ba85Fj9dRh9xQqyK1bfX3_aQQ.roa File: U9ba85Fj9dRh9xQqyK1bfX3_aQQ.roa (raw, json) Hash identifier: b1fttz7chVbP10A7EyU0lJXwcIEfe1UviSng3YX1ZCY= Subject key identifier: 53:D6:DA:F3:91:63:F5:D4:61:F7:14:2A:C8:AD:5B:7D:7D:FF:69:04 Certificate issuer: /CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB Certificate serial: 08A5 Authority key identifier: 2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/U9ba85Fj9dRh9xQqyK1bfX3_aQQ.roa Signing time: Mon 10 Feb 2025 14:03:49 +0000 ROA not before: Mon 10 Feb 2025 14:03:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131677 IP address blocks: 103.149.64.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2213 (0x8a5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB Validity Not Before: Feb 10 14:03:49 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=53D6DAF39163F5D461F7142AC8AD5B7D7DFF6904 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b7:bb:e7:a7:87:8d:f3:d7:0a:85:58:73:37: 95:fc:0c:11:d2:6e:15:3c:01:eb:34:70:bc:6b:73: 0f:9d:2e:d5:d0:87:68:72:62:2a:d8:9c:b8:bb:9c: ad:c1:4e:65:70:ee:8e:a2:30:62:a3:6f:10:9b:40: 80:ce:d0:21:2e:ca:32:44:ba:ea:b4:e0:87:a1:23: 07:3c:aa:35:6c:af:ed:e5:fb:20:d2:1a:5e:3a:2f: 48:00:82:e7:51:d8:de:7b:85:d5:80:77:42:65:a6: 95:fb:46:80:0d:3e:79:26:d7:dd:a0:6d:41:dd:39: d5:6b:8e:68:b4:18:89:6f:d3:d9:6f:99:7b:61:fe: 8e:f8:9f:e3:57:30:b2:d1:ec:d3:e7:78:52:89:f1: e8:e6:0d:5e:c3:18:d0:75:91:d1:b6:9a:d5:2c:d7: b3:65:e6:20:66:5b:d0:5d:a9:51:f5:aa:1e:70:0d: 7c:eb:c5:9b:89:9b:c2:7e:6b:69:6c:05:a5:f3:18: a6:65:1b:8c:5c:c7:c8:74:8a:5e:24:db:dc:5d:32: 88:02:81:2f:6c:48:5f:cf:45:54:d9:df:a8:b5:05: 25:39:e3:1b:5b:07:a4:ea:0a:20:9e:bd:0f:73:10: b9:40:9b:3d:b5:2f:f2:8e:f7:0f:a8:fe:d1:08:57: 30:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:D6:DA:F3:91:63:F5:D4:61:F7:14:2A:C8:AD:5B:7D:7D:FF:69:04 X509v3 Authority Key Identifier: keyid:2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/U9ba85Fj9dRh9xQqyK1bfX3_aQQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.149.64.0/23 Signature Algorithm: sha256WithRSAEncryption 91:28:2f:17:57:23:e7:1d:4b:5f:fe:54:6c:ff:7c:b1:45:3f: 20:cb:51:a5:fd:a8:4a:2a:85:1e:9c:f6:52:f0:e1:f0:6b:63: d5:62:52:22:15:cb:4f:46:b1:27:32:4b:de:d0:a6:1b:98:43: 50:84:85:5a:66:7c:cd:b5:48:c5:01:17:0a:3e:28:f6:7f:59: cd:75:65:50:23:c3:0b:15:92:8c:eb:13:31:c4:80:3a:1d:fb: da:f5:12:d4:ac:89:53:b7:29:ee:fb:be:d1:55:a7:d1:a6:81: 8d:92:32:8e:4c:36:fd:5f:a6:a9:83:15:2f:64:ff:61:5e:e6: 92:74:e5:de:e7:5f:96:16:25:3d:24:e0:23:f0:b7:36:0d:f6: db:39:d5:f2:e6:27:76:69:f2:62:6e:97:e3:e6:9e:1f:15:2c: 4c:79:0e:a1:cc:a0:d1:ab:99:e5:68:95:79:a8:33:8c:86:9a: 54:6e:77:16:d4:53:35:74:03:9e:58:0b:3f:cd:51:76:a2:c0: 3c:4f:ad:7b:70:2d:44:3b:c3:46:63:cb:5f:c4:19:8b:d6:df: da:79:7b:1f:2f:e8:d2:ad:72:e3:33:28:bb:69:8d:54:27:36: ce:04:c1:5b:b4:90:e8:6a:a3:5d:d5:78:a2:94:2e:75:22:45: e4:5d:e5:8f -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICCKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF RjJCM0MzQTlBMUI1M0MxNkMxQzcwRTU1MTFBRDU5MDMyODRGQjAeFw0yNTAyMTAx NDAzNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUzRDZEQUYzOTE2M0Y1 RDQ2MUY3MTQyQUM4QUQ1QjdEN0RGRjY5MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0t7vnp4eN89cKhVhzN5X8DBHSbhU8Aes0cLxrcw+dLtXQh2hy YirYnLi7nK3BTmVw7o6iMGKjbxCbQIDO0CEuyjJEuuq04IehIwc8qjVsr+3l+yDS Gl46L0gAgudR2N57hdWAd0JlppX7RoANPnkm192gbUHdOdVrjmi0GIlv09lvmXth /o74n+NXMLLR7NPneFKJ8ejmDV7DGNB1kdG2mtUs17Nl5iBmW9BdqVH1qh5wDXzr xZuJm8J+a2lsBaXzGKZlG4xcx8h0il4k29xdMogCgS9sSF/PRVTZ36i1BSU54xtb B6TqCiCevQ9zELlAmz21L/KO9w+o/tEIVzBJAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUU9ba85Fj9dRh9xQqyK1bfX3/aQQwHwYDVR0jBBgwFoAULe8rPDqaG1PBbBxw 5VEa1ZAyhPswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTkZP Ui9MZThyUERxYUcxUEJiQnh3NVZFYTFaQXloUHMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0xlOHJQRHFhRzFQQmJCeHc1VkVhMVpBeWhQcy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL09QRU5GT1IvVTliYTg1Rmo5ZFJoOXhR cXlLMWJmWDNfYVFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AWeVQDANBgkqhkiG9w0BAQsFAAOCAQEAkSgvF1cj5x1LX/5UbP98sUU/IMtRpf2o SiqFHpz2UvDh8Gtj1WJSIhXLT0axJzJL3tCmG5hDUISFWmZ8zbVIxQEXCj4o9n9Z zXVlUCPDCxWSjOsTMcSAOh372vUS1KyJU7cp7vu+0VWn0aaBjZIyjkw2/V+mqYMV L2T/YV7mknTl3udflhYlPSTgI/C3Ng322znV8uYndmnyYm6X4+aeHxUsTHkOocyg 0auZ5WiVeagzjIaaVG53FtRTNXQDnlgLP81RdqLAPE+te3AtRDvDRmPLX8QZi9bf 2nl7Hy/o0q1y4zMou2mNVCc2zgTBW7SQ6GqjXdV4opQudSJF5F3ljw== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:42 2025 by rpki-client on console.sobornost.net