$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/8hrcAomIKgSb9sLxG9-zs1nuFOs.roa File: 8hrcAomIKgSb9sLxG9-zs1nuFOs.roa (raw, json) Hash identifier: 52AwujmrL3YZn6W9E74oaGq5rMvySuqwHDomsJEcJXw= Subject key identifier: F2:1A:DC:02:89:88:2A:04:9B:F6:C2:F1:1B:DF:B3:B3:59:EE:14:EB Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Certificate serial: 0EAE Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/8hrcAomIKgSb9sLxG9-zs1nuFOs.roa Signing time: Mon 10 Feb 2025 13:59:46 +0000 ROA not before: Mon 10 Feb 2025 13:59:46 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38843 IP address blocks: 223.27.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3758 (0xeae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Validity Not Before: Feb 10 13:59:46 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=F21ADC0289882A049BF6C2F11BDFB3B359EE14EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:99:26:cf:71:0e:3d:43:21:f0:94:b5:78:b5: c1:23:8f:18:ac:ba:31:b4:67:78:75:73:73:b6:79: 2c:ca:f3:83:8e:e5:6a:f6:58:44:f1:60:7a:2d:fb: b2:aa:1a:d4:f6:ab:bc:6d:d3:5c:71:5d:74:1f:62: 52:7f:15:26:84:88:5d:09:6b:b4:f6:31:af:a8:81: e9:26:2d:8a:20:ce:5f:15:6f:0a:b8:2c:10:ed:8d: d5:e1:d9:a3:7a:45:5c:cb:71:bd:dd:71:46:43:fe: b8:aa:1c:d8:d4:40:7c:10:80:fb:33:b8:94:48:0a: 42:cf:e9:be:d7:6e:f7:18:1f:0f:8d:ba:c5:70:a3: 99:49:ff:6b:93:52:06:55:65:ea:74:58:cb:ee:f1: d8:d8:6e:61:5a:60:fe:24:7d:da:a8:f5:fd:b8:bd: c5:88:ec:ef:fc:81:f6:a6:ee:72:89:70:bd:ca:e6: c4:a9:69:2a:76:d7:b6:2f:78:23:8b:e9:e5:9b:7f: df:23:57:61:63:fd:4d:90:2b:63:d5:c5:1c:04:bc: ab:88:75:e3:a0:a7:d0:99:3d:16:93:20:f0:d4:e6: 7e:a1:72:12:f5:f9:bb:db:a7:06:cc:cd:69:17:41: 6d:2b:f2:27:4d:92:0c:16:f0:37:b2:39:a9:e6:54: 2b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:1A:DC:02:89:88:2A:04:9B:F6:C2:F1:1B:DF:B3:B3:59:EE:14:EB X509v3 Authority Key Identifier: keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/8hrcAomIKgSb9sLxG9-zs1nuFOs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.27.43.0/24 Signature Algorithm: sha256WithRSAEncryption 1e:be:d2:25:88:fd:9f:d8:cf:09:c5:a0:34:a3:c5:ff:1a:4e: 79:d9:88:c5:92:d2:d0:dd:2f:75:f2:3c:2a:2a:30:32:27:ea: 74:7b:29:73:a2:b4:72:78:5a:99:ab:fe:37:7f:eb:db:01:1d: fb:11:86:df:9a:1a:13:b8:2d:d4:b4:e0:5e:75:b1:aa:42:71: 96:77:3c:a6:30:30:43:5b:eb:20:13:90:66:30:b0:7d:11:9d: 27:a1:0a:59:96:80:71:c7:97:bd:d0:3f:ef:c4:a6:ae:ea:52: a6:51:11:c4:1d:62:64:e4:21:a2:1f:be:7b:bc:28:b3:e9:0e: 92:13:2e:28:e1:6a:36:31:fb:04:7e:ac:34:b9:90:ba:4e:2c: 72:b4:cd:10:f2:32:7b:f3:e4:f2:de:4f:ac:80:91:4c:40:89: 8f:9f:b4:4e:c7:20:f8:ef:d7:36:eb:cc:c2:83:75:2a:90:23: ed:80:7e:a8:ff:b7:a9:f9:fb:b8:51:87:dc:df:67:38:2e:ba: ec:82:05:3c:75:1f:9f:ff:67:8b:18:18:02:0b:85:6f:49:a7: e3:89:fc:c0:b8:6d:58:2d:ac:d0:37:ee:fa:bc:a7:64:8b:b5: cc:12:5c:a1:ef:e6:cd:00:90:b4:e3:60:2b:9e:eb:3e:f7:31: 72:44:d9:95 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx MzU5NDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEYyMUFEQzAyODk4ODJB MDQ5QkY2QzJGMTFCREZCM0IzNTlFRTE0RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9mSbPcQ49QyHwlLV4tcEjjxisujG0Z3h1c3O2eSzK84OO5Wr2 WETxYHot+7KqGtT2q7xt01xxXXQfYlJ/FSaEiF0Ja7T2Ma+ogekmLYogzl8Vbwq4 LBDtjdXh2aN6RVzLcb3dcUZD/riqHNjUQHwQgPszuJRICkLP6b7XbvcYHw+NusVw o5lJ/2uTUgZVZep0WMvu8djYbmFaYP4kfdqo9f24vcWI7O/8gfam7nKJcL3K5sSp aSp217YveCOL6eWbf98jV2Fj/U2QK2PVxRwEvKuIdeOgp9CZPRaTIPDU5n6hchL1 +bvbpwbMzWkXQW0r8idNkgwW8DeyOanmVCvbAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU8hrcAomIKgSb9sLxG9+zs1nuFOswHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80 sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vOGhyY0FvbUlLZ1NiOXNMeEc5LXpz MW51Rk9zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bKzAN BgkqhkiG9w0BAQsFAAOCAQEAHr7SJYj9n9jPCcWgNKPF/xpOedmIxZLS0N0vdfI8 KiowMifqdHspc6K0cnhamav+N3/r2wEd+xGG35oaE7gt1LTgXnWxqkJxlnc8pjAw Q1vrIBOQZjCwfRGdJ6EKWZaAcceXvdA/78SmrupSplERxB1iZOQhoh++e7wos+kO khMuKOFqNjH7BH6sNLmQuk4scrTNEPIye/Pk8t5PrICRTECJj5+0Tscg+O/XNuvM woN1KpAj7YB+qP+3qfn7uFGH3N9nOC667IIFPHUfn/9nixgYAguFb0mn44n8wLht WC2s0Dfu+rynZIu1zBJcoe/mzQCQtONgK57rPvcxckTZlQ== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:43 2025 by rpki-client on console.sobornost.net