$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QKAfJxAKn1AdheRDAVtmWBh6daY.roa File: QKAfJxAKn1AdheRDAVtmWBh6daY.roa (raw, json) Hash identifier: ci7ykUH5wFM9ICcoyPtWPnEsTbYuh3ApCufhapRRXcQ= Subject key identifier: 40:A0:1F:27:10:0A:9F:50:1D:85:E4:43:01:5B:66:58:18:7A:75:A6 Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0D57 Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QKAfJxAKn1AdheRDAVtmWBh6daY.roa Signing time: Mon 10 Feb 2025 14:12:16 +0000 ROA not before: Mon 10 Feb 2025 14:12:16 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18419 IP address blocks: 150.129.228.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3415 (0xd57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Feb 10 14:12:16 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=40A01F27100A9F501D85E443015B6658187A75A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:24:c4:6d:7c:59:c2:bc:a9:a6:6f:dd:be:2f: c1:98:25:90:87:cd:2e:52:66:93:2c:c7:b4:2d:f8: a5:e7:38:92:ef:ff:07:1d:6c:b6:eb:d0:a6:b3:80: b0:b6:ce:2b:58:15:2d:24:f4:f3:85:47:5d:f9:ef: 08:fd:88:f7:d4:0b:f4:5a:f1:bb:eb:5d:27:67:26: f2:52:bf:21:b7:2f:c6:22:00:18:67:c7:33:f9:3b: 1a:85:46:9e:a2:3b:1b:80:73:f2:cf:4e:c5:0e:b6: 62:2e:c2:84:40:4b:80:7c:b2:c5:df:03:73:ec:77: 27:3b:72:a3:96:13:f9:37:cd:e2:c2:f1:2f:77:99: 05:5e:13:4e:68:b1:de:56:6a:14:04:e0:cd:7a:ed: e7:32:ab:d3:cc:70:f8:a9:cc:b5:74:5c:93:cc:52: 27:f9:d4:47:74:91:b3:c4:6f:08:ff:68:ef:fa:3d: 0a:8f:92:8b:12:0b:90:8f:cc:25:b1:4b:c8:ef:99: 93:45:8b:68:00:cb:0c:3c:3a:aa:f0:9e:01:c9:47: 13:fa:57:ed:ae:8a:b8:a0:cd:02:2a:53:4a:cc:f7: 4a:2f:7e:9b:a4:9e:2e:94:f7:50:30:aa:dd:cb:dd: e0:e4:c4:cc:c2:e8:a1:90:a5:11:8e:12:5f:ae:5b: aa:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:A0:1F:27:10:0A:9F:50:1D:85:E4:43:01:5B:66:58:18:7A:75:A6 X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QKAfJxAKn1AdheRDAVtmWBh6daY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.129.228.0/22 Signature Algorithm: sha256WithRSAEncryption 36:39:34:59:38:15:5a:aa:c6:5b:d6:37:c1:08:e1:80:33:7d: a7:d2:75:85:f7:e4:81:58:61:10:3e:7c:6d:5f:6a:9e:63:db: d2:83:b0:86:8e:32:15:d1:03:0c:45:6d:93:72:10:32:f8:41: 9f:2f:c7:82:08:b0:76:45:1f:7a:f2:ed:3c:d5:14:b4:b8:cf: ab:45:30:97:ce:56:41:88:4f:06:11:cc:65:96:8e:2a:40:2d: 63:32:f5:5b:81:c0:79:09:18:ac:a7:82:10:35:ba:7f:a3:78: 9d:e6:e2:eb:3c:07:47:d7:0f:9e:1e:9d:d6:d9:61:02:d6:d5: 23:a9:ec:1e:ad:d4:57:cb:63:d5:84:28:6d:49:f9:b1:fa:01: 51:69:7b:c9:42:d1:b1:14:74:61:c9:49:bc:01:00:ca:91:d8: 80:bf:40:69:41:6d:c8:9d:d9:cb:3a:61:d8:0f:5d:24:d8:e9: f5:19:e3:8c:3d:b7:67:ad:66:bc:2f:3c:6b:f7:d9:8b:2c:73: ed:9f:8e:6f:0f:58:77:04:1a:46:d4:bb:e8:69:d9:af:82:44: d3:9b:0b:2b:06:72:70:98:e1:d4:af:55:6c:3c:fb:f1:6c:ac: aa:ea:3e:87:d0:19:2e:7f:68:51:c1:0c:81:ec:95:45:11:bc: ef:7d:a2:ab -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx NDEyMTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQwQTAxRjI3MTAwQTlG NTAxRDg1RTQ0MzAxNUI2NjU4MTg3QTc1QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtJMRtfFnCvKmmb92+L8GYJZCHzS5SZpMsx7Qt+KXnOJLv/wcd bLbr0KazgLC2zitYFS0k9POFR1357wj9iPfUC/Ra8bvrXSdnJvJSvyG3L8YiABhn xzP5OxqFRp6iOxuAc/LPTsUOtmIuwoRAS4B8ssXfA3Psdyc7cqOWE/k3zeLC8S93 mQVeE05osd5WahQE4M167ecyq9PMcPipzLV0XJPMUif51Ed0kbPEbwj/aO/6PQqP kosSC5CPzCWxS8jvmZNFi2gAyww8OqrwngHJRxP6V+2uirigzQIqU0rM90ovfpuk ni6U91Awqt3L3eDkxMzC6KGQpRGOEl+uW6obAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUQKAfJxAKn1AdheRDAVtmWBh6daYwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9RS0FmSnhBS24xQWRoZVJEQVZ0 bVdCaDZkYVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloHk MA0GCSqGSIb3DQEBCwUAA4IBAQA2OTRZOBVaqsZb1jfBCOGAM32n0nWF9+SBWGEQ PnxtX2qeY9vSg7CGjjIV0QMMRW2TchAy+EGfL8eCCLB2RR968u081RS0uM+rRTCX zlZBiE8GEcxllo4qQC1jMvVbgcB5CRisp4IQNbp/o3id5uLrPAdH1w+eHp3W2WEC 1tUjqewerdRXy2PVhChtSfmx+gFRaXvJQtGxFHRhyUm8AQDKkdiAv0BpQW3IndnL OmHYD10k2On1GeOMPbdnrWa8Lzxr99mLLHPtn45vD1h3BBpG1LvoadmvgkTTmwsr BnJwmOHUr1VsPPvxbKyq6j6H0Bkuf2hRwQyB7JVFEbzvfaKr -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:43 2025 by rpki-client on console.sobornost.net