$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/vHDn8D38-GTGg23dt5lfwMr08yc.roa File: vHDn8D38-GTGg23dt5lfwMr08yc.roa (raw, json) Hash identifier: o+1YJ97GD93efmsGzbTEPg2yTqAr5UCXtUE29LtP3T4= Subject key identifier: BC:70:E7:F0:3D:FC:F8:64:C6:83:6D:DD:B7:99:5F:C0:CA:F4:F3:27 Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 0EFD Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/vHDn8D38-GTGg23dt5lfwMr08yc.roa Signing time: Mon 10 Feb 2025 14:16:16 +0000 ROA not before: Mon 10 Feb 2025 14:16:16 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 1659 IP address blocks: 210.67.248.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3837 (0xefd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Feb 10 14:16:16 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=BC70E7F03DFCF864C6836DDDB7995FC0CAF4F327 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a5:60:bd:d0:04:89:f9:28:25:18:69:f4:85: 65:f1:e0:ec:ea:34:20:88:cd:80:d2:d7:36:19:18: 8a:a0:5f:ff:89:b2:6d:c8:a2:78:97:c1:3d:bc:9c: 6e:80:49:57:c2:2b:af:94:e5:29:80:f9:83:b7:a4: 8f:bb:59:53:df:f9:68:f2:ee:ac:35:72:f6:af:21: 57:06:78:ea:ca:8c:89:16:26:b4:85:93:b7:40:d5: 62:2c:b2:f4:53:56:07:39:68:0c:17:e2:ad:c0:c5: 9f:51:18:18:5b:c7:1e:3f:5a:64:59:b3:2b:bd:17: 61:e3:07:b4:54:11:3a:8d:95:d7:ca:71:16:1e:5e: 94:0b:21:80:a7:11:b5:96:f0:79:b4:5a:c5:29:9e: 3a:2c:a7:e2:35:95:5e:c4:43:19:8b:3a:76:e3:a4: cf:6f:f4:d6:72:e7:a7:9b:91:9e:c9:ae:b7:df:3a: 63:60:fc:a8:2c:fb:54:54:18:65:96:60:ef:bd:6e: 4c:a4:2d:dd:31:e6:ac:87:09:87:69:16:9b:b8:00: 14:02:ca:77:f7:cb:70:88:10:2a:8e:0b:3b:71:ed: 6f:90:de:43:13:6f:ed:4e:10:1e:88:12:b0:64:e3: e5:06:d6:d3:63:2a:93:07:3e:d8:0b:75:2d:34:b4: d1:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:70:E7:F0:3D:FC:F8:64:C6:83:6D:DD:B7:99:5F:C0:CA:F4:F3:27 X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/vHDn8D38-GTGg23dt5lfwMr08yc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.67.248.0/21 Signature Algorithm: sha256WithRSAEncryption 41:14:10:cb:f2:a5:30:7b:45:e5:42:c0:02:ef:cf:59:5d:a7: 1a:81:d8:20:21:dc:24:d8:86:4f:98:50:59:52:ce:70:0a:97: 37:df:6d:69:06:74:9c:a2:ae:e9:e2:d5:3e:7f:62:a8:14:29: 26:e1:41:b4:b2:ff:7f:fa:e2:09:c8:52:17:71:4b:f1:6c:9c: 0a:24:be:d8:e6:c0:ee:a5:bc:55:c1:e8:75:25:9b:54:49:a0: c7:6a:88:83:8e:e9:04:71:00:71:ea:7a:0c:a9:b0:a7:e0:21: 62:0c:7d:2e:8d:4b:a5:cb:4e:4f:e0:0f:e4:73:a9:31:e8:9a: bb:ff:43:f6:6e:77:92:ab:d1:cd:0a:55:43:ea:df:b9:3c:91: 05:e9:71:9f:50:9c:87:94:9e:c7:92:3c:b8:d2:5d:d8:58:49: 72:12:ba:82:0c:42:03:9e:98:ab:04:7b:d3:3d:cf:22:8c:56: 28:7b:82:52:96:76:93:bb:31:66:b6:ca:fe:68:07:ac:03:c5: 7e:22:c8:92:58:6a:2d:ec:0e:9d:1e:d0:83:69:3e:19:92:c3: a6:91:dd:31:d5:75:76:0e:91:23:3a:3d:4c:16:cf:59:bb:e1: 16:36:d9:5a:2b:0c:b7:7d:fb:ff:7a:c0:a4:fa:21:62:ed:fb: 3c:bd:87:38 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNTAyMTAx NDE2MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJDNzBFN0YwM0RGQ0Y4 NjRDNjgzNkREREI3OTk1RkMwQ0FGNEYzMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+pWC90ASJ+SglGGn0hWXx4OzqNCCIzYDS1zYZGIqgX/+Jsm3I oniXwT28nG6ASVfCK6+U5SmA+YO3pI+7WVPf+Wjy7qw1cvavIVcGeOrKjIkWJrSF k7dA1WIssvRTVgc5aAwX4q3AxZ9RGBhbxx4/WmRZsyu9F2HjB7RUETqNldfKcRYe XpQLIYCnEbWW8Hm0WsUpnjosp+I1lV7EQxmLOnbjpM9v9NZy56ebkZ7JrrffOmNg /Kgs+1RUGGWWYO+9bkykLd0x5qyHCYdpFpu4ABQCynf3y3CIECqOCztx7W+Q3kMT b+1OEB6IErBk4+UG1tNjKpMHPtgLdS00tNFdAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUvHDn8D38+GTGg23dt5lfwMr08ycwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC92SERuOEQzOC1HVEdnMjNkdDVs ZndNcjA4eWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD0kP4 MA0GCSqGSIb3DQEBCwUAA4IBAQBBFBDL8qUwe0XlQsAC789ZXacagdggIdwk2IZP mFBZUs5wCpc3321pBnScoq7p4tU+f2KoFCkm4UG0sv9/+uIJyFIXcUvxbJwKJL7Y 5sDupbxVweh1JZtUSaDHaoiDjukEcQBx6noMqbCn4CFiDH0ujUuly05P4A/kc6kx 6Jq7/0P2bneSq9HNClVD6t+5PJEF6XGfUJyHlJ7Hkjy40l3YWElyErqCDEIDnpir BHvTPc8ijFYoe4JSlnaTuzFmtsr+aAesA8V+IsiSWGot7A6dHtCDaT4ZksOmkd0x 1XV2DpEjOj1MFs9Zu+EWNtlaKwy3ffv/esCk+iFi7fs8vYc4 -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:44 2025 by rpki-client on console.sobornost.net