$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3aLbZG2Y1RSVO7u0W0hr4S9qUY8.roa File: 3aLbZG2Y1RSVO7u0W0hr4S9qUY8.roa (raw, json) Hash identifier: jRyl4WeeeWP98fPFMqRBdVRyuKcIkaU8RhSWHO1TefI= Subject key identifier: DD:A2:DB:64:6D:98:D5:14:95:3B:BB:B4:5B:48:6B:E1:2F:6A:51:8F Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0D68 Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3aLbZG2Y1RSVO7u0W0hr4S9qUY8.roa Signing time: Mon 10 Feb 2025 14:13:17 +0000 ROA not before: Mon 10 Feb 2025 14:13:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 59.102.128.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3432 (0xd68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Feb 10 14:13:17 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DDA2DB646D98D514953BBBB45B486BE12F6A518F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:7f:42:57:32:4c:7f:39:a8:06:76:3e:2c:f3: a0:29:6e:db:6d:9b:45:13:b7:50:f0:85:50:d3:73: b3:d4:91:fd:d3:10:c9:94:5f:16:03:83:56:38:70: 33:d8:ad:21:c6:13:81:3a:20:d6:b0:9d:04:b9:da: f0:c5:81:ff:b2:1e:70:ff:3b:78:9f:51:28:af:5d: 3f:26:2b:81:e5:7c:55:06:e9:ab:e3:aa:13:9b:a4: bb:b6:fd:b4:c9:e0:2c:19:ea:8d:1b:af:85:3c:33: 67:48:ca:e8:39:3a:5e:5c:17:d0:fa:66:72:0f:75: 02:82:21:ff:f9:23:4d:47:0e:1e:8e:d7:5f:37:42: 19:7a:8d:4e:bd:43:e9:44:b9:5b:25:66:6a:96:62: bd:69:a7:7e:39:40:92:cc:b1:62:73:22:dc:b2:ff: e7:da:bd:72:77:64:c4:03:bf:eb:72:d5:22:75:48: 47:d3:eb:1f:d2:b5:39:44:1f:cc:9d:8f:42:61:6f: 8f:6e:67:a2:a9:b4:fd:3a:21:66:84:f9:a0:52:46: c7:d2:0d:84:89:20:ce:6b:c4:c2:40:27:62:52:d8: 14:1b:e5:2c:04:3b:57:b3:2b:7e:32:36:f7:6f:e1: 9a:7d:14:14:7e:2a:61:1a:58:ea:f3:37:b0:8e:08: 8b:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:A2:DB:64:6D:98:D5:14:95:3B:BB:B4:5B:48:6B:E1:2F:6A:51:8F X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3aLbZG2Y1RSVO7u0W0hr4S9qUY8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 59.102.128.0/22 Signature Algorithm: sha256WithRSAEncryption 5c:8f:39:73:e7:d5:fb:ef:90:9f:c0:a7:37:d1:d9:d3:2a:88: 7e:0a:b8:38:5a:7a:ba:dd:0d:89:cb:6f:bb:34:e9:96:ae:e3: a3:e5:16:58:3a:10:cc:71:c8:9d:f1:bb:2a:d6:39:5a:7c:2e: 3b:8f:51:f1:af:c2:5c:e2:cb:fc:bf:47:13:c1:10:ff:e4:66: 3c:e3:00:da:b2:2c:4c:01:f3:b6:71:65:dd:f7:21:f9:14:0f: 96:c0:08:bc:4b:2c:b1:e0:1b:b8:73:84:5a:3e:01:dd:a8:dd: 47:f5:57:ba:dd:12:4c:e5:d9:92:fe:70:3b:31:65:57:b5:8d: 5f:fb:62:fa:e8:d6:c1:e8:3a:e4:9b:ff:96:74:2a:c3:6e:c4: 0b:76:4f:7b:6e:68:e3:f9:89:d7:15:a6:81:bf:cd:f7:0e:ac: e4:bd:5b:e5:d7:45:5b:c2:34:e1:9e:62:34:fb:e9:b9:2a:77: 39:40:c6:a1:42:80:e3:88:33:18:96:58:21:47:71:01:65:be: e7:f9:f4:3c:38:9e:94:8d:c3:6c:ec:e0:1f:1e:43:3d:67:7e: 86:14:11:30:54:a5:ec:bd:56:f1:c7:4d:08:68:43:2c:75:1a: b6:52:e6:3f:a2:17:fe:c7:e9:72:cc:01:c3:15:0f:35:9f:f9: 95:b5:a1:70 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx NDEzMTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEREQTJEQjY0NkQ5OEQ1 MTQ5NTNCQkJCNDVCNDg2QkUxMkY2QTUxOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+f0JXMkx/OagGdj4s86Apbtttm0UTt1DwhVDTc7PUkf3TEMmU XxYDg1Y4cDPYrSHGE4E6INawnQS52vDFgf+yHnD/O3ifUSivXT8mK4HlfFUG6avj qhObpLu2/bTJ4CwZ6o0br4U8M2dIyug5Ol5cF9D6ZnIPdQKCIf/5I01HDh6O1183 Qhl6jU69Q+lEuVslZmqWYr1pp345QJLMsWJzItyy/+favXJ3ZMQDv+ty1SJ1SEfT 6x/StTlEH8ydj0Jhb49uZ6KptP06IWaE+aBSRsfSDYSJIM5rxMJAJ2JS2BQb5SwE O1ezK34yNvdv4Zp9FBR+KmEaWOrzN7COCIvNAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU3aLbZG2Y1RSVO7u0W0hr4S9qUY8wHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS8zYUxiWkcyWTFSU1ZPN3UwVzBo cjRTOXFVWTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCO2aA MA0GCSqGSIb3DQEBCwUAA4IBAQBcjzlz59X775CfwKc30dnTKoh+Crg4Wnq63Q2J y2+7NOmWruOj5RZYOhDMccid8bsq1jlafC47j1Hxr8Jc4sv8v0cTwRD/5GY84wDa sixMAfO2cWXd9yH5FA+WwAi8Syyx4Bu4c4RaPgHdqN1H9Ve63RJM5dmS/nA7MWVX tY1f+2L66NbB6Drkm/+WdCrDbsQLdk97bmjj+YnXFaaBv833DqzkvVvl10VbwjTh nmI0++m5Knc5QMahQoDjiDMYllghR3EBZb7n+fQ8OJ6UjcNs7OAfHkM9Z36GFBEw VKXsvVbxx00IaEMsdRq2UuY/ohf+x+lyzAHDFQ81n/mVtaFw -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:44 2025 by rpki-client on console.sobornost.net