$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2XBjvhd9HsNGsz3sVX-YrUxN2J0.roa File: 2XBjvhd9HsNGsz3sVX-YrUxN2J0.roa (raw, json) Hash identifier: r3RprEbFY5D/eUUfDNspK5gO1L5U6LqeI24/RBOjPJo= Subject key identifier: D9:70:63:BE:17:7D:1E:C3:46:B3:3D:EC:55:7F:98:AD:4C:4D:D8:9D Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 1365 Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2XBjvhd9HsNGsz3sVX-YrUxN2J0.roa Signing time: Mon 10 Feb 2025 14:03:41 +0000 ROA not before: Mon 10 Feb 2025 14:03:41 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 16509 IP address blocks: 103.235.88.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 18:48:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4965 (0x1365) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Feb 10 14:03:41 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D97063BE177D1EC346B33DEC557F98AD4C4DD89D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:48:f6:c7:0a:88:13:a4:7a:0b:c2:54:5a:d8: d2:53:84:db:39:2c:b3:ae:cd:a4:e9:37:ca:60:a2: b7:2b:c3:bf:d2:b6:39:20:e0:56:ee:49:ce:7a:07: 6b:05:a4:eb:11:9b:21:31:a8:85:b0:07:e9:0f:cb: 78:77:15:65:ed:08:ef:ef:1a:af:24:0c:60:84:c1: ca:de:cd:30:e8:99:6c:8d:6f:5d:ca:9c:83:28:a7: ef:c4:3d:b5:c4:28:6c:4e:2b:47:05:ed:9e:c9:f0: e5:75:96:e2:3d:be:18:2e:ef:d1:e7:9e:01:f3:dd: 6e:b9:13:09:66:9a:77:1a:5a:41:d8:cd:da:75:36: f3:20:1a:e6:3d:25:f4:c6:dc:e5:4d:f7:18:43:bb: 8f:e8:1b:bd:e5:5f:3b:13:0e:57:9e:29:d0:ab:c0: 35:bf:2a:25:be:a7:70:18:1c:cc:34:51:14:61:fc: ce:ff:3e:e0:ab:77:63:73:0c:cf:5a:9b:e3:8b:eb: b1:25:d0:8f:0f:a9:b2:9e:e6:4d:31:f6:24:b4:3a: 76:bc:f1:63:a0:b7:4a:cd:68:fd:a7:41:71:09:0f: 21:1d:66:79:1a:ba:9f:05:10:f1:b5:93:37:5e:ed: e4:2a:62:f0:28:e0:ac:cd:7a:84:5d:bc:b5:f8:4f: e1:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:70:63:BE:17:7D:1E:C3:46:B3:3D:EC:55:7F:98:AD:4C:4D:D8:9D X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2XBjvhd9HsNGsz3sVX-YrUxN2J0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.88.0/24 Signature Algorithm: sha256WithRSAEncryption 40:18:77:78:4a:38:bb:15:1a:6a:9a:20:32:85:5f:58:14:26: 47:e6:34:d0:00:ee:7e:c3:a8:ec:c4:08:49:a2:8d:ea:6b:ad: d3:70:02:39:99:17:bb:93:3a:93:09:79:6f:6c:58:3f:7b:ef: 59:5f:20:b4:b9:df:9e:8c:07:c6:ae:49:cf:46:3c:56:b1:86: 34:a0:80:14:1c:e6:bf:74:bb:e5:69:df:a6:07:05:09:90:10: 31:92:f1:d7:66:bc:dd:9f:0e:83:e4:22:71:f0:b4:a4:cd:84: d2:20:9c:67:21:13:10:d1:fa:22:6c:13:3a:72:fb:ab:86:8e: 55:71:af:95:6a:93:43:4d:d6:96:74:15:0d:1c:7a:78:32:18: be:30:12:6c:10:c0:f9:d5:d2:56:cc:29:fb:16:49:89:10:57: ee:66:32:a9:63:41:ff:ab:f3:75:3b:98:c9:bf:94:5b:34:78: 27:b0:bf:57:73:ca:2a:c1:50:c4:0f:cb:29:42:10:a2:f7:bc: 4e:30:25:a7:25:2c:93:ce:fa:ba:5e:d4:05:81:41:07:e7:e2: 58:88:71:ca:b7:fd:8e:76:fb:0a:0e:38:53:d5:8f:d2:8f:ec: a8:c5:90:a8:77:fe:13:a5:93:8c:a7:be:7a:57:7e:2a:a6:96: 25:8a:08:64 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICE2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTAyMTAx NDAzNDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ5NzA2M0JFMTc3RDFF QzM0NkIzM0RFQzU1N0Y5OEFENEM0REQ4OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNSPbHCogTpHoLwlRa2NJThNs5LLOuzaTpN8pgorcrw7/Stjkg 4FbuSc56B2sFpOsRmyExqIWwB+kPy3h3FWXtCO/vGq8kDGCEwcrezTDomWyNb13K nIMop+/EPbXEKGxOK0cF7Z7J8OV1luI9vhgu79HnngHz3W65EwlmmncaWkHYzdp1 NvMgGuY9JfTG3OVN9xhDu4/oG73lXzsTDleeKdCrwDW/KiW+p3AYHMw0URRh/M7/ PuCrd2NzDM9am+OL67El0I8PqbKe5k0x9iS0Ona88WOgt0rNaP2nQXEJDyEdZnka up8FEPG1kzde7eQqYvAo4KzNeoRdvLX4T+EfAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU2XBjvhd9HsNGsz3sVX+YrUxN2J0wHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy8yWEJqdmhkOUhzTkdzejNzVlgt WXJVeE4ySjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tY MA0GCSqGSIb3DQEBCwUAA4IBAQBAGHd4Sji7FRpqmiAyhV9YFCZH5jTQAO5+w6js xAhJoo3qa63TcAI5mRe7kzqTCXlvbFg/e+9ZXyC0ud+ejAfGrknPRjxWsYY0oIAU HOa/dLvlad+mBwUJkBAxkvHXZrzdnw6D5CJx8LSkzYTSIJxnIRMQ0foibBM6cvur ho5Vca+VapNDTdaWdBUNHHp4Mhi+MBJsEMD51dJWzCn7FkmJEFfuZjKpY0H/q/N1 O5jJv5RbNHgnsL9Xc8oqwVDED8spQhCi97xOMCWnJSyTzvq6XtQFgUEH5+JYiHHK t/2OdvsKDjhT1Y/Sj+yoxZCod/4TpZOMp756V34qppYlighk -----END CERTIFICATE-----Generated at Thu Apr 24 15:54:05 2025 by rpki-client on console.sobornost.net