$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/DBnBCOr6eU9E-JWC_p5T1Lnu2KQ.roa File: DBnBCOr6eU9E-JWC_p5T1Lnu2KQ.roa (raw, json) Hash identifier: IfzSsbbRRnnDPM4HETbhNJLUKXwFqgJIybZYrE1PQ2A= Subject key identifier: 0C:19:C1:08:EA:FA:79:4F:44:F8:95:82:FE:9E:53:D4:B9:EE:D8:A4 Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378 Certificate serial: 0CC1 Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/DBnBCOr6eU9E-JWC_p5T1Lnu2KQ.roa Signing time: Mon 10 Feb 2025 14:23:21 +0000 ROA not before: Mon 10 Feb 2025 14:23:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38851 IP address blocks: 103.229.102.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3265 (0xcc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378 Validity Not Before: Feb 10 14:23:21 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0C19C108EAFA794F44F89582FE9E53D4B9EED8A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:5d:bc:ae:c1:c2:5d:aa:af:03:e6:64:59:d4: a1:41:60:5b:66:aa:89:8a:a2:78:88:ce:ba:f4:d4: 7a:97:6b:98:54:55:2d:90:7b:36:08:8d:74:fa:51: 46:ba:f2:41:a8:29:ff:8e:37:96:ad:af:1c:33:ff: 03:6c:6f:22:ec:0b:e6:58:9b:c0:7d:fe:24:ae:84: a2:3e:c1:76:f2:92:e1:dd:7d:0b:93:8f:a9:af:3c: 9c:a1:85:de:35:e1:3c:1a:6a:f3:97:bb:68:aa:48: 2c:c6:c2:47:92:87:44:32:0c:45:00:b4:43:a9:c9: 2f:8f:e6:19:91:b5:d2:fb:b8:c7:88:97:d6:b7:84: 68:22:b5:b9:f8:8a:b8:e5:cc:72:2c:be:3c:1a:a9: 1f:f9:10:ee:0d:da:cc:5a:92:a0:64:58:41:17:f8: b1:ee:42:1c:06:b2:63:03:b8:b7:96:43:e7:a9:f1: a7:1b:b9:0e:44:45:34:b2:23:84:1e:1f:b3:7f:79: 4a:29:78:71:93:cd:a0:0e:49:91:57:d9:5e:a7:29: 0c:d8:28:22:8c:5d:b6:9d:6b:d3:c4:34:47:b4:58: b7:aa:67:a2:89:02:92:17:57:6f:52:5b:35:63:3d: 3a:98:64:91:0b:e7:14:43:33:5a:55:79:c9:c6:19: 9b:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:19:C1:08:EA:FA:79:4F:44:F8:95:82:FE:9E:53:D4:B9:EE:D8:A4 X509v3 Authority Key Identifier: keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/DBnBCOr6eU9E-JWC_p5T1Lnu2KQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.229.102.0/23 Signature Algorithm: sha256WithRSAEncryption 7e:53:13:9e:ac:19:5e:f5:79:60:ed:be:17:11:1b:cc:d0:b7: 6f:34:39:92:8d:bd:ab:c4:68:fb:96:98:e1:38:85:65:74:3d: bc:be:8e:35:f3:e0:45:19:38:57:18:76:e3:20:95:cc:f7:88: ad:03:d6:bc:02:11:aa:c0:82:53:02:89:39:86:25:83:68:bc: 1a:e6:66:1c:73:94:2a:3b:c1:84:c2:d8:cf:84:ed:9a:d5:2d: dd:ce:61:08:3c:ad:e2:11:0a:ff:7a:29:8c:5a:00:d5:41:7f: a8:31:e8:9d:4a:3f:8e:6a:62:f5:60:1e:0e:70:40:60:c1:84: 15:5c:39:b2:ec:09:68:1f:ca:24:0a:2f:bf:98:9e:85:9e:78: 94:5c:b4:f7:dc:4c:06:3e:51:f2:0d:fe:e5:bb:63:9d:3e:64: bf:d1:30:e6:2c:60:85:76:97:7f:24:59:08:fd:c5:a8:e8:6e: 50:f8:df:fb:3b:5c:e6:74:67:91:bb:64:c9:7c:39:8c:85:b6: 3a:12:80:60:63:42:d5:6d:81:05:00:ff:d9:b0:bf:22:15:b0: 15:44:b8:e6:52:8c:d1:86:3c:e8:8d:60:33:da:d7:0b:9c:c4: d2:14:07:c2:ac:63:fc:00:32:eb:eb:9c:d0:95:c7:22:a3:a8: b4:cf:38:45 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yNTAyMTAx NDIzMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBDMTlDMTA4RUFGQTc5 NEY0NEY4OTU4MkZFOUU1M0Q0QjlFRUQ4QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFXbyuwcJdqq8D5mRZ1KFBYFtmqomKoniIzrr01HqXa5hUVS2Q ezYIjXT6UUa68kGoKf+ON5atrxwz/wNsbyLsC+ZYm8B9/iSuhKI+wXbykuHdfQuT j6mvPJyhhd414TwaavOXu2iqSCzGwkeSh0QyDEUAtEOpyS+P5hmRtdL7uMeIl9a3 hGgitbn4irjlzHIsvjwaqR/5EO4N2sxakqBkWEEX+LHuQhwGsmMDuLeWQ+ep8acb uQ5ERTSyI4QeH7N/eUopeHGTzaAOSZFX2V6nKQzYKCKMXbada9PENEe0WLeqZ6KJ ApIXV29SWzVjPTqYZJEL5xRDM1pVecnGGZvNAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUDBnBCOr6eU9E+JWC/p5T1Lnu2KQwHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7 t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL0RCbkJDT3I2ZVU5RS1KV0NfcDVUMUxu dTJLUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn5WYwDQYJ KoZIhvcNAQELBQADggEBAH5TE56sGV71eWDtvhcRG8zQt280OZKNvavEaPuWmOE4 hWV0Pby+jjXz4EUZOFcYduMglcz3iK0D1rwCEarAglMCiTmGJYNovBrmZhxzlCo7 wYTC2M+E7ZrVLd3OYQg8reIRCv96KYxaANVBf6gx6J1KP45qYvVgHg5wQGDBhBVc ObLsCWgfyiQKL7+YnoWeeJRctPfcTAY+UfIN/uW7Y50+ZL/RMOYsYIV2l38kWQj9 xajoblD43/s7XOZ0Z5G7ZMl8OYyFtjoSgGBjQtVtgQUA/9mwvyIVsBVEuOZSjNGG POiNYDPa1wucxNIUB8KsY/wAMuvrnNCVxyKjqLTPOEU= -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:53 2025 by rpki-client on console.sobornost.net