$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/hqw6e8k65DPgHXL1weJGBm5OlDY.roa File: hqw6e8k65DPgHXL1weJGBm5OlDY.roa (raw, json) Hash identifier: Ml1krdLXHJPhHtdz3gEC+xNLxZ3bs8o7+m/s8Nvz9y4= Subject key identifier: 86:AC:3A:7B:C9:3A:E4:33:E0:1D:72:F5:C1:E2:46:06:6E:4E:94:36 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1250 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/hqw6e8k65DPgHXL1weJGBm5OlDY.roa Signing time: Mon 10 Feb 2025 14:28:17 +0000 ROA not before: Mon 10 Feb 2025 14:28:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9311 IP address blocks: 203.79.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 15:53:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4688 (0x1250) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Feb 10 14:28:17 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=86AC3A7BC93AE433E01D72F5C1E246066E4E9436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b8:38:d2:fa:81:97:1d:68:d3:30:4b:9c:ca: c6:fe:6e:fb:7f:b8:2a:f9:a7:89:24:e7:6b:a3:b7: 17:a6:a4:6a:43:41:a8:62:94:6d:65:70:4f:15:de: f9:9c:98:d6:84:f0:39:30:88:f5:09:77:32:00:b6: 00:78:ce:df:4c:8f:40:ff:f0:8e:af:b1:0e:49:cb: ff:34:49:ab:bd:03:db:5b:2f:59:aa:71:31:46:4d: 84:d0:45:c4:73:33:de:c8:56:80:16:f8:45:96:53: f0:4a:96:88:3d:e1:90:cb:6e:2a:c9:d1:74:fb:c6: dc:58:b1:19:7b:4d:46:2f:c3:31:86:75:f1:65:44: 57:eb:d7:aa:3b:29:07:6d:8e:71:8a:3a:05:ba:48: 2c:26:52:7f:09:e2:96:4a:86:d3:8d:85:c9:fe:9c: 4f:9c:11:cb:84:0d:fe:ff:28:ec:94:1f:dd:7f:e6: 3f:24:b7:b8:3f:70:83:e1:29:36:79:79:76:12:cc: 0e:03:58:ed:93:51:e0:2e:e6:a2:30:25:64:a8:c6: f9:d7:63:06:fa:1c:7a:5f:9e:ac:3d:84:20:4e:a1: be:f0:08:de:cc:e6:03:7d:ec:a5:fa:6c:de:11:d7: 0a:33:ad:56:28:75:dd:69:d7:e8:15:c5:9e:da:2b: c8:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:AC:3A:7B:C9:3A:E4:33:E0:1D:72:F5:C1:E2:46:06:6E:4E:94:36 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/hqw6e8k65DPgHXL1weJGBm5OlDY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.79.235.0/24 Signature Algorithm: sha256WithRSAEncryption 74:c4:7f:b4:a6:55:bb:17:2e:0b:bc:8e:a1:53:0b:6c:39:c1: bb:c2:c3:25:d9:64:90:8e:0d:1f:c5:7e:d5:f8:d1:82:a5:b6: 9a:a8:dc:9e:1d:90:ed:e9:88:9a:7f:bb:1d:2a:14:f3:10:9a: 92:52:c1:58:f7:d8:d6:01:96:37:dd:cf:86:76:c9:97:54:39: 61:27:36:f7:52:87:ab:65:48:b2:ca:6f:40:c2:41:31:73:37: 29:06:61:a7:97:e4:a2:2f:4d:08:17:bb:ae:d2:4d:21:d2:59: a6:82:26:db:1f:99:93:77:a9:a9:f7:d1:36:c4:2b:e6:35:ab: 36:20:47:6d:50:d6:b5:a4:fe:a9:23:d5:48:59:21:94:9d:78: 2a:82:10:3d:99:e9:45:f5:38:94:e3:17:6b:49:74:8f:3f:c7: 3d:0f:3a:b5:3f:fd:d3:aa:59:34:16:af:a7:37:f4:12:62:fc: 41:d8:1d:4a:5f:93:e4:45:cf:95:d5:99:81:33:7b:74:2e:89: 9d:7d:c7:c1:e9:d5:66:9c:53:9b:56:4f:fa:49:42:c8:fa:a3: 79:87:23:9b:9b:1d:8b:33:fd:60:91:bd:12:31:45:88:8a:41: 0e:cd:82:ad:15:60:de:5d:6c:b3:4a:bd:27:46:09:a4:68:e1: 16:8c:6a:45 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICElAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx NDI4MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg2QUMzQTdCQzkzQUU0 MzNFMDFENzJGNUMxRTI0NjA2NkU0RTk0MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRuDjS+oGXHWjTMEucysb+bvt/uCr5p4kk52ujtxempGpDQahi lG1lcE8V3vmcmNaE8DkwiPUJdzIAtgB4zt9Mj0D/8I6vsQ5Jy/80Sau9A9tbL1mq cTFGTYTQRcRzM97IVoAW+EWWU/BKlog94ZDLbirJ0XT7xtxYsRl7TUYvwzGGdfFl RFfr16o7KQdtjnGKOgW6SCwmUn8J4pZKhtONhcn+nE+cEcuEDf7/KOyUH91/5j8k t7g/cIPhKTZ5eXYSzA4DWO2TUeAu5qIwJWSoxvnXYwb6HHpfnqw9hCBOob7wCN7M 5gN97KX6bN4R1wozrVYodd1p1+gVxZ7aK8gfAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUhqw6e8k65DPgHXL1weJGBm5OlDYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2hxdzZlOGs2NURQZ0hYTDF3ZUpHQm01 T2xEWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADLT+swDQYJ KoZIhvcNAQELBQADggEBAHTEf7SmVbsXLgu8jqFTC2w5wbvCwyXZZJCODR/FftX4 0YKltpqo3J4dkO3piJp/ux0qFPMQmpJSwVj32NYBljfdz4Z2yZdUOWEnNvdSh6tl SLLKb0DCQTFzNykGYaeX5KIvTQgXu67STSHSWaaCJtsfmZN3qan30TbEK+Y1qzYg R21Q1rWk/qkj1UhZIZSdeCqCED2Z6UX1OJTjF2tJdI8/xz0POrU//dOqWTQWr6c3 9BJi/EHYHUpfk+RFz5XVmYEze3QuiZ19x8Hp1WacU5tWT/pJQsj6o3mHI5ubHYsz /WCRvRIxRYiKQQ7Ngq0VYN5dbLNKvSdGCaRo4RaMakU= -----END CERTIFICATE-----Generated at Sat May 17 15:34:47 2025 by rpki-client