$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/3bC0Ssjs7D4eFcY-XW2Og4KmjBw.roa File: 3bC0Ssjs7D4eFcY-XW2Og4KmjBw.roa (raw, json) Hash identifier: UPfmM2mDs23F3U6lueBDwy1V7hfqDw6EIitDWgZbkU4= Subject key identifier: DD:B0:B4:4A:C8:EC:EC:3E:1E:15:C6:3E:5D:6D:8E:83:82:A6:8C:1C Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803 Certificate serial: 01FC Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/3bC0Ssjs7D4eFcY-XW2Og4KmjBw.roa Signing time: Wed 14 May 2025 05:23:53 +0000 ROA not before: Wed 14 May 2025 05:23:53 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 152609 IP address blocks: 157.20.249.64/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 08:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 508 (0x1fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803 Validity Not Before: May 14 05:23:53 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DDB0B44AC8ECEC3E1E15C63E5D6D8E8382A68C1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:6f:0e:71:bd:21:4b:a7:8f:17:3e:6b:28:28: 52:5e:ab:14:ba:83:80:67:c8:eb:af:f2:cc:f4:2b: 43:12:63:50:33:ac:57:2d:b3:1f:72:62:06:73:18: c2:c0:70:4c:d7:af:ce:a4:e5:4d:ee:3a:9d:fc:6c: 47:fb:f7:17:85:e8:13:bb:23:53:d8:0d:8c:02:71: 84:5f:0e:57:55:f7:15:86:4b:2d:8c:47:30:0c:e5: e2:29:16:82:bf:9a:8d:cc:ac:d6:60:f9:b5:80:5b: 3d:a5:5c:40:a1:0c:eb:f3:0a:c4:7a:b8:5e:e2:2e: a6:b6:9f:8e:b0:bd:c3:12:9e:53:4b:d0:91:20:b4: 75:4c:05:82:7a:f5:6e:1b:6c:35:0d:89:f7:33:b6: f1:ae:c7:45:16:b7:9e:27:67:ca:4c:ed:a7:0b:df: 76:76:9e:dd:b0:81:6b:d4:00:a4:53:87:c5:e9:89: 5e:f5:c3:bc:01:f1:29:a7:df:70:e4:f8:2d:33:54: 29:ef:29:17:05:35:23:19:1e:fc:24:78:12:21:72: 47:06:65:18:4d:56:1d:bf:7b:c6:17:0f:d3:3b:11: b1:ab:0f:e0:15:ed:27:1b:ba:50:13:50:d9:8c:c3: 06:02:63:b8:72:98:07:aa:99:d1:ea:89:d9:12:a1: 3a:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:B0:B4:4A:C8:EC:EC:3E:1E:15:C6:3E:5D:6D:8E:83:82:A6:8C:1C X509v3 Authority Key Identifier: keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/3bC0Ssjs7D4eFcY-XW2Og4KmjBw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.249.64/32 Signature Algorithm: sha256WithRSAEncryption 2a:fb:6f:c0:bb:98:da:62:f2:22:05:02:15:2c:06:6d:aa:8a: 6f:8f:18:f7:37:78:6c:38:4d:94:8f:55:42:da:fc:0e:fb:80: 62:ef:18:da:05:a1:69:f8:e0:97:75:9f:33:64:d7:57:51:58: 03:95:93:e6:e7:e9:b8:80:c8:b6:21:b4:eb:01:ea:67:71:58: 03:f9:1d:d2:12:c9:de:30:d4:2d:5e:fb:23:38:d3:25:c2:65: b7:29:42:a2:70:66:7b:17:b5:ff:18:9f:8e:af:6e:33:7a:53: 9f:4e:a2:dc:d4:40:e5:14:7e:9b:8b:c0:c0:62:c9:a4:b8:ec: 0e:11:54:b6:43:85:2e:f5:d4:67:aa:b8:85:b8:4e:09:36:f6: ae:cc:69:3e:7a:3b:02:39:d1:62:4d:7b:a1:82:4f:b3:73:b3: 04:7f:d2:98:c7:7f:f4:4d:05:fb:66:28:3b:3b:53:8a:17:20: ec:4a:9d:53:2f:83:6d:f7:55:6c:ab:47:2b:fe:51:fa:f2:22: 8d:0f:6b:08:83:cb:13:60:3a:90:36:f2:f8:c9:c9:6a:64:c3: 74:87:c6:6c:79:24:4c:98:41:36:86:f1:fb:ff:81:be:f4:c6: b8:e3:62:54:d2:00:75:f8:d8:b0:d8:3b:7c:88:c8:09:73:25: 34:f2:a3:bb -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICAfwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjMz QTcyQUFGNzk4MTA1QkIyNzdGMDk0NDU4RTQ2NEI0NjU5RjgwMzAeFw0yNTA1MTQw NTIzNTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEREQjBCNDRBQzhFQ0VD M0UxRTE1QzYzRTVENkQ4RTgzODJBNjhDMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkbw5xvSFLp48XPmsoKFJeqxS6g4BnyOuv8sz0K0MSY1AzrFct sx9yYgZzGMLAcEzXr86k5U3uOp38bEf79xeF6BO7I1PYDYwCcYRfDldV9xWGSy2M RzAM5eIpFoK/mo3MrNZg+bWAWz2lXEChDOvzCsR6uF7iLqa2n46wvcMSnlNL0JEg tHVMBYJ69W4bbDUNifcztvGux0UWt54nZ8pM7acL33Z2nt2wgWvUAKRTh8XpiV71 w7wB8Smn33Dk+C0zVCnvKRcFNSMZHvwkeBIhckcGZRhNVh2/e8YXD9M7EbGrD+AV 7ScbulATUNmMwwYCY7hymAeqmdHqidkSoTovAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU3bC0Ssjs7D4eFcY+XW2Og4KmjBwwHwYDVR0jBBgwFoAU8zpyqveYEFuyd/CU RY5GS0ZZ+AMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC84 enB5cXZlWUVGdXlkX0NVUlk1R1MwWlotQU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB Lzh6cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0lBTVQvM2JDMFNzanM3RDRlRmNZLVhXMk9n NEttakJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFAJ0U+UAw DQYJKoZIhvcNAQELBQADggEBACr7b8C7mNpi8iIFAhUsBm2qim+PGPc3eGw4TZSP VULa/A77gGLvGNoFoWn44Jd1nzNk11dRWAOVk+bn6biAyLYhtOsB6mdxWAP5HdIS yd4w1C1e+yM40yXCZbcpQqJwZnsXtf8Yn46vbjN6U59OotzUQOUUfpuLwMBiyaS4 7A4RVLZDhS711GequIW4Tgk29q7MaT56OwI50WJNe6GCT7NzswR/0pjHf/RNBftm KDs7U4oXIOxKnVMvg233VWyrRyv+UfryIo0PawiDyxNgOpA28vjJyWpkw3SHxmx5 JEyYQTaG8fv/gb70xrjjYlTSAHX42LDYO3yIyAlzJTTyo7s= -----END CERTIFICATE-----Generated at Mon May 19 07:38:44 2025 by rpki-client