$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/57JTWm1cgMnBEYzcKXCl9ypCoJ0.roa File: 57JTWm1cgMnBEYzcKXCl9ypCoJ0.roa (raw, json) Hash identifier: Hgr9pLOgv2tNMyrp9PfULoUxr4BfmPI78FCmCnVhyYg= Subject key identifier: E7:B2:53:5A:6D:5C:80:C9:C1:11:8C:DC:29:70:A5:F7:2A:42:A0:9D Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803 Certificate serial: 01E2 Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/57JTWm1cgMnBEYzcKXCl9ypCoJ0.roa Signing time: Tue 13 May 2025 05:06:09 +0000 ROA not before: Tue 13 May 2025 05:06:09 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 152609 IP address blocks: 157.20.248.52/30 maxlen: 30 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 08:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 482 (0x1e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803 Validity Not Before: May 13 05:06:09 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E7B2535A6D5C80C9C1118CDC2970A5F72A42A09D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c7:47:d2:9c:62:73:39:9f:9c:bf:3b:55:6e: e5:c5:81:fd:cb:ff:c4:f5:25:59:16:80:97:bf:33: 5b:5a:90:21:87:4e:ac:1e:b2:e3:13:a6:31:dc:79: 38:d3:fc:4b:02:b6:fa:63:41:6f:ee:02:13:74:b0: 85:cb:2d:27:49:01:0e:64:72:cf:a1:b8:fb:8b:77: 88:f6:ad:b1:09:33:3c:6c:30:56:ff:92:61:8e:d3: 05:41:5d:3d:f8:ac:4a:42:6c:ae:35:a9:05:b1:9c: 43:93:a1:65:7f:59:55:60:8d:b2:40:56:d2:e5:47: f8:f7:c9:bb:9f:ff:39:9b:4c:9f:1c:ae:e5:4c:2e: 4d:de:b3:1d:24:06:64:bd:9f:de:70:43:1e:01:30: 2c:b6:1b:d8:b9:11:dc:dd:8a:76:d4:39:bb:3a:d1: d4:c1:45:b7:6b:a7:dd:ca:a8:35:8d:ea:4c:da:ed: 32:8c:60:bf:a9:c8:56:97:6d:4b:a0:ae:e0:63:72: ca:72:8c:62:1a:6f:42:ca:7e:3b:c8:26:00:03:0f: ed:d5:1a:5c:85:2a:da:11:9d:19:c4:fd:27:bb:92: d4:01:9c:ad:db:af:48:93:7c:26:7a:8d:ab:85:7c: 86:55:de:cd:20:ce:49:ba:0a:0d:dd:76:14:56:0d: 3c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:B2:53:5A:6D:5C:80:C9:C1:11:8C:DC:29:70:A5:F7:2A:42:A0:9D X509v3 Authority Key Identifier: keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/57JTWm1cgMnBEYzcKXCl9ypCoJ0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.248.52/30 Signature Algorithm: sha256WithRSAEncryption 0c:ae:dd:ab:36:c3:2c:e6:5a:1c:12:ca:74:c7:83:0f:29:5d: 69:a5:28:f3:bc:76:8b:4d:9a:ee:01:6b:14:85:ec:bf:cf:c7: 8b:b6:ee:10:32:49:d5:cc:59:2f:67:88:6d:08:45:bc:f3:6e: f6:93:b2:07:0f:13:60:98:35:dc:f8:1f:47:d8:77:f2:b6:5b: 5b:bb:7a:3e:f1:5c:55:4d:23:3b:fb:b9:59:bc:03:58:e7:94: cb:ac:58:e3:5c:75:cf:6c:1c:04:1e:7a:e9:aa:2c:d2:41:14: 56:60:f9:84:26:29:9f:80:3c:89:91:ee:65:db:1f:c8:49:fe: c8:b4:8b:77:ef:ac:cf:fc:9d:e0:cd:bf:c6:dc:1e:ab:2d:07: 41:97:52:36:11:c1:8f:74:a4:9a:b0:19:37:91:e7:7c:8f:69: 0f:0c:d9:b2:f6:4b:4a:5e:21:eb:6f:08:df:d1:15:39:aa:1f: 13:01:35:2e:08:19:15:29:4a:29:b9:bd:2a:9d:d5:a5:5b:48: b5:d7:9d:c2:b8:b8:45:aa:09:67:0d:7d:1d:a1:0c:6f:e5:5a: 3f:f3:1a:4a:af:c5:74:c8:4f:14:28:ef:f9:10:34:d6:4c:46: 6f:ec:77:dc:c0:70:24:0a:c5:19:1f:ea:60:97:ea:19:55:b8: d3:59:36:d8 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICAeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjMz QTcyQUFGNzk4MTA1QkIyNzdGMDk0NDU4RTQ2NEI0NjU5RjgwMzAeFw0yNTA1MTMw NTA2MDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEU3QjI1MzVBNkQ1Qzgw QzlDMTExOENEQzI5NzBBNUY3MkE0MkEwOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEx0fSnGJzOZ+cvztVbuXFgf3L/8T1JVkWgJe/M1takCGHTqwe suMTpjHceTjT/EsCtvpjQW/uAhN0sIXLLSdJAQ5kcs+huPuLd4j2rbEJMzxsMFb/ kmGO0wVBXT34rEpCbK41qQWxnEOToWV/WVVgjbJAVtLlR/j3ybuf/zmbTJ8cruVM Lk3esx0kBmS9n95wQx4BMCy2G9i5EdzdinbUObs60dTBRbdrp93KqDWN6kza7TKM YL+pyFaXbUugruBjcspyjGIab0LKfjvIJgADD+3VGlyFKtoRnRnE/Se7ktQBnK3b r0iTfCZ6jauFfIZV3s0gzkm6Cg3ddhRWDTx5AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU57JTWm1cgMnBEYzcKXCl9ypCoJ0wHwYDVR0jBBgwFoAU8zpyqveYEFuyd/CU RY5GS0ZZ+AMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC84 enB5cXZlWUVGdXlkX0NVUlk1R1MwWlotQU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB Lzh6cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0lBTVQvNTdKVFdtMWNnTW5CRVl6Y0tYQ2w5 eXBDb0owLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFAp0U+DQw DQYJKoZIhvcNAQELBQADggEBAAyu3as2wyzmWhwSynTHgw8pXWmlKPO8dotNmu4B axSF7L/Px4u27hAySdXMWS9niG0IRbzzbvaTsgcPE2CYNdz4H0fYd/K2W1u7ej7x XFVNIzv7uVm8A1jnlMusWONcdc9sHAQeeumqLNJBFFZg+YQmKZ+APImR7mXbH8hJ /si0i3fvrM/8neDNv8bcHqstB0GXUjYRwY90pJqwGTeR53yPaQ8M2bL2S0peIetv CN/RFTmqHxMBNS4IGRUpSim5vSqd1aVbSLXXncK4uEWqCWcNfR2hDG/lWj/zGkqv xXTITxQo7/kQNNZMRm/sd9zAcCQKxRkf6mCX6hlVuNNZNtg= -----END CERTIFICATE-----Generated at Mon May 19 07:22:41 2025 by rpki-client