$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/8fD_xcWBi9DYQKySb48LJz1VyDI.roa File: 8fD_xcWBi9DYQKySb48LJz1VyDI.roa (raw, json) Hash identifier: je7KhVhoUsfXX2CqM2uxXFOwtB+1iZa2i84hlH5bWBg= Subject key identifier: F1:F0:FF:C5:C5:81:8B:D0:D8:40:AC:92:6F:8F:0B:27:3D:55:C8:32 Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803 Certificate serial: 01EA Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8fD_xcWBi9DYQKySb48LJz1VyDI.roa Signing time: Wed 14 May 2025 01:50:58 +0000 ROA not before: Wed 14 May 2025 01:50:58 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 152609 IP address blocks: 157.20.248.64/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 08:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 490 (0x1ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803 Validity Not Before: May 14 01:50:58 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=F1F0FFC5C5818BD0D840AC926F8F0B273D55C832 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:86:6d:ca:de:d2:48:6e:1a:20:c8:dd:24:bc: ae:ae:db:c0:8b:e8:a3:57:89:70:b6:0a:43:86:dc: 49:1f:2a:5b:54:01:83:32:67:9b:a6:62:22:17:69: c6:d1:72:ca:07:dc:7c:6c:51:cd:07:6e:f0:65:5c: 98:f3:11:5f:5c:dd:b2:cf:df:0f:2d:20:57:77:5f: 94:b8:3d:3d:34:4a:f6:f8:35:61:e3:fe:7a:67:c2: 59:83:32:27:d9:38:ee:bf:7b:a3:49:53:39:0a:5e: cf:67:3d:e3:1d:2f:56:3f:68:64:b6:05:ee:d2:03: 8c:97:70:fc:46:49:27:1f:43:5e:11:cc:41:64:b7: aa:f2:63:57:ca:be:b0:00:89:dc:36:47:a6:0d:6a: e1:ab:7f:63:af:15:be:27:39:32:1f:28:b3:61:5f: 92:e2:09:6a:41:85:54:61:ee:d3:06:79:c8:a1:86: ea:19:88:5f:d4:b1:ed:12:e1:51:94:3c:82:f0:e8: 81:eb:0c:0e:fc:7c:72:24:e8:d6:b9:0a:43:73:2b: 5e:7f:b2:de:e5:b2:5c:5d:ac:41:02:c3:3b:c2:47: dd:1f:69:79:30:44:40:29:8f:54:b2:a2:94:1f:d5: 84:d5:1a:83:61:b4:ed:60:47:48:ce:e1:a6:a8:f4: 4d:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:F0:FF:C5:C5:81:8B:D0:D8:40:AC:92:6F:8F:0B:27:3D:55:C8:32 X509v3 Authority Key Identifier: keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8fD_xcWBi9DYQKySb48LJz1VyDI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.248.64/32 Signature Algorithm: sha256WithRSAEncryption 73:50:da:a8:5e:ad:f3:56:99:4d:64:25:74:03:1d:d6:e6:a6: fa:a5:75:aa:de:13:35:d3:3e:75:3c:e2:35:fc:b3:ec:ab:fd: d1:2e:8f:26:8d:b2:f8:82:1a:24:9d:1d:7e:76:e2:f9:6c:9f: 5a:98:75:9c:79:d3:8d:01:10:bc:eb:69:7d:ef:78:76:f0:67: 86:27:a6:ff:93:9b:d4:ff:93:99:34:c8:dc:6a:a3:05:a7:27: 7a:8b:ba:e5:0d:92:99:f8:a9:6b:e4:7c:46:56:56:a0:1f:68: 3d:72:79:8f:4c:d1:e7:4a:69:fc:7e:14:8b:42:c1:12:00:1b: 7c:eb:5b:13:51:8c:06:28:60:80:da:0e:d7:03:fb:b4:ee:6b: f8:6b:7e:f5:ee:2b:5c:10:66:69:85:17:6f:18:6a:32:99:08: 21:da:83:02:8d:39:46:51:06:b7:3e:d1:c9:a8:a6:f4:16:d4: d6:3f:6b:48:f8:6f:1f:1b:67:2b:fc:9f:93:82:24:77:98:a2: 99:49:78:30:df:94:bf:02:48:49:72:0b:70:46:bd:e4:e5:7d: 4d:ac:a4:45:c9:49:85:0f:7b:29:8a:c0:4b:22:21:16:af:24: da:2c:4c:c5:2f:12:51:b2:4a:71:bd:9f:1c:1a:12:e9:49:22: c2:4b:55:b8 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICAeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjMz QTcyQUFGNzk4MTA1QkIyNzdGMDk0NDU4RTQ2NEI0NjU5RjgwMzAeFw0yNTA1MTQw MTUwNThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEYxRjBGRkM1QzU4MThC RDBEODQwQUM5MjZGOEYwQjI3M0Q1NUM4MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1hm3K3tJIbhogyN0kvK6u28CL6KNXiXC2CkOG3EkfKltUAYMy Z5umYiIXacbRcsoH3HxsUc0HbvBlXJjzEV9c3bLP3w8tIFd3X5S4PT00Svb4NWHj /npnwlmDMifZOO6/e6NJUzkKXs9nPeMdL1Y/aGS2Be7SA4yXcPxGSScfQ14RzEFk t6ryY1fKvrAAidw2R6YNauGrf2OvFb4nOTIfKLNhX5LiCWpBhVRh7tMGecihhuoZ iF/Use0S4VGUPILw6IHrDA78fHIk6Na5CkNzK15/st7lslxdrEECwzvCR90faXkw REApj1SyopQf1YTVGoNhtO1gR0jO4aao9E15AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU8fD/xcWBi9DYQKySb48LJz1VyDIwHwYDVR0jBBgwFoAU8zpyqveYEFuyd/CU RY5GS0ZZ+AMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC84 enB5cXZlWUVGdXlkX0NVUlk1R1MwWlotQU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB Lzh6cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0lBTVQvOGZEX3hjV0JpOURZUUt5U2I0OExK ejFWeURJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFAJ0U+EAw DQYJKoZIhvcNAQELBQADggEBAHNQ2qherfNWmU1kJXQDHdbmpvqldareEzXTPnU8 4jX8s+yr/dEujyaNsviCGiSdHX524vlsn1qYdZx5040BELzraX3veHbwZ4Ynpv+T m9T/k5k0yNxqowWnJ3qLuuUNkpn4qWvkfEZWVqAfaD1yeY9M0edKafx+FItCwRIA G3zrWxNRjAYoYIDaDtcD+7Tua/hrfvXuK1wQZmmFF28YajKZCCHagwKNOUZRBrc+ 0cmopvQW1NY/a0j4bx8bZyv8n5OCJHeYoplJeDDflL8CSElyC3BGveTlfU2spEXJ SYUPeymKwEsiIRavJNosTMUvElGySnG9nxwaEulJIsJLVbg= -----END CERTIFICATE-----Generated at Mon May 19 07:01:09 2025 by rpki-client