$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/Hg5TWAJhDDlbbfi41RmTpjiLE9Q.roa File: Hg5TWAJhDDlbbfi41RmTpjiLE9Q.roa (raw, json) Hash identifier: FWNNGmTIRLNRGtbxUBv/ynpAzUb2CZOWDIvRkOiJ2Ow= Subject key identifier: 1E:0E:53:58:02:61:0C:39:5B:6D:F8:B8:D5:19:93:A6:38:8B:13:D4 Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803 Certificate serial: 020E Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/Hg5TWAJhDDlbbfi41RmTpjiLE9Q.roa Signing time: Wed 14 May 2025 06:04:30 +0000 ROA not before: Wed 14 May 2025 06:04:30 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 152609 IP address blocks: 157.20.249.24/30 maxlen: 30 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 08:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 526 (0x20e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803 Validity Not Before: May 14 06:04:30 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1E0E535802610C395B6DF8B8D51993A6388B13D4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e0:dc:70:b2:3f:17:68:2f:46:5c:ec:11:7f: c6:65:80:d7:1b:f4:57:35:11:89:fa:ac:96:86:b9: 50:46:f3:3d:11:cc:a6:21:b7:a1:c0:9e:df:d6:01: e5:8f:12:00:1a:6d:e7:71:c5:fd:fa:8c:de:b2:c2: 03:cb:25:62:9a:1f:b1:55:ef:5f:df:de:fb:74:f1: 0a:e9:e6:0b:9c:16:7a:92:f3:65:be:80:a6:f3:0e: 63:72:89:39:36:4b:ae:b2:53:88:e5:c9:b9:e1:f8: 3e:33:08:ce:ee:24:1c:b8:9a:ee:b6:3d:23:22:16: 54:88:fc:1e:a3:db:59:ff:d4:df:f8:d2:68:85:2c: 2b:54:7e:44:17:3a:e3:c5:20:6a:e1:92:e2:a1:85: bc:4f:32:72:e5:13:4d:b2:7b:70:10:bf:1c:fc:26: 46:3c:f7:2b:fa:e9:00:aa:b9:af:64:a0:1f:df:eb: a2:4b:0f:6b:90:71:2f:1a:17:7a:9e:29:5a:3d:1b: 82:41:7a:77:df:94:48:ec:ef:89:92:92:46:87:7e: 55:cd:ca:8b:e5:55:c0:1d:28:73:45:d5:89:97:e9: 3e:e4:1c:6a:9f:c0:6b:8a:c7:93:e8:bb:08:10:48: ce:0d:7c:72:31:7f:e7:fe:d7:21:dc:c5:27:b2:2d: 99:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:0E:53:58:02:61:0C:39:5B:6D:F8:B8:D5:19:93:A6:38:8B:13:D4 X509v3 Authority Key Identifier: keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/Hg5TWAJhDDlbbfi41RmTpjiLE9Q.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.249.24/30 Signature Algorithm: sha256WithRSAEncryption 9b:37:b3:a9:32:f1:0f:8c:82:8b:c7:eb:cc:95:1a:c1:be:f3: a7:37:d8:db:8f:40:1d:2e:0a:1f:3e:3f:78:ff:ee:8a:3e:a0: 81:57:ff:54:05:98:c4:d1:3b:04:0c:c0:91:b4:7f:0b:d6:52: 27:72:68:48:2d:a7:c6:ee:35:21:7e:c5:18:40:df:b8:a7:fa: 7d:32:bf:95:dc:92:73:5a:3d:03:7a:c6:1d:f1:dd:98:ae:88: 3e:c6:ee:5f:35:95:99:c2:e8:e1:20:dd:1c:9e:a9:2a:71:0e: 64:b3:21:e2:94:56:7c:fc:bb:91:9e:f0:22:f9:4b:bf:e9:a7: e5:67:ec:c6:82:6f:aa:6e:24:45:ec:69:35:d8:8d:61:a9:3f: 97:6a:a0:14:4d:a3:a4:e3:f1:d9:12:a8:cc:0b:d7:d0:3b:a1: 3c:7c:74:45:b5:15:f7:30:ce:28:95:a8:4e:5b:94:49:6c:e4: 76:a7:a7:83:22:5d:e1:ee:10:68:20:42:c8:35:07:64:a4:82: 12:3b:e5:de:7f:db:80:ac:43:86:b4:f6:3b:b8:87:0c:97:9d: f9:fa:28:eb:c9:75:71:28:3c:b7:18:18:a1:db:33:08:03:dd: 29:d1:54:88:98:2d:05:09:22:94:ca:0d:7c:55:75:2c:91:ac: 11:b9:69:65 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICAg4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjMz QTcyQUFGNzk4MTA1QkIyNzdGMDk0NDU4RTQ2NEI0NjU5RjgwMzAeFw0yNTA1MTQw NjA0MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFMEU1MzU4MDI2MTBD Mzk1QjZERjhCOEQ1MTk5M0E2Mzg4QjEzRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC64Nxwsj8XaC9GXOwRf8ZlgNcb9Fc1EYn6rJaGuVBG8z0RzKYh t6HAnt/WAeWPEgAabedxxf36jN6ywgPLJWKaH7FV71/f3vt08Qrp5gucFnqS82W+ gKbzDmNyiTk2S66yU4jlybnh+D4zCM7uJBy4mu62PSMiFlSI/B6j21n/1N/40miF LCtUfkQXOuPFIGrhkuKhhbxPMnLlE02ye3AQvxz8JkY89yv66QCqua9koB/f66JL D2uQcS8aF3qeKVo9G4JBenfflEjs74mSkkaHflXNyovlVcAdKHNF1YmX6T7kHGqf wGuKx5PouwgQSM4NfHIxf+f+1yHcxSeyLZnzAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUHg5TWAJhDDlbbfi41RmTpjiLE9QwHwYDVR0jBBgwFoAU8zpyqveYEFuyd/CU RY5GS0ZZ+AMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC84 enB5cXZlWUVGdXlkX0NVUlk1R1MwWlotQU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB Lzh6cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0lBTVQvSGc1VFdBSmhERGxiYmZpNDFSbVRw amlMRTlRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFAp0U+Rgw DQYJKoZIhvcNAQELBQADggEBAJs3s6ky8Q+MgovH68yVGsG+86c32NuPQB0uCh8+ P3j/7oo+oIFX/1QFmMTROwQMwJG0fwvWUidyaEgtp8buNSF+xRhA37in+n0yv5Xc knNaPQN6xh3x3ZiuiD7G7l81lZnC6OEg3RyeqSpxDmSzIeKUVnz8u5Ge8CL5S7/p p+Vn7MaCb6puJEXsaTXYjWGpP5dqoBRNo6Tj8dkSqMwL19A7oTx8dEW1FfcwziiV qE5blEls5Hanp4MiXeHuEGggQsg1B2SkghI75d5/24CsQ4a09ju4hwyXnfn6KOvJ dXEoPLcYGKHbMwgD3SnRVIiYLQUJIpTKDXxVdSyRrBG5aWU= -----END CERTIFICATE-----Generated at Mon May 19 07:38:40 2025 by rpki-client