$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/Lfe-PXCXPAjzbl2V1qPxRDYC51E.roa File: Lfe-PXCXPAjzbl2V1qPxRDYC51E.roa (raw, json) Hash identifier: rVWVKp0ZRgdvyLh0LyZyG5ZdyvLAGL6G90RCEqPEk9k= Subject key identifier: 2D:F7:BE:3D:70:97:3C:08:F3:6E:5D:95:D6:A3:F1:44:36:02:E7:51 Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803 Certificate serial: 01B4 Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/Lfe-PXCXPAjzbl2V1qPxRDYC51E.roa Signing time: Mon 12 May 2025 07:11:49 +0000 ROA not before: Mon 12 May 2025 07:11:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 152609 IP address blocks: 157.20.249.117/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 08:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 436 (0x1b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803 Validity Not Before: May 12 07:11:49 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2DF7BE3D70973C08F36E5D95D6A3F1443602E751 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:8c:85:b3:8a:d6:76:b1:1e:0e:8a:84:cc:2c: 02:bf:d6:74:82:e8:a3:3c:1d:81:46:40:b7:fe:3d: 7d:ef:de:a2:93:5b:4a:26:94:4b:3d:6f:8d:f8:d7: 42:8b:8f:bf:c7:d1:0c:0e:a4:94:f5:62:af:56:d1: b7:c4:23:29:95:09:e3:0a:1c:00:1b:08:91:df:88: 42:65:6c:c6:5a:ba:4c:72:b8:2d:22:5c:62:a4:59: 34:b5:c4:f3:10:6a:a9:87:9d:e9:11:a9:3b:54:55: 67:09:5f:90:af:ca:80:1b:e7:0a:f8:a6:0f:ce:a3: 14:30:4d:0d:b0:8b:5b:7b:0b:89:a4:6b:c9:7c:d9: 97:76:49:df:de:4a:29:35:7f:bd:29:fb:5c:0e:8f: af:f2:23:76:90:c9:0b:97:f1:e6:cf:dc:0f:ad:ea: 4d:aa:8f:08:b5:7f:63:d0:06:09:5b:f5:d0:51:40: bd:39:fe:e4:fe:cf:65:e4:04:f2:94:9c:cd:b7:c1: 2d:91:fc:65:34:8c:cf:b2:f3:18:02:23:35:ff:d6: c7:c1:c4:b7:26:e8:93:5f:e1:c0:9d:dc:cf:9f:5e: 53:a8:cc:90:c8:ba:b7:c3:3c:85:cf:8b:3e:d9:9b: 41:1f:dd:63:96:98:58:86:85:4e:64:7d:c7:e2:fa: 13:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:F7:BE:3D:70:97:3C:08:F3:6E:5D:95:D6:A3:F1:44:36:02:E7:51 X509v3 Authority Key Identifier: keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/Lfe-PXCXPAjzbl2V1qPxRDYC51E.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.249.117/32 Signature Algorithm: sha256WithRSAEncryption 60:51:ab:f4:cd:59:22:e4:d9:6d:68:a2:c7:0e:f7:0e:e1:6b: a8:36:1b:f0:29:2e:79:4e:7e:7e:d3:38:91:5f:61:ca:ae:eb: 0b:44:06:30:47:78:8b:2f:6f:7f:58:c4:bd:db:bc:ae:51:94: e2:70:d5:ea:7e:49:f7:35:60:46:23:ed:bc:d3:89:b8:20:f5: 38:8d:cc:f8:7b:6a:29:ee:9a:33:d6:9b:97:dd:15:c7:0e:7e: 27:00:04:bd:68:3f:1f:f7:f7:64:7e:38:6f:f5:d6:f2:a3:af: 2f:c0:e4:7c:9a:2d:45:fe:51:f1:66:86:87:18:5d:be:39:bf: f5:ac:0a:d0:89:7e:ba:8a:3a:27:f2:01:05:a6:0c:8e:fa:58: cb:fd:f1:cc:1e:c5:9d:ce:16:0f:c7:ba:3f:89:95:5a:b9:ea: bf:16:e8:72:5e:83:9d:01:ee:e8:5d:d8:2d:74:e6:9d:8d:19: 74:01:47:92:fa:55:55:bd:23:31:e2:bc:23:e3:8a:c1:63:5d: 1e:2b:00:07:c3:ad:bc:b4:28:14:66:0e:e5:6f:ca:04:fb:c6: 8b:ab:53:05:e5:4d:3a:2d:96:5e:87:0d:02:80:a4:69:9c:92: c3:1f:59:5c:db:14:23:8c:8e:58:ae:2a:65:f4:93:16:d6:21: 89:74:95:4b -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICAbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjMz QTcyQUFGNzk4MTA1QkIyNzdGMDk0NDU4RTQ2NEI0NjU5RjgwMzAeFw0yNTA1MTIw NzExNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJERjdCRTNENzA5NzND MDhGMzZFNUQ5NUQ2QTNGMTQ0MzYwMkU3NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDijIWzitZ2sR4OioTMLAK/1nSC6KM8HYFGQLf+PX3v3qKTW0om lEs9b43410KLj7/H0QwOpJT1Yq9W0bfEIymVCeMKHAAbCJHfiEJlbMZaukxyuC0i XGKkWTS1xPMQaqmHnekRqTtUVWcJX5CvyoAb5wr4pg/OoxQwTQ2wi1t7C4mka8l8 2Zd2Sd/eSik1f70p+1wOj6/yI3aQyQuX8ebP3A+t6k2qjwi1f2PQBglb9dBRQL05 /uT+z2XkBPKUnM23wS2R/GU0jM+y8xgCIzX/1sfBxLcm6JNf4cCd3M+fXlOozJDI urfDPIXPiz7Zm0Ef3WOWmFiGhU5kfcfi+hM3AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQULfe+PXCXPAjzbl2V1qPxRDYC51EwHwYDVR0jBBgwFoAU8zpyqveYEFuyd/CU RY5GS0ZZ+AMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC84 enB5cXZlWUVGdXlkX0NVUlk1R1MwWlotQU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB Lzh6cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0lBTVQvTGZlLVBYQ1hQQWp6YmwyVjFxUHhS RFlDNTFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFAJ0U+XUw DQYJKoZIhvcNAQELBQADggEBAGBRq/TNWSLk2W1ooscO9w7ha6g2G/ApLnlOfn7T OJFfYcqu6wtEBjBHeIsvb39YxL3bvK5RlOJw1ep+Sfc1YEYj7bzTibgg9TiNzPh7 ainumjPWm5fdFccOficABL1oPx/392R+OG/11vKjry/A5HyaLUX+UfFmhocYXb45 v/WsCtCJfrqKOifyAQWmDI76WMv98cwexZ3OFg/Huj+JlVq56r8W6HJeg50B7uhd 2C105p2NGXQBR5L6VVW9IzHivCPjisFjXR4rAAfDrby0KBRmDuVvygT7xourUwXl TTotll6HDQKApGmcksMfWVzbFCOMjliuKmX0kxbWIYl0lUs= -----END CERTIFICATE-----Generated at Mon May 19 07:47:28 2025 by rpki-client