$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/jbR5um6CKs9ZHla6jUvV9-7nRtQ.roa File: jbR5um6CKs9ZHla6jUvV9-7nRtQ.roa (raw, json) Hash identifier: po+3YOSBtibEc1jAmHDSfSohBGk1tBBYiaXIL6mk3Rk= Subject key identifier: 8D:B4:79:BA:6E:82:2A:CF:59:1E:56:BA:8D:4B:D5:F7:EE:E7:46:D4 Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803 Certificate serial: 020C Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/jbR5um6CKs9ZHla6jUvV9-7nRtQ.roa Signing time: Wed 14 May 2025 06:04:19 +0000 ROA not before: Wed 14 May 2025 06:04:19 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 152609 IP address blocks: 157.20.249.20/30 maxlen: 30 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 08:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 524 (0x20c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803 Validity Not Before: May 14 06:04:19 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8DB479BA6E822ACF591E56BA8D4BD5F7EEE746D4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:89:81:4e:61:71:13:38:1b:1a:28:5d:bd:77: a3:22:d0:91:66:fa:c4:5a:d0:e0:8c:a3:07:93:13: ac:61:db:90:b5:df:21:b2:4f:17:82:0e:99:6b:34: d0:9f:d1:31:44:3f:d9:ab:b3:6d:e8:85:63:d0:19: ea:d9:ca:48:35:ab:7c:e5:a3:d6:6f:d4:ef:54:1c: d6:22:2e:4c:7c:bb:e8:0c:5d:9c:b8:83:db:d9:c0: 3c:17:16:46:db:a8:a0:67:ad:1d:94:fe:63:e4:98: 71:40:53:a0:51:05:c8:c0:34:9f:05:09:8b:a5:d9: 28:0d:0a:c4:1c:27:c9:21:23:51:27:0c:c9:34:3d: 1c:60:5f:84:d9:08:49:85:91:5c:f5:36:ff:32:f2: e6:00:a9:2b:05:04:76:6c:79:23:6f:2e:7d:de:cb: 32:38:a1:a2:a8:2c:db:39:45:cd:b0:4b:23:3d:f7: 68:40:19:d8:85:9e:2c:6a:80:56:b8:53:59:a9:0e: 31:72:e2:8b:39:9c:ac:f0:de:15:1e:b8:49:d7:43: d0:06:0a:de:57:54:d9:d7:f2:dd:85:70:34:a0:22: c6:05:20:0d:89:5f:6e:75:66:e4:2d:d8:e8:ba:75: 32:b8:4e:db:34:38:31:40:05:ab:39:3e:b3:ae:37: 1d:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:B4:79:BA:6E:82:2A:CF:59:1E:56:BA:8D:4B:D5:F7:EE:E7:46:D4 X509v3 Authority Key Identifier: keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/jbR5um6CKs9ZHla6jUvV9-7nRtQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.249.20/30 Signature Algorithm: sha256WithRSAEncryption 35:dc:ae:0a:26:fd:c4:00:01:00:5e:20:50:36:ed:50:b0:4d: 00:73:9b:d7:bc:a2:f6:54:76:82:b3:6b:3b:bd:c6:e5:97:db: a1:44:32:93:ad:4c:72:b4:a6:96:ee:46:65:ad:bd:fb:7a:b7: 27:12:41:eb:bb:4d:48:c4:de:04:40:ed:55:a2:ec:66:83:17: d8:41:12:ec:47:33:96:fe:ae:65:99:47:a6:88:d8:bf:b7:75: e6:87:8a:22:73:a0:5a:55:52:8e:9c:7a:4e:c4:57:d3:ea:05: 4c:2a:f4:97:43:a5:cc:2b:ce:d1:6d:b7:61:af:46:a7:55:b6: fe:af:66:31:6a:65:3b:1f:7c:79:a1:5c:05:d1:97:e3:01:17: 8f:c6:7f:8b:cb:c6:ca:0e:32:71:f7:6f:eb:76:f8:02:aa:17: d9:7f:5f:fa:63:25:2c:41:19:4a:6c:f1:31:50:31:35:fb:d7: 69:cf:1f:f4:00:33:3a:15:05:29:10:1c:09:4d:b2:2f:54:3e: f8:3c:0e:7a:49:6c:26:4f:5b:37:1a:ce:84:94:b2:ad:6e:cf: c6:a0:26:84:9c:f5:65:b6:c0:66:dd:8d:52:9f:ba:4b:99:51: 2a:fa:2f:db:5d:4b:ac:73:cf:e5:a6:dc:6a:41:2c:6a:4f:a7: 93:7d:d6:f7 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICAgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjMz QTcyQUFGNzk4MTA1QkIyNzdGMDk0NDU4RTQ2NEI0NjU5RjgwMzAeFw0yNTA1MTQw NjA0MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhEQjQ3OUJBNkU4MjJB Q0Y1OTFFNTZCQThENEJENUY3RUVFNzQ2RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgiYFOYXETOBsaKF29d6Mi0JFm+sRa0OCMoweTE6xh25C13yGy TxeCDplrNNCf0TFEP9mrs23ohWPQGerZykg1q3zlo9Zv1O9UHNYiLkx8u+gMXZy4 g9vZwDwXFkbbqKBnrR2U/mPkmHFAU6BRBcjANJ8FCYul2SgNCsQcJ8khI1EnDMk0 PRxgX4TZCEmFkVz1Nv8y8uYAqSsFBHZseSNvLn3eyzI4oaKoLNs5Rc2wSyM992hA GdiFnixqgFa4U1mpDjFy4os5nKzw3hUeuEnXQ9AGCt5XVNnX8t2FcDSgIsYFIA2J X251ZuQt2Oi6dTK4Tts0ODFABas5PrOuNx13AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUjbR5um6CKs9ZHla6jUvV9+7nRtQwHwYDVR0jBBgwFoAU8zpyqveYEFuyd/CU RY5GS0ZZ+AMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC84 enB5cXZlWUVGdXlkX0NVUlk1R1MwWlotQU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB Lzh6cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0lBTVQvamJSNXVtNkNLczlaSGxhNmpVdlY5 LTduUnRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFAp0U+RQw DQYJKoZIhvcNAQELBQADggEBADXcrgom/cQAAQBeIFA27VCwTQBzm9e8ovZUdoKz azu9xuWX26FEMpOtTHK0ppbuRmWtvft6tycSQeu7TUjE3gRA7VWi7GaDF9hBEuxH M5b+rmWZR6aI2L+3deaHiiJzoFpVUo6cek7EV9PqBUwq9JdDpcwrztFtt2GvRqdV tv6vZjFqZTsffHmhXAXRl+MBF4/Gf4vLxsoOMnH3b+t2+AKqF9l/X/pjJSxBGUps 8TFQMTX712nPH/QAMzoVBSkQHAlNsi9UPvg8DnpJbCZPWzcazoSUsq1uz8agJoSc 9WW2wGbdjVKfukuZUSr6L9tdS6xzz+Wm3GpBLGpPp5N91vc= -----END CERTIFICATE-----Generated at Mon May 19 07:02:43 2025 by rpki-client