$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/odPRWQyYfb0J8hhI8eoklSWqgns.roa File: odPRWQyYfb0J8hhI8eoklSWqgns.roa (raw, json) Hash identifier: rBicSd1gGwfGHaQlpvDBFJRqW5lSAS9w6J1p0EEAgY0= Subject key identifier: A1:D3:D1:59:0C:98:7D:BD:09:F2:18:48:F1:EA:24:95:25:AA:82:7B Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803 Certificate serial: 01FA Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/odPRWQyYfb0J8hhI8eoklSWqgns.roa Signing time: Wed 14 May 2025 05:23:00 +0000 ROA not before: Wed 14 May 2025 05:23:00 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 152609 IP address blocks: 157.20.249.96/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 08:53:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 506 (0x1fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803 Validity Not Before: May 14 05:23:00 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A1D3D1590C987DBD09F21848F1EA249525AA827B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:de:87:f4:b8:51:32:01:5c:d4:cd:4a:43:81: b3:3a:f8:3c:30:6a:13:68:9d:6e:67:c7:a4:6c:02: 2f:e4:ba:45:47:1b:82:a8:bd:0b:05:ce:12:9b:3b: 52:0c:69:ac:29:1c:4f:3f:68:ce:39:0c:3a:26:50: 83:26:a4:84:10:72:00:29:44:f2:db:a2:d2:de:3c: 63:6c:a7:47:39:8d:0a:6c:01:c5:cc:37:1d:49:ff: 89:7f:2d:d0:5f:83:8f:3d:da:95:ab:45:29:8f:a6: 14:63:00:9e:80:cd:96:4e:0d:58:1d:87:1b:81:04: 15:9f:5a:e7:24:a7:48:cb:a6:69:8a:92:41:48:a8: 60:1f:f4:88:38:25:a1:f8:25:46:1a:16:fa:8e:9c: 99:c7:48:81:30:df:08:50:d5:d1:be:75:42:87:04: 9a:a9:54:18:f7:ff:bc:bc:a8:91:8a:f4:c4:62:e8: 21:ca:44:79:ee:a3:12:24:09:68:ae:2a:b0:eb:d7: ff:a9:42:1d:6c:43:62:e8:a4:37:4f:9f:be:ec:99: fb:26:f9:b5:95:ce:a3:b2:52:7d:7b:df:5d:02:e7: 0c:c3:3f:bc:2b:de:99:35:d3:44:86:3d:4f:4d:6a: 4f:03:da:92:30:86:b9:1f:28:58:94:1c:9b:ae:85: f3:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:D3:D1:59:0C:98:7D:BD:09:F2:18:48:F1:EA:24:95:25:AA:82:7B X509v3 Authority Key Identifier: keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/odPRWQyYfb0J8hhI8eoklSWqgns.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.249.96/32 Signature Algorithm: sha256WithRSAEncryption 56:8a:a6:d2:0a:cd:4e:40:02:22:91:e1:5f:5a:82:e2:56:9a: 03:35:c8:00:21:ee:75:7f:5b:47:4c:7d:d6:97:61:a6:9c:74: 25:f9:eb:31:cc:33:17:b1:61:b4:30:47:f8:c3:6a:6f:f4:fe: 8a:26:62:15:8c:6e:cf:cc:a6:e6:3c:82:5a:5c:7e:da:a6:71: d7:53:34:60:d3:1e:41:57:4f:9d:86:91:27:67:db:8c:41:59: 50:97:68:21:f5:f2:1d:7d:18:b8:cf:05:63:a4:e0:d8:6f:ab: 99:37:28:dc:da:e2:42:16:5f:78:65:ac:91:ea:db:42:6a:42: eb:1a:f3:62:bf:ee:e7:84:e5:9a:12:a0:94:78:06:49:ea:af: 1a:c6:25:76:eb:a3:41:7d:25:52:bb:dd:45:94:8e:be:89:7c: 82:68:80:81:64:c5:28:3f:4d:5b:5c:2c:f9:cf:b4:1f:32:d8: 8a:7e:39:aa:63:d4:76:8d:b5:4b:cc:fa:6b:30:29:43:d8:17: 77:f6:28:36:73:99:22:88:78:ab:a3:b3:17:fd:66:07:ef:9b: 51:e3:0d:e2:6d:c2:e2:19:d3:20:10:fd:e8:3e:88:c2:b5:e4: c2:e8:c7:a7:f2:b8:dc:ca:d1:de:da:74:70:42:ec:14:ee:ac: d1:51:8f:f5 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICAfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjMz QTcyQUFGNzk4MTA1QkIyNzdGMDk0NDU4RTQ2NEI0NjU5RjgwMzAeFw0yNTA1MTQw NTIzMDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEExRDNEMTU5MEM5ODdE QkQwOUYyMTg0OEYxRUEyNDk1MjVBQTgyN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW3of0uFEyAVzUzUpDgbM6+DwwahNonW5nx6RsAi/kukVHG4Ko vQsFzhKbO1IMaawpHE8/aM45DDomUIMmpIQQcgApRPLbotLePGNsp0c5jQpsAcXM Nx1J/4l/LdBfg4892pWrRSmPphRjAJ6AzZZODVgdhxuBBBWfWuckp0jLpmmKkkFI qGAf9Ig4JaH4JUYaFvqOnJnHSIEw3whQ1dG+dUKHBJqpVBj3/7y8qJGK9MRi6CHK RHnuoxIkCWiuKrDr1/+pQh1sQ2LopDdPn77smfsm+bWVzqOyUn17310C5wzDP7wr 3pk100SGPU9Nak8D2pIwhrkfKFiUHJuuhfN1AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUodPRWQyYfb0J8hhI8eoklSWqgnswHwYDVR0jBBgwFoAU8zpyqveYEFuyd/CU RY5GS0ZZ+AMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC84 enB5cXZlWUVGdXlkX0NVUlk1R1MwWlotQU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB Lzh6cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0lBTVQvb2RQUldReVlmYjBKOGhoSThlb2ts U1dxZ25zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFAJ0U+WAw DQYJKoZIhvcNAQELBQADggEBAFaKptIKzU5AAiKR4V9aguJWmgM1yAAh7nV/W0dM fdaXYaacdCX56zHMMxexYbQwR/jDam/0/oomYhWMbs/MpuY8glpcftqmcddTNGDT HkFXT52GkSdn24xBWVCXaCH18h19GLjPBWOk4Nhvq5k3KNza4kIWX3hlrJHq20Jq Qusa82K/7ueE5ZoSoJR4BknqrxrGJXbro0F9JVK73UWUjr6JfIJogIFkxSg/TVtc LPnPtB8y2Ip+Oapj1HaNtUvM+mswKUPYF3f2KDZzmSKIeKujsxf9Zgfvm1HjDeJt wuIZ0yAQ/eg+iMK15MLox6fyuNzK0d7adHBC7BTurNFRj/U= -----END CERTIFICATE-----Generated at Mon May 19 07:17:45 2025 by rpki-client