$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APPIER/sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa File: sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa (raw, json) Hash identifier: MG4Wy2efkvSpbc1yPWr9rKUgLUOxccXgjAD4AOXxRtc= Subject key identifier: B2:A5:BD:4A:CE:85:18:12:7C:25:9F:71:46:70:CA:69:81:53:36:96 Certificate issuer: /CN=4640D988EC8146BA430596012122D1A1CFC1C36B Certificate serial: 0C98 Authority key identifier: 46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa Signing time: Mon 10 Feb 2025 13:59:39 +0000 ROA not before: Mon 10 Feb 2025 13:59:39 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 396982 IP address blocks: 2403:8640::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:49:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3224 (0xc98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4640D988EC8146BA430596012122D1A1CFC1C36B Validity Not Before: Feb 10 13:59:39 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B2A5BD4ACE8518127C259F714670CA6981533696 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:58:a4:f7:29:d8:70:14:25:36:1c:df:77:9c: 51:44:08:36:51:30:91:35:fd:f8:c0:72:df:81:7c: d0:68:49:e1:77:39:bd:78:43:72:c7:a0:b8:71:19: 8a:85:d0:8c:fb:68:cd:09:23:1d:e1:40:cd:6f:81: 7d:17:64:06:dd:51:3c:94:e5:08:87:4a:52:83:8c: 5d:91:10:b5:c0:0c:bf:8c:1a:36:71:95:b2:41:d6: 5c:46:4a:83:b3:ac:73:c1:60:4d:11:13:56:81:15: 9b:35:1f:51:39:1b:e5:4d:0b:e5:0f:2d:bf:b7:2e: d3:d4:e6:f8:f2:a1:e2:77:67:af:69:b7:60:eb:4f: a3:d4:cc:63:ef:66:70:34:37:bf:ca:34:5f:c0:4f: 32:03:41:2b:17:54:35:b7:b6:70:14:dd:e1:53:48: e5:49:79:dd:4a:85:75:15:f9:e0:c5:e7:12:4e:5b: 28:dc:09:8f:a4:a2:ac:a4:39:c6:ad:5f:de:4d:b1: 46:8d:d4:b0:dc:e4:43:53:89:5e:eb:70:6d:91:d5: 8e:9d:20:f4:bf:10:31:bb:7c:72:de:07:49:47:a7: f8:70:36:08:96:28:b0:2e:83:c5:68:bf:c6:95:8a: ab:ad:0b:b6:45:d9:00:33:8b:c0:c9:27:70:d9:5a: 7d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:A5:BD:4A:CE:85:18:12:7C:25:9F:71:46:70:CA:69:81:53:36:96 X509v3 Authority Key Identifier: keyid:46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:8640::/32 Signature Algorithm: sha256WithRSAEncryption 61:b6:c3:14:98:78:13:62:31:03:0c:ac:f9:d9:f9:ec:d8:dc: e4:26:95:02:8b:c0:17:6f:9b:db:95:fc:3d:5f:66:4e:4b:33: 93:95:06:b4:1d:9b:96:17:ad:dd:1c:af:a3:bd:08:7c:16:b0: 98:4e:5f:25:9e:f7:e3:80:c2:90:32:18:07:37:dd:e5:27:e7: 05:82:1f:23:16:1e:61:7b:84:ca:16:9f:e7:26:20:fd:84:26: 87:77:ad:22:bf:e2:a3:64:dc:47:04:c2:e6:a3:13:59:15:76: f5:6d:75:ff:70:84:d3:d2:fa:3f:9d:78:44:9a:ed:0a:1b:8d: dd:6f:82:e3:99:1b:1d:dd:de:da:32:d0:5d:4c:0c:01:60:ee: fc:28:00:61:35:3b:64:81:54:a5:86:8b:9b:5b:29:4d:99:9d: 70:b5:ef:0b:8b:eb:34:2d:39:54:01:d5:41:25:89:d3:0f:b0: 09:1d:07:d9:ed:ba:26:67:e1:b2:9b:9f:27:e2:3f:f3:e2:19: 44:7b:3e:22:3c:af:34:19:35:dd:1b:be:50:29:d6:d1:f8:e1: 9c:4e:14:ee:ac:61:63:bc:e2:55:45:c7:f8:05:c6:58:7c:86: 90:c7:de:57:df:a7:ed:b0:f5:b0:87:17:76:da:07:f8:b8:45: 05:33:5d:50 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICDJgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDY0 MEQ5ODhFQzgxNDZCQTQzMDU5NjAxMjEyMkQxQTFDRkMxQzM2QjAeFw0yNTAyMTAx MzU5MzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIyQTVCRDRBQ0U4NTE4 MTI3QzI1OUY3MTQ2NzBDQTY5ODE1MzM2OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMWKT3KdhwFCU2HN93nFFECDZRMJE1/fjAct+BfNBoSeF3Ob14 Q3LHoLhxGYqF0Iz7aM0JIx3hQM1vgX0XZAbdUTyU5QiHSlKDjF2RELXADL+MGjZx lbJB1lxGSoOzrHPBYE0RE1aBFZs1H1E5G+VNC+UPLb+3LtPU5vjyoeJ3Z69pt2Dr T6PUzGPvZnA0N7/KNF/ATzIDQSsXVDW3tnAU3eFTSOVJed1KhXUV+eDF5xJOWyjc CY+koqykOcatX95NsUaN1LDc5ENTiV7rcG2R1Y6dIPS/EDG7fHLeB0lHp/hwNgiW KLAug8Vov8aViqutC7ZF2QAzi8DJJ3DZWn0zAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUsqW9Ss6FGBJ8JZ9xRnDKaYFTNpYwHwYDVR0jBBgwFoAURkDZiOyBRrpDBZYB ISLRoc/Bw2swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVS L1JrRFppT3lCUnJwREJaWUJJU0xSb2NfQncycy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvUmtEWmlPeUJScnBEQlpZQklTTFJvY19CdzJzLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVSL3NxVzlTczZGR0JKOEpaOXhS bkRLYVlGVE5wWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk A4ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBhtsMUmHgTYjEDDKz52fns2NzkJpUCi8AX b5vblfw9X2ZOSzOTlQa0HZuWF63dHK+jvQh8FrCYTl8lnvfjgMKQMhgHN93lJ+cF gh8jFh5he4TKFp/nJiD9hCaHd60iv+KjZNxHBMLmoxNZFXb1bXX/cITT0vo/nXhE mu0KG43db4LjmRsd3d7aMtBdTAwBYO78KABhNTtkgVSlhoubWylNmZ1wte8Li+s0 LTlUAdVBJYnTD7AJHQfZ7bomZ+Gym58n4j/z4hlEez4iPK80GTXdG75QKdbR+OGc ThTurGFjvOJVRcf4BcZYfIaQx95X36ftsPWwhxd22gf4uEUFM11Q -----END CERTIFICATE-----Generated at Sat Apr 26 15:14:59 2025 by rpki-client