$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/KFWXAlZ3CqJzTnK7DGSYBBdfdT8.roa File: KFWXAlZ3CqJzTnK7DGSYBBdfdT8.roa (raw, json) Hash identifier: y1TeEWAuGDo2ULut3IisdkE4pt3kC1CDTOV5ullTfm0= Subject key identifier: 28:55:97:02:56:77:0A:A2:73:4E:72:BB:0C:64:98:04:17:5F:75:3F Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0D66 Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/KFWXAlZ3CqJzTnK7DGSYBBdfdT8.roa Signing time: Mon 10 Feb 2025 14:13:16 +0000 ROA not before: Mon 10 Feb 2025 14:13:16 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131596 IP address blocks: 210.202.56.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 10 May 2025 15:53:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3430 (0xd66) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Feb 10 14:13:16 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2855970256770AA2734E72BB0C649804175F753F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:df:5d:fc:cd:b9:5f:22:7b:b7:13:f8:ac:5e: b7:19:c0:ca:76:cc:df:de:ac:c8:ef:4a:90:5a:d4: ea:52:1b:cc:fa:4b:bc:fb:2c:a6:c1:e7:92:fa:bc: 57:35:1c:3d:0e:11:37:a9:7a:7b:0d:97:1c:0e:bb: 4c:b6:bc:d2:ef:15:c8:b5:23:89:b9:c3:15:2a:c6: 35:4d:3e:b9:65:12:71:7b:82:0e:69:90:e9:d8:f1: 98:c1:b9:78:51:6c:5f:0e:db:a4:39:ec:f4:61:f0: ce:e0:20:58:fe:cd:ce:93:a1:e6:a3:87:77:ea:41: 31:13:ff:39:59:6c:23:e4:7f:55:b7:4b:21:34:e1: 1b:68:e5:7b:ed:cc:2a:c0:cc:21:2f:1e:17:32:a8: 09:e0:6d:f9:28:42:e8:2b:a9:2b:da:5b:e9:7c:28: 9a:08:c8:b8:d8:d2:b8:12:f7:2e:eb:a6:45:23:1f: 2b:d3:44:d0:26:7b:fa:4d:bf:a4:83:50:f9:a4:18: f4:b9:de:46:c4:93:a3:48:f1:34:d4:4e:df:3b:b1: a7:ce:24:2a:f6:80:ce:39:af:94:bb:98:27:6d:ab: 13:de:f9:1a:11:90:2b:45:6e:c6:96:7b:fb:50:04: 4c:99:13:07:ba:e3:71:bd:a2:52:ba:0b:d0:b1:f2: ad:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:55:97:02:56:77:0A:A2:73:4E:72:BB:0C:64:98:04:17:5F:75:3F X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/KFWXAlZ3CqJzTnK7DGSYBBdfdT8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.202.56.0/21 Signature Algorithm: sha256WithRSAEncryption 3c:11:d4:b2:be:5b:75:4a:28:eb:c4:71:c7:c8:e6:cd:f0:c3: 33:5c:e2:40:5a:bc:37:9a:1d:d6:15:3d:6a:e2:45:be:e9:cc: 6b:77:df:e7:3d:ba:a8:c1:20:dc:a6:c0:38:93:4f:60:e3:d0: d9:f0:e2:75:36:09:f0:39:57:ba:bc:40:a8:6d:09:50:54:2b: ea:fa:94:6f:fc:19:62:a7:85:88:52:3c:75:26:ea:cf:f4:74: 86:a6:be:f0:d8:66:a6:8c:e7:05:23:f1:2e:8a:e8:6c:94:17: 71:2f:fd:76:9b:74:87:bd:3f:39:85:44:97:4d:92:f6:22:30: d6:d2:35:1c:5e:31:0f:16:8f:5e:c8:6b:53:be:a1:64:76:84: 04:d9:f0:0b:79:23:5a:43:14:fe:0f:c9:b7:96:e6:d0:7f:d7: 18:50:ef:29:3e:69:7b:c9:c6:4c:11:d0:3e:ed:f6:e3:a6:a1: f9:07:f8:b5:a7:cf:aa:51:ba:e3:02:f0:10:2a:11:82:33:0d: b1:53:1d:18:f1:8b:7b:ba:66:bd:1c:b6:f3:36:f7:74:37:71: 43:54:a7:97:c6:0a:7f:3e:eb:82:5d:a0:6d:ea:8a:89:3c:c2: 7c:6f:f7:68:8f:b9:68:cb:0b:30:5e:d0:6e:d0:02:c7:a3:10: 98:5a:f9:02 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx NDEzMTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI4NTU5NzAyNTY3NzBB QTI3MzRFNzJCQjBDNjQ5ODA0MTc1Rjc1M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDj3138zblfInu3E/isXrcZwMp2zN/erMjvSpBa1OpSG8z6S7z7 LKbB55L6vFc1HD0OETepensNlxwOu0y2vNLvFci1I4m5wxUqxjVNPrllEnF7gg5p kOnY8ZjBuXhRbF8O26Q57PRh8M7gIFj+zc6Toeajh3fqQTET/zlZbCPkf1W3SyE0 4Rto5XvtzCrAzCEvHhcyqAngbfkoQugrqSvaW+l8KJoIyLjY0rgS9y7rpkUjHyvT RNAme/pNv6SDUPmkGPS53kbEk6NI8TTUTt87safOJCr2gM45r5S7mCdtqxPe+RoR kCtFbsaWe/tQBEyZEwe643G9olK6C9Cx8q1hAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUKFWXAlZ3CqJzTnK7DGSYBBdfdT8wHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9LRldYQWxaM0NxSnpUbks3REdT WUJCZGZkVDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD0so4 MA0GCSqGSIb3DQEBCwUAA4IBAQA8EdSyvlt1SijrxHHHyObN8MMzXOJAWrw3mh3W FT1q4kW+6cxrd9/nPbqowSDcpsA4k09g49DZ8OJ1NgnwOVe6vECobQlQVCvq+pRv /Blip4WIUjx1JurP9HSGpr7w2GamjOcFI/EuiuhslBdxL/12m3SHvT85hUSXTZL2 IjDW0jUcXjEPFo9eyGtTvqFkdoQE2fALeSNaQxT+D8m3lubQf9cYUO8pPml7ycZM EdA+7fbjpqH5B/i1p8+qUbrjAvAQKhGCMw2xUx0Y8Yt7uma9HLbzNvd0N3FDVKeX xgp/PuuCXaBt6oqJPMJ8b/doj7loywswXtBu0ALHoxCYWvkC -----END CERTIFICATE-----Generated at Sat May 10 11:30:35 2025 by rpki-client