$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/IxpZDXdZKR8EQr4RGjTYC9z5CZg.roa File: IxpZDXdZKR8EQr4RGjTYC9z5CZg.roa (raw, json) Hash identifier: M5a2tiG2l6692Epp/RUZI9Eunj7IYAn90MnrHDhNY+4= Subject key identifier: 23:1A:59:0D:77:59:29:1F:04:42:BE:11:1A:34:D8:0B:DC:F9:09:98 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E52 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/IxpZDXdZKR8EQr4RGjTYC9z5CZg.roa Signing time: Mon 10 Feb 2025 14:03:25 +0000 ROA not before: Mon 10 Feb 2025 14:03:25 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 27.147.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 01:48:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3666 (0xe52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:25 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=231A590D7759291F0442BE111A34D80BDCF90998 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:c0:1b:23:cc:08:0b:dc:0f:52:bd:c9:8f:d2: f2:dc:3d:c5:bf:34:38:4e:a7:23:ec:75:2a:b7:86: 7b:91:91:c9:5b:3b:87:89:ab:74:1f:d2:07:b7:43: 10:b9:11:31:3e:73:d9:46:e1:fd:6c:01:f2:78:54: b1:20:2c:7c:bb:58:ab:a6:2b:f1:95:2f:8b:eb:de: a8:a2:d2:d4:63:1b:11:f5:8c:a4:9b:f2:d9:79:f5: fc:e3:fd:24:c0:d1:e1:4b:9e:fa:71:39:b1:2c:a9: 1f:aa:89:03:b8:fa:c6:79:03:82:e3:5d:f7:2c:4d: a9:b5:37:fb:b2:02:a0:80:a5:ed:d3:62:64:d9:af: 45:cc:18:82:c5:16:36:0e:f8:31:c4:c9:c2:53:7e: 99:74:ac:db:bd:be:77:e4:3f:e2:34:cb:5f:bb:7a: cf:04:96:dc:11:7e:b5:ab:45:5a:61:04:c6:6d:93: ed:14:f1:d9:14:05:32:3d:41:aa:6a:7a:51:34:64: 03:01:c9:c3:34:46:81:37:35:be:36:d6:2e:37:34: 67:d3:16:83:57:1a:77:6b:44:5a:1c:6d:a2:02:67: 95:29:6c:48:d5:c9:e1:ca:95:40:bf:9a:70:9a:c2: d4:c8:06:0f:a4:43:03:dd:d0:c5:72:76:bc:11:c3: f7:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:1A:59:0D:77:59:29:1F:04:42:BE:11:1A:34:D8:0B:DC:F9:09:98 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/IxpZDXdZKR8EQr4RGjTYC9z5CZg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.147.63.0/24 Signature Algorithm: sha256WithRSAEncryption 93:f1:d6:d3:5f:04:04:66:39:8e:d2:20:b5:b2:54:8f:b0:00: d8:b3:81:1d:c2:e7:a1:47:68:bc:0a:4b:8d:1c:3b:7a:69:4d: 61:88:ef:01:32:6c:89:0a:8b:cb:3f:45:50:8f:4b:d8:e2:e4: 76:97:69:3d:d2:20:90:fd:ed:68:ae:a6:9e:f9:81:57:26:f6: ee:92:ba:68:09:ff:bb:d9:68:14:69:d1:05:46:f2:c0:f4:b4: bc:64:95:8c:6f:27:4b:cd:e8:2c:43:c5:1d:2f:b0:65:94:be: a3:56:09:6b:95:1e:50:30:5a:ea:fd:4e:f0:0b:42:87:59:10: 9c:16:b3:e2:98:9d:31:c8:4d:9b:f8:68:14:f3:81:80:d9:5a: 4c:0a:51:0f:b6:49:f2:87:50:2f:a7:6a:e5:b2:e1:fe:06:d4: f3:e2:2a:dc:b9:5e:01:9a:ef:41:18:60:aa:1d:a2:ab:97:91: fc:4d:d8:29:ef:68:2b:36:35:9c:9e:85:79:ef:2a:0d:38:56: 1a:2b:ac:4d:28:af:28:11:62:f3:26:f0:4c:57:9e:59:91:22: 95:86:87:cf:7e:79:a4:ed:74:78:14:97:56:bc:8e:be:a5:84: 8e:43:a1:b2:b8:eb:12:3a:8f:25:cd:c5:d8:a2:d0:02:d4:c6: 15:e0:cf:9b -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIzMUE1OTBENzc1OTI5 MUYwNDQyQkUxMTFBMzREODBCRENGOTA5OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChwBsjzAgL3A9SvcmP0vLcPcW/NDhOpyPsdSq3hnuRkclbO4eJ q3Qf0ge3QxC5ETE+c9lG4f1sAfJ4VLEgLHy7WKumK/GVL4vr3qii0tRjGxH1jKSb 8tl59fzj/STA0eFLnvpxObEsqR+qiQO4+sZ5A4LjXfcsTam1N/uyAqCApe3TYmTZ r0XMGILFFjYO+DHEycJTfpl0rNu9vnfkP+I0y1+7es8EltwRfrWrRVphBMZtk+0U 8dkUBTI9QapqelE0ZAMBycM0RoE3Nb421i43NGfTFoNXGndrRFocbaICZ5UpbEjV yeHKlUC/mnCawtTIBg+kQwPd0MVydrwRw/fvAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUIxpZDXdZKR8EQr4RGjTYC9z5CZgwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9JeHBaRFhkWktSOEVRcjRSR2pU WUM5ejVDWmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAG5M/ MA0GCSqGSIb3DQEBCwUAA4IBAQCT8dbTXwQEZjmO0iC1slSPsADYs4EdwuehR2i8 CkuNHDt6aU1hiO8BMmyJCovLP0VQj0vY4uR2l2k90iCQ/e1orqae+YFXJvbukrpo Cf+72WgUadEFRvLA9LS8ZJWMbydLzegsQ8UdL7BllL6jVglrlR5QMFrq/U7wC0KH WRCcFrPimJ0xyE2b+GgU84GA2VpMClEPtknyh1Avp2rlsuH+BtTz4ircuV4Bmu9B GGCqHaKrl5H8Tdgp72grNjWcnoV57yoNOFYaK6xNKK8oEWLzJvBMV55ZkSKVhofP fnmk7XR4FJdWvI6+pYSOQ6GyuOsSOo8lzcXYotAC1MYV4M+b -----END CERTIFICATE-----Generated at Wed Apr 23 00:05:36 2025 by rpki-client