$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/QXKiva8rC5c4cHN3RUCUH-zjEQ0.roa File: QXKiva8rC5c4cHN3RUCUH-zjEQ0.roa (raw, json) Hash identifier: Li2UumvKuKthkNYOLuZreKXPp8YU/efNd3eGO3dF4qc= Subject key identifier: 41:72:A2:BD:AF:2B:0B:97:38:70:73:77:45:40:94:1F:EC:E3:11:0D Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E54 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/QXKiva8rC5c4cHN3RUCUH-zjEQ0.roa Signing time: Mon 10 Feb 2025 14:03:25 +0000 ROA not before: Mon 10 Feb 2025 14:03:25 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 103.224.200.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3668 (0xe54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:25 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4172A2BDAF2B0B97387073774540941FECE3110D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:7b:74:bc:f2:36:46:67:7b:0c:5b:eb:c8:84: 7e:39:35:ea:69:88:25:ac:97:fd:b1:57:09:5d:df: 63:3f:e1:42:89:2c:bd:ba:8c:8c:9b:fe:83:78:4d: 69:f0:13:83:01:ab:47:af:ea:27:ab:85:fd:3c:bf: 44:c8:0b:bc:cd:8f:a2:d7:33:04:3f:1e:bf:2f:22: b3:47:96:3d:3b:81:1c:31:12:6b:4b:59:74:6e:a6: 14:bd:31:0f:b5:d2:e6:18:9f:8e:88:c6:a1:69:74: fd:23:41:65:2b:35:27:12:30:cd:e0:95:1e:25:1a: 37:a2:b0:4e:ac:84:00:9c:01:58:b7:f7:59:47:46: 7e:40:06:cf:09:c1:a4:38:92:42:77:49:df:c3:c9: 6d:6d:5e:24:50:72:e2:5b:9c:84:68:54:a4:a0:96: 0a:2d:98:4a:74:a1:d2:b6:66:1c:06:c0:1a:0b:45: af:1a:63:62:cc:88:2f:4d:5e:27:ca:76:6b:37:63: 41:fb:9d:fa:d0:51:c8:eb:66:44:28:66:fc:60:a6: 88:e4:4b:76:62:51:78:05:b7:f5:da:66:02:67:f3: 76:9e:ac:46:38:11:71:e9:de:d3:f3:4a:1b:00:8a: fa:13:1e:86:e5:fe:20:9d:6d:cd:86:ab:e6:70:7b: 83:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:72:A2:BD:AF:2B:0B:97:38:70:73:77:45:40:94:1F:EC:E3:11:0D X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/QXKiva8rC5c4cHN3RUCUH-zjEQ0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.224.200.0/22 Signature Algorithm: sha256WithRSAEncryption 81:36:d7:e4:63:36:57:57:60:42:3b:b5:aa:99:14:eb:6c:2f: 03:03:7a:80:9d:28:cc:0c:54:43:f9:c7:cb:c4:57:40:40:bd: 94:44:9e:08:0b:bb:6b:8f:ba:dd:70:e1:b8:ac:68:79:73:ad: 0c:a1:f2:26:b9:e5:fb:93:ba:36:84:75:cf:a7:84:b3:8d:97: 2e:b6:ad:97:cc:f1:7c:68:2a:47:12:0c:c9:91:c5:4d:32:f7: 0d:cd:b9:d8:9d:d6:35:28:12:29:aa:ef:41:e2:fb:f3:fa:bd: 25:06:8a:3d:e4:96:36:83:56:25:b8:91:6f:7d:d2:4c:d5:1f: e8:a4:61:27:f2:07:24:36:1d:07:58:1d:c6:2f:a1:e3:ba:a9: d4:cf:70:65:0a:30:40:57:78:79:b6:36:d3:fa:d9:81:ae:3f: c7:94:52:28:eb:6c:32:40:dc:20:c9:5c:30:d7:f8:45:0d:06: f8:c2:d0:a4:86:df:e7:68:a6:aa:12:e6:07:71:63:02:a7:f7: 61:48:53:a4:22:0e:ca:26:3b:90:69:8d:c6:29:eb:25:d8:bc: 88:37:4f:07:56:b2:a1:02:26:82:fd:83:94:db:3a:a8:30:8d: 12:e6:ff:19:a1:5c:8f:87:c6:0f:48:1e:bd:0b:86:81:63:5e: a1:8d:a1:5d -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQxNzJBMkJEQUYyQjBC OTczODcwNzM3NzQ1NDA5NDFGRUNFMzExMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCe3S88jZGZ3sMW+vIhH45NeppiCWsl/2xVwld32M/4UKJLL26 jIyb/oN4TWnwE4MBq0ev6ierhf08v0TIC7zNj6LXMwQ/Hr8vIrNHlj07gRwxEmtL WXRuphS9MQ+10uYYn46IxqFpdP0jQWUrNScSMM3glR4lGjeisE6shACcAVi391lH Rn5ABs8JwaQ4kkJ3Sd/DyW1tXiRQcuJbnIRoVKSglgotmEp0odK2ZhwGwBoLRa8a Y2LMiC9NXifKdms3Y0H7nfrQUcjrZkQoZvxgpojkS3ZiUXgFt/XaZgJn83aerEY4 EXHp3tPzShsAivoTHobl/iCdbc2Gq+Zwe4PHAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUQXKiva8rC5c4cHN3RUCUH+zjEQ0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9RWEtpdmE4ckM1YzRjSE4zUlVD VUgtempFUTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+DI MA0GCSqGSIb3DQEBCwUAA4IBAQCBNtfkYzZXV2BCO7WqmRTrbC8DA3qAnSjMDFRD +cfLxFdAQL2URJ4IC7trj7rdcOG4rGh5c60MofImueX7k7o2hHXPp4SzjZcutq2X zPF8aCpHEgzJkcVNMvcNzbnYndY1KBIpqu9B4vvz+r0lBoo95JY2g1YluJFvfdJM 1R/opGEn8gckNh0HWB3GL6HjuqnUz3BlCjBAV3h5tjbT+tmBrj/HlFIo62wyQNwg yVww1/hFDQb4wtCkht/naKaqEuYHcWMCp/dhSFOkIg7KJjuQaY3GKesl2LyIN08H VrKhAiaC/YOU2zqoMI0S5v8ZoVyPh8YPSB69C4aBY16hjaFd -----END CERTIFICATE-----Generated at Fri Apr 18 21:08:54 2025 by rpki-client