$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/j4aJJ2WiQb4lxhLXwJdtSZMLbFI.roa File: j4aJJ2WiQb4lxhLXwJdtSZMLbFI.roa (raw, json) Hash identifier: UYdWHhOJEQn9+l0Klp/vM4qOKsYEgf59OuXisbOnz6E= Subject key identifier: 8F:86:89:27:65:A2:41:BE:25:C6:12:D7:C0:97:6D:49:93:0B:6C:52 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E61 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/j4aJJ2WiQb4lxhLXwJdtSZMLbFI.roa Signing time: Mon 10 Feb 2025 14:03:28 +0000 ROA not before: Mon 10 Feb 2025 14:03:28 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 61.57.136.0/21 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 18:18:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3681 (0xe61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:28 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8F86892765A241BE25C612D7C0976D49930B6C52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:4e:e6:02:7a:35:1f:16:91:3b:d8:10:ac:04: 98:51:9f:b1:f5:5c:e4:79:f2:c3:9f:eb:2e:cc:41: 24:fa:61:eb:2e:44:6c:8f:91:44:cd:35:4d:4c:82: eb:68:93:59:ee:34:74:4e:55:1b:28:80:b7:e9:f8: d7:ce:8d:82:c5:13:9b:d5:0c:82:4d:5c:e5:12:23: 43:02:e6:ec:cd:98:a4:fc:a1:02:f5:49:17:3d:ec: 7a:d8:de:72:2e:81:1d:50:66:8c:3b:fc:32:d3:ac: 34:5f:65:f4:8e:c0:aa:1d:15:8a:c1:6c:fc:7a:63: 9d:68:a6:ff:d2:3f:a7:aa:50:f4:a7:83:38:0a:6e: bf:b6:6e:7f:cd:f6:61:02:c7:cc:a1:fb:d3:df:ac: e5:35:c5:50:9a:62:70:65:d2:33:86:7c:a4:46:97: 87:3f:1c:46:5a:fb:34:de:43:d8:d8:46:32:92:b8: 92:fe:f5:1a:a4:7f:73:bf:10:58:47:43:07:d0:39: 53:e9:c4:c4:75:02:e6:82:c0:e6:21:fe:6d:11:2f: f1:86:27:f4:70:51:da:21:41:c9:1f:ab:c4:f1:82: 67:6e:d4:ba:70:bf:70:10:c6:b0:91:04:44:6f:3b: 14:8b:89:ac:0a:e6:a3:ea:22:7d:8e:3b:33:02:40: c8:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:86:89:27:65:A2:41:BE:25:C6:12:D7:C0:97:6D:49:93:0B:6C:52 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/j4aJJ2WiQb4lxhLXwJdtSZMLbFI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.136.0/21 Signature Algorithm: sha256WithRSAEncryption 50:c1:eb:29:3f:9b:4c:8c:d2:03:1d:05:35:9a:0c:40:1e:9d: bd:82:ef:13:b9:e8:97:25:99:cd:26:fc:d7:21:01:3c:a0:12: f9:12:4c:3c:45:1c:6c:bd:01:d0:8b:93:9a:b6:3b:e0:d2:2b: f9:2f:8f:88:fa:d4:d6:12:51:88:ef:c6:39:98:73:1a:0b:99: dd:02:53:9c:c4:18:75:9f:f5:53:6a:c0:58:b4:70:5e:83:ba: 38:ab:81:2f:c5:ca:46:55:81:ef:59:25:63:e2:12:6e:0e:c2: ac:96:ac:23:9d:0d:07:ec:89:a6:88:4c:9e:75:db:e5:6a:99: 6c:03:80:aa:9f:9a:52:cf:a0:03:a7:9e:18:78:ee:1b:de:89: 73:10:09:45:3c:55:01:f0:16:c0:30:0f:d9:c9:24:51:63:c1: e2:74:21:4c:ad:cb:65:04:7f:fe:5e:5d:b1:59:49:b9:bd:50: 85:63:2b:f3:a6:bd:fa:d1:cf:f2:03:55:85:a7:3e:23:a8:06: e7:58:cb:53:0a:a2:88:ce:1c:5b:a6:de:34:3c:77:8b:86:b3: 84:be:74:43:3f:f3:cc:bb:b0:03:5c:87:7e:dd:b2:90:e6:06: 78:98:77:35:09:e6:13:88:4a:b4:cd:11:ad:ef:26:7f:7d:f6: a2:79:ab:6e -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhGODY4OTI3NjVBMjQx QkUyNUM2MTJEN0MwOTc2RDQ5OTMwQjZDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSTuYCejUfFpE72BCsBJhRn7H1XOR58sOf6y7MQST6YesuRGyP kUTNNU1Mgutok1nuNHROVRsogLfp+NfOjYLFE5vVDIJNXOUSI0MC5uzNmKT8oQL1 SRc97HrY3nIugR1QZow7/DLTrDRfZfSOwKodFYrBbPx6Y51opv/SP6eqUPSngzgK br+2bn/N9mECx8yh+9PfrOU1xVCaYnBl0jOGfKRGl4c/HEZa+zTeQ9jYRjKSuJL+ 9Rqkf3O/EFhHQwfQOVPpxMR1AuaCwOYh/m0RL/GGJ/RwUdohQckfq8Txgmdu1Lpw v3AQxrCRBERvOxSLiawK5qPqIn2OOzMCQMg7AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUj4aJJ2WiQb4lxhLXwJdtSZMLbFIwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9qNGFKSjJXaVFiNGx4aExYd0pk dFNaTUxiRkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmI MA0GCSqGSIb3DQEBCwUAA4IBAQBQwespP5tMjNIDHQU1mgxAHp29gu8TueiXJZnN JvzXIQE8oBL5Ekw8RRxsvQHQi5Oatjvg0iv5L4+I+tTWElGI78Y5mHMaC5ndAlOc xBh1n/VTasBYtHBeg7o4q4EvxcpGVYHvWSVj4hJuDsKslqwjnQ0H7ImmiEyeddvl aplsA4Cqn5pSz6ADp54YeO4b3olzEAlFPFUB8BbAMA/ZySRRY8HidCFMrctlBH/+ Xl2xWUm5vVCFYyvzpr360c/yA1WFpz4jqAbnWMtTCqKIzhxbpt40PHeLhrOEvnRD P/PMu7ADXId+3bKQ5gZ4mHc1CeYTiEq0zRGt7yZ/ffaieatu -----END CERTIFICATE-----Generated at Mon Apr 21 16:56:22 2025 by rpki-client