$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/ndDHvZuAB57xN_D6xDUdCFqlT1M.roa File: ndDHvZuAB57xN_D6xDUdCFqlT1M.roa (raw, json) Hash identifier: w+IdqLpwmsMlz38biNsk7n6IhrF8bR9KyGoL3+SoAUs= Subject key identifier: 9D:D0:C7:BD:9B:80:07:9E:F1:37:F0:FA:C4:35:1D:08:5A:A5:4F:53 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E65 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ndDHvZuAB57xN_D6xDUdCFqlT1M.roa Signing time: Mon 10 Feb 2025 14:03:29 +0000 ROA not before: Mon 10 Feb 2025 14:03:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 27.147.24.0/21 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 21:18:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3685 (0xe65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:29 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9DD0C7BD9B80079EF137F0FAC4351D085AA54F53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:4c:42:54:1c:a2:17:74:21:ff:7f:0c:87:3b: 0d:fb:41:47:1c:00:f9:86:ab:fd:5f:cf:1d:8e:53: 40:57:ab:0e:7a:bf:e9:0a:2f:ae:3b:01:8f:9d:0d: 49:98:3a:12:5b:01:15:03:75:08:f5:23:e1:fc:86: a8:eb:9d:76:a9:76:68:3d:b9:5a:e5:39:c4:02:0b: 26:8a:34:9a:89:2e:84:79:4c:21:db:19:71:b7:d1: f4:43:c9:78:e3:0e:36:58:60:87:1f:f5:8d:1e:df: 6d:0a:a4:bc:b3:74:bc:9d:6c:46:62:67:2e:6f:d2: 88:7f:ee:1e:03:db:59:9a:79:20:10:9d:7f:8d:e9: 6e:b8:85:fb:e4:c5:72:bc:ec:9c:f2:30:85:9b:d7: 39:1b:b1:6e:4d:00:58:ee:33:fd:f6:fb:38:3e:f6: 37:6a:c1:6c:3e:b2:cf:30:1d:d5:b9:c9:3a:7e:1a: 40:de:8a:7b:8d:75:83:da:74:fb:dd:aa:74:fb:2a: da:3d:8b:69:6c:64:38:4a:65:e6:b3:9b:ca:5b:7a: 63:1f:6c:e1:0c:2a:f2:e9:25:7f:b0:4f:89:51:30: b2:f8:43:4c:45:f4:a0:32:6b:c0:c7:1a:d4:cb:7c: 65:2d:77:bf:1c:ff:8d:51:e1:7a:ce:50:5c:17:36: a4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:D0:C7:BD:9B:80:07:9E:F1:37:F0:FA:C4:35:1D:08:5A:A5:4F:53 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ndDHvZuAB57xN_D6xDUdCFqlT1M.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.147.24.0/21 Signature Algorithm: sha256WithRSAEncryption 80:eb:33:28:b6:47:d9:d0:71:37:68:5d:29:71:12:2a:6d:2d: c9:e2:d9:39:25:a1:a7:9b:53:65:5e:49:04:fe:e1:09:37:b9: 7d:ad:b1:09:41:78:b5:19:9c:da:40:64:f2:7d:e5:e6:d3:db: 86:ed:50:aa:97:0e:66:9c:f7:3f:9b:1d:42:63:00:14:b0:91: 6a:91:83:3a:77:e5:46:15:41:ce:ed:66:8f:db:ba:b5:39:c3: 26:f1:0e:70:9e:ac:34:7e:7f:5e:aa:cd:66:f2:8e:bf:a8:ea: df:58:35:7b:59:a1:4a:30:74:e6:f7:4d:94:cb:9e:f4:0b:6d: 59:a4:0b:24:64:c1:75:64:f1:84:ab:4b:fb:0b:4a:46:87:f1: e0:47:ee:af:e2:2f:e5:12:73:76:a4:d8:d5:15:3c:16:d5:e9: 37:9b:db:d4:18:10:b2:3a:a5:bc:e0:39:26:27:8f:1b:c4:5d: 27:59:09:00:a6:ca:45:b8:05:bb:97:cc:6a:f5:67:c2:82:21: 01:99:a9:41:c3:20:95:03:f5:b5:7b:9e:da:77:6c:89:09:eb: 57:89:76:d1:78:6c:2f:5e:fa:66:12:07:70:80:f7:06:8d:7f: 51:48:5a:b3:a3:96:95:75:86:e4:cb:2d:af:0d:fd:7f:c6:c3: 03:5a:fd:19 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlERDBDN0JEOUI4MDA3 OUVGMTM3RjBGQUM0MzUxRDA4NUFBNTRGNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/TEJUHKIXdCH/fwyHOw37QUccAPmGq/1fzx2OU0BXqw56v+kK L647AY+dDUmYOhJbARUDdQj1I+H8hqjrnXapdmg9uVrlOcQCCyaKNJqJLoR5TCHb GXG30fRDyXjjDjZYYIcf9Y0e320KpLyzdLydbEZiZy5v0oh/7h4D21maeSAQnX+N 6W64hfvkxXK87JzyMIWb1zkbsW5NAFjuM/32+zg+9jdqwWw+ss8wHdW5yTp+GkDe inuNdYPadPvdqnT7Kto9i2lsZDhKZeazm8pbemMfbOEMKvLpJX+wT4lRMLL4Q0xF 9KAya8DHGtTLfGUtd78c/41R4XrOUFwXNqThAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUndDHvZuAB57xN/D6xDUdCFqlT1MwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9uZERIdlp1QUI1N3hOX0Q2eERV ZENGcWxUMU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MY MA0GCSqGSIb3DQEBCwUAA4IBAQCA6zMotkfZ0HE3aF0pcRIqbS3J4tk5JaGnm1Nl XkkE/uEJN7l9rbEJQXi1GZzaQGTyfeXm09uG7VCqlw5mnPc/mx1CYwAUsJFqkYM6 d+VGFUHO7WaP27q1OcMm8Q5wnqw0fn9eqs1m8o6/qOrfWDV7WaFKMHTm902Uy570 C21ZpAskZMF1ZPGEq0v7C0pGh/HgR+6v4i/lEnN2pNjVFTwW1ek3m9vUGBCyOqW8 4DkmJ48bxF0nWQkApspFuAW7l8xq9WfCgiEBmalBwyCVA/W1e57ad2yJCetXiXbR eGwvXvpmEgdwgPcGjX9RSFqzo5aVdYbkyy2vDf1/xsMDWv0Z -----END CERTIFICATE-----Generated at Tue Apr 22 19:04:15 2025 by rpki-client