$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/uKmSqgqi3AugnuPaHvwKj6NJQmQ.roa File: uKmSqgqi3AugnuPaHvwKj6NJQmQ.roa (raw, json) Hash identifier: SudG3SkWYjLZbjMYsQm/nODvURgd2crlCbTDbNJV0a0= Subject key identifier: B8:A9:92:AA:0A:A2:DC:0B:A0:9E:E3:DA:1E:FC:0A:8F:A3:49:42:64 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E59 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/uKmSqgqi3AugnuPaHvwKj6NJQmQ.roa Signing time: Mon 10 Feb 2025 14:03:26 +0000 ROA not before: Mon 10 Feb 2025 14:03:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 61.57.148.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3673 (0xe59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:26 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B8A992AA0AA2DC0BA09EE3DA1EFC0A8FA3494264 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:68:99:78:64:ba:1d:d2:23:cb:60:b8:38:07: b2:a1:c0:d7:0d:b8:66:0e:4f:e8:63:8f:0e:8e:35: 6a:44:cc:fe:eb:6f:39:25:83:04:aa:fd:27:17:fe: a9:fd:13:14:04:c1:85:3c:1b:d8:1a:d0:68:c9:7e: e1:53:7a:96:8a:b0:77:0b:43:9d:ad:26:7f:41:4f: 5a:41:05:bc:08:ea:44:3d:8d:53:ba:8f:b2:06:d1: 58:cf:d3:aa:6c:34:4e:b3:b8:20:69:99:fd:cd:17: c1:f8:bd:68:d2:68:d0:09:4d:82:e9:ad:fb:4f:2a: 69:17:ee:22:28:53:e9:7f:80:00:b5:d2:11:d1:29: fb:20:a2:40:9c:0e:6d:48:e2:24:73:35:07:4f:1d: 50:f0:5c:ee:01:c4:98:fd:0b:0a:43:50:ba:53:8e: a2:a4:fd:c9:34:d3:ef:ed:6e:0f:92:7a:6f:df:13: 4d:99:c7:30:73:0e:1a:12:82:88:ce:56:64:35:79: b9:3f:f1:be:dd:08:00:f1:fa:41:1e:9b:6c:75:a7: 58:ac:ca:a1:f3:d2:a5:33:ed:a2:b3:19:f4:a3:9e: fd:3a:f6:77:ea:09:1f:84:e8:ff:dc:33:2a:62:88: 0b:d1:70:d7:18:90:19:99:91:3b:ea:89:07:72:03: 5e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:A9:92:AA:0A:A2:DC:0B:A0:9E:E3:DA:1E:FC:0A:8F:A3:49:42:64 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/uKmSqgqi3AugnuPaHvwKj6NJQmQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.148.0/24 Signature Algorithm: sha256WithRSAEncryption 75:9a:a3:19:c5:ea:c9:29:cd:b8:0a:f3:ca:14:d4:47:aa:cf: f3:63:dc:b5:23:ef:d4:51:d8:1e:f7:27:6e:a8:63:ad:a7:ea: 47:f5:11:24:42:39:5d:b7:a0:32:bb:b4:a3:b1:1a:0d:b3:98: ed:d5:e8:3f:a8:d0:7c:87:db:b7:53:f6:65:94:5a:ce:70:52: bf:7b:04:14:c4:3c:34:53:f0:9c:7d:0b:83:60:1e:8c:9a:10: c2:17:dc:f1:8a:de:4c:41:23:f4:fc:67:0a:87:f1:60:29:86: b7:8f:aa:c8:28:38:0b:d2:f0:5d:be:10:f2:52:91:91:fe:56: 05:d5:1e:5d:93:54:5e:6a:42:76:c5:e3:df:01:ba:98:23:23: ad:f7:f7:07:39:4f:38:19:67:a4:06:96:f2:71:c9:82:45:3b: ea:3b:bf:3c:fb:65:11:f3:1b:27:4d:a7:27:36:81:9d:7a:6e: b0:f4:d6:ca:0f:49:5f:53:0d:80:d1:4b:29:39:19:35:01:65: e1:c4:fb:d5:17:d1:7d:54:57:7a:8c:cc:7c:e5:8d:0e:ae:f3: 61:ff:f8:94:06:10:bf:87:7a:d3:b9:25:e6:1c:10:84:dc:89: 52:b2:81:b1:2b:87:57:66:24:cd:37:8f:b4:e2:b6:48:e7:c7: f4:e5:f6:c1 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI4QTk5MkFBMEFBMkRD MEJBMDlFRTNEQTFFRkMwQThGQTM0OTQyNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaaJl4ZLod0iPLYLg4B7KhwNcNuGYOT+hjjw6ONWpEzP7rbzkl gwSq/ScX/qn9ExQEwYU8G9ga0GjJfuFTepaKsHcLQ52tJn9BT1pBBbwI6kQ9jVO6 j7IG0VjP06psNE6zuCBpmf3NF8H4vWjSaNAJTYLprftPKmkX7iIoU+l/gAC10hHR KfsgokCcDm1I4iRzNQdPHVDwXO4BxJj9CwpDULpTjqKk/ck00+/tbg+Sem/fE02Z xzBzDhoSgojOVmQ1ebk/8b7dCADx+kEem2x1p1isyqHz0qUz7aKzGfSjnv069nfq CR+E6P/cMypiiAvRcNcYkBmZkTvqiQdyA17xAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUuKmSqgqi3AugnuPaHvwKj6NJQmQwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC91S21TcWdxaTNBdWdudVBhSHZ3 S2o2TkpRbVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPTmU MA0GCSqGSIb3DQEBCwUAA4IBAQB1mqMZxerJKc24CvPKFNRHqs/zY9y1I+/UUdge 9yduqGOtp+pH9REkQjldt6Ayu7SjsRoNs5jt1eg/qNB8h9u3U/ZllFrOcFK/ewQU xDw0U/CcfQuDYB6MmhDCF9zxit5MQSP0/GcKh/FgKYa3j6rIKDgL0vBdvhDyUpGR /lYF1R5dk1ReakJ2xePfAbqYIyOt9/cHOU84GWekBpbyccmCRTvqO788+2UR8xsn TacnNoGdem6w9NbKD0lfUw2A0UspORk1AWXhxPvVF9F9VFd6jMx85Y0OrvNh//iU BhC/h3rTuSXmHBCE3IlSsoGxK4dXZiTNN4+04rZI58f05fbB -----END CERTIFICATE-----Generated at Fri Apr 18 21:10:32 2025 by rpki-client