$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/1geZBQs1U-GPZsXabV78ZvopGkg.roa File: 1geZBQs1U-GPZsXabV78ZvopGkg.roa (raw, json) Hash identifier: qKRLft/24yJAkLXUG6tuiirJVB4hIriwdTxHFbaX3fI= Subject key identifier: D6:07:99:05:0B:35:53:E1:8F:66:C5:DA:6D:5E:FC:66:FA:29:1A:48 Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D Certificate serial: 0C9B Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/1geZBQs1U-GPZsXabV78ZvopGkg.roa Signing time: Mon 10 Feb 2025 14:24:21 +0000 ROA not before: Mon 10 Feb 2025 14:24:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18042 IP address blocks: 103.123.188.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3227 (0xc9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D Validity Not Before: Feb 10 14:24:21 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D60799050B3553E18F66C5DA6D5EFC66FA291A48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:be:16:db:2e:b5:e0:61:8f:53:f8:68:8b:bc: 91:f8:f6:b7:71:f4:a0:c8:d7:b2:55:49:3c:84:7b: 54:ee:47:11:83:69:5d:f1:6e:06:e1:0f:c2:0d:54: 06:3a:7f:b4:98:1b:f1:d6:f6:64:56:d7:fc:7b:79: da:cf:5d:a0:11:f6:bf:89:45:9f:7e:9f:c6:69:94: 65:49:02:4f:75:79:99:6c:e0:20:60:c3:6b:be:92: b0:3c:7e:8c:9d:95:08:2b:98:73:9b:c4:2e:f2:6e: 90:d7:2d:d5:c0:c7:02:df:d3:c3:b4:11:c5:00:13: 3a:f1:9b:da:f5:8e:34:fb:e9:2d:be:15:2f:c5:0f: ea:b5:b9:ff:d2:98:79:f6:cb:0f:0e:f1:ca:8f:7c: 51:22:de:c0:03:e0:21:03:15:b7:8a:a5:69:13:0b: 1b:3d:29:44:54:0f:a3:df:78:09:86:a1:a1:bd:55: 88:a6:b1:1c:a1:9e:9d:18:ca:02:cb:fc:df:35:cb: 73:fe:8c:33:22:28:b5:53:69:cf:0c:2a:ad:65:34: 0c:81:cb:36:36:d5:cb:82:e5:11:5b:f5:ee:48:b8: 00:e0:f6:c7:72:62:15:89:e4:24:7b:00:39:48:9d: ff:91:79:78:49:e0:81:c7:fb:7b:5b:cd:cc:a4:56: 73:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:07:99:05:0B:35:53:E1:8F:66:C5:DA:6D:5E:FC:66:FA:29:1A:48 X509v3 Authority Key Identifier: keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/1geZBQs1U-GPZsXabV78ZvopGkg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.123.188.0/24 Signature Algorithm: sha256WithRSAEncryption 05:3d:15:9c:fb:3e:28:93:46:4e:6c:c2:53:9c:4c:ef:72:69: 7c:20:7c:f6:b7:23:5c:8f:31:cc:e6:4c:bf:cd:dd:54:00:71: 63:3e:83:7b:94:0d:47:17:09:74:79:ab:a1:06:98:87:91:51: 7c:98:58:57:6b:df:1d:c2:9d:c5:5d:2f:55:dc:a8:fe:6e:f3: c9:9c:72:6e:2b:54:a7:29:4d:9b:48:cc:5c:a3:06:3d:6b:3d: 1f:02:9a:bc:f9:4c:e3:4a:1a:ea:1b:83:82:0f:a7:19:9d:a4: 02:25:c5:0f:01:70:ee:8d:a3:ac:75:ec:bc:81:cd:11:9a:ab: 39:8e:bc:45:9b:e9:f6:ac:08:8f:bc:4b:40:28:36:c7:e4:86: a6:50:68:38:35:12:cb:ea:f1:eb:f2:1c:91:56:cb:ca:4e:5b: 49:d9:a5:e5:99:b8:31:37:01:66:10:2f:d9:a0:7c:e6:74:70: 14:52:c2:00:a1:8c:f2:8f:fa:18:96:ce:31:56:06:f2:b8:0c: e9:76:a0:d6:04:63:8a:58:83:19:c9:7c:2f:5d:05:5a:07:85: f3:0c:d5:b9:9e:8f:6a:06:a6:4d:62:23:a7:3f:48:3e:b6:b0: 72:59:66:a6:45:92:74:88:06:ba:0a:44:f1:8f:57:81:44:2c: a2:fb:5a:39 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDJswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2 QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yNTAyMTAx NDI0MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ2MDc5OTA1MEIzNTUz RTE4RjY2QzVEQTZENUVGQzY2RkEyOTFBNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvvhbbLrXgYY9T+GiLvJH49rdx9KDI17JVSTyEe1TuRxGDaV3x bgbhD8INVAY6f7SYG/HW9mRW1/x7edrPXaAR9r+JRZ9+n8ZplGVJAk91eZls4CBg w2u+krA8foydlQgrmHObxC7ybpDXLdXAxwLf08O0EcUAEzrxm9r1jjT76S2+FS/F D+q1uf/SmHn2yw8O8cqPfFEi3sAD4CEDFbeKpWkTCxs9KURUD6PfeAmGoaG9VYim sRyhnp0YygLL/N81y3P+jDMiKLVTac8MKq1lNAyByzY21cuC5RFb9e5IuADg9sdy YhWJ5CR7ADlInf+ReXhJ4IHH+3tbzcykVnOXAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU1geZBQs1U+GPZsXabV78ZvopGkgwHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4 TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFLzFnZVpCUXMxVS1H UFpzWGFiVjc4WnZvcEdrZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBABne7wwDQYJKoZIhvcNAQELBQADggEBAAU9FZz7PiiTRk5swlOcTO9yaXwg fPa3I1yPMczmTL/N3VQAcWM+g3uUDUcXCXR5q6EGmIeRUXyYWFdr3x3CncVdL1Xc qP5u88mccm4rVKcpTZtIzFyjBj1rPR8Cmrz5TONKGuobg4IPpxmdpAIlxQ8BcO6N o6x17LyBzRGaqzmOvEWb6fasCI+8S0AoNsfkhqZQaDg1Esvq8evyHJFWy8pOW0nZ peWZuDE3AWYQL9mgfOZ0cBRSwgChjPKP+hiWzjFWBvK4DOl2oNYEY4pYgxnJfC9d BVoHhfMM1bmej2oGpk1iI6c/SD62sHJZZqZFknSIBroKRPGPV4FELKL7Wjk= -----END CERTIFICATE-----Generated at Sat Apr 5 17:27:22 2025 by rpki-client