$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CLARK/IbUF4ZRCl6bFITVhTgdFKDF-RKk.roa File: IbUF4ZRCl6bFITVhTgdFKDF-RKk.roa (raw, json) Hash identifier: dT5Ls122OnJK3bTe8K8muQ+IjN8yA0f7fBZl5SWw7L0= Subject key identifier: 21:B5:05:E1:94:42:97:A6:C5:21:35:61:4E:07:45:28:31:7E:44:A9 Certificate issuer: /CN=74AF0402FEF56C34A192D1D2185E6FB546AA702C Certificate serial: 01DE Authority key identifier: 74:AF:04:02:FE:F5:6C:34:A1:92:D1:D2:18:5E:6F:B5:46:AA:70:2C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/dK8EAv71bDShktHSGF5vtUaqcCw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/IbUF4ZRCl6bFITVhTgdFKDF-RKk.roa Signing time: Mon 10 Feb 2025 14:22:38 +0000 ROA not before: Mon 10 Feb 2025 14:22:38 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 63910 IP address blocks: 103.130.237.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/dK8EAv71bDShktHSGF5vtUaqcCw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/dK8EAv71bDShktHSGF5vtUaqcCw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/dK8EAv71bDShktHSGF5vtUaqcCw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 03:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 478 (0x1de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74AF0402FEF56C34A192D1D2185E6FB546AA702C Validity Not Before: Feb 10 14:22:38 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=21B505E1944297A6C52135614E074528317E44A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:b1:a1:76:c9:c6:11:ee:c6:ef:59:bd:fa:55: fa:20:95:a4:8c:17:e6:90:9c:fb:06:94:c9:fe:1a: 23:33:3f:65:d6:9d:1a:7f:45:fe:46:ab:b7:7f:39: c7:79:a0:ed:de:1b:04:66:9d:f3:0b:d3:56:ba:bc: 34:7b:1f:ff:ec:83:b0:88:d4:76:81:5b:a0:f6:53: cd:4f:68:fa:b8:cc:10:f1:f9:63:81:f2:79:c8:cf: 49:b9:aa:06:9d:c9:29:b3:c5:d6:15:f2:7d:bd:ef: 04:95:b8:b1:47:e6:6d:70:fa:d1:8a:67:ef:96:18: 0b:ae:c5:7f:ec:9e:62:0e:da:27:46:68:b7:45:6d: 93:21:b7:14:0b:c9:5c:7b:01:06:1d:f7:0e:6f:3d: e9:74:e1:dc:e8:4a:6f:a0:64:a3:6a:48:d8:9c:4a: ac:2b:6a:70:ed:c7:b7:d3:09:2d:f2:11:33:0e:53: b4:2d:55:5c:a9:09:f5:92:6e:a5:42:d2:12:d6:e9: b8:69:7f:f4:12:38:33:8d:28:87:da:18:9a:40:61: be:0e:54:53:fd:24:1d:cd:72:99:09:02:a7:68:48: 2e:80:89:0b:c5:b6:3d:65:83:7d:0c:ff:16:e7:23: ba:c9:33:f9:a9:c7:9c:0f:37:dc:6f:d7:45:0a:35: 25:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:B5:05:E1:94:42:97:A6:C5:21:35:61:4E:07:45:28:31:7E:44:A9 X509v3 Authority Key Identifier: keyid:74:AF:04:02:FE:F5:6C:34:A1:92:D1:D2:18:5E:6F:B5:46:AA:70:2C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/dK8EAv71bDShktHSGF5vtUaqcCw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/dK8EAv71bDShktHSGF5vtUaqcCw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLARK/IbUF4ZRCl6bFITVhTgdFKDF-RKk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.130.237.0/24 Signature Algorithm: sha256WithRSAEncryption af:31:9a:e8:a8:ce:43:47:05:3b:3c:34:48:47:e0:da:6b:bc: 76:71:79:a2:b6:8b:23:6b:b4:92:0a:6e:aa:6f:3a:f0:a7:63: 79:d2:2d:a6:7b:0e:76:51:65:3d:22:5b:28:75:22:c6:48:81: 71:3e:ae:c9:31:cc:a7:7b:d4:d9:f3:c0:5d:9d:39:ab:62:4c: 6a:0e:46:1c:91:c4:6c:71:52:21:d5:f3:9f:9d:2f:5f:90:2a: 19:99:61:fd:d0:0b:bd:2c:de:7b:f7:e4:6c:92:02:16:82:de: ed:16:36:76:3f:dd:83:4e:95:e0:19:12:d9:d3:c6:43:1e:78: e4:dc:98:72:43:b1:52:04:05:25:c2:da:4e:84:21:de:3e:b7: 3a:c2:2b:ec:5f:79:6a:ab:6c:92:c0:75:54:c4:40:d8:44:e4: 7c:40:43:47:3b:c4:b6:be:11:1e:2f:e7:ef:37:89:4b:c3:5e: 4d:dc:98:0b:45:a7:5f:29:63:d7:8d:c0:56:6e:16:1c:49:4e: 74:47:bf:a0:e6:c7:fb:32:ea:45:47:c3:d5:3e:d5:c2:06:dd: c5:5d:e0:76:ec:73:86:42:11:1c:12:3c:2f:ec:f1:cc:bc:a4: 56:cb:70:97:6d:86:a3:e3:50:8a:82:c5:a2:64:a0:b1:7b:d1: 8d:ff:b7:3c -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzRB RjA0MDJGRUY1NkMzNEExOTJEMUQyMTg1RTZGQjU0NkFBNzAyQzAeFw0yNTAyMTAx NDIyMzhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIxQjUwNUUxOTQ0Mjk3 QTZDNTIxMzU2MTRFMDc0NTI4MzE3RTQ0QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQsaF2ycYR7sbvWb36VfoglaSMF+aQnPsGlMn+GiMzP2XWnRp/ Rf5Gq7d/Ocd5oO3eGwRmnfML01a6vDR7H//sg7CI1HaBW6D2U81PaPq4zBDx+WOB 8nnIz0m5qgadySmzxdYV8n297wSVuLFH5m1w+tGKZ++WGAuuxX/snmIO2idGaLdF bZMhtxQLyVx7AQYd9w5vPel04dzoSm+gZKNqSNicSqwranDtx7fTCS3yETMOU7Qt VVypCfWSbqVC0hLW6bhpf/QSODONKIfaGJpAYb4OVFP9JB3NcpkJAqdoSC6AiQvF tj1lg30M/xbnI7rJM/mpx5wPN9xv10UKNSXfAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUIbUF4ZRCl6bFITVhTgdFKDF+RKkwHwYDVR0jBBgwFoAUdK8EAv71bDShktHS GF5vtUaqcCwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0xBUksv ZEs4RUF2NzFiRFNoa3RIU0dGNXZ0VWFxY0N3LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9kSzhFQXY3MWJEU2hrdEhTR0Y1dnRVYXFjQ3cuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DTEFSSy9JYlVGNFpSQ2w2YkZJVFZoVGdk RktERi1SS2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ4Lt MA0GCSqGSIb3DQEBCwUAA4IBAQCvMZroqM5DRwU7PDRIR+Daa7x2cXmitosja7SS Cm6qbzrwp2N50i2mew52UWU9IlsodSLGSIFxPq7JMcyne9TZ88BdnTmrYkxqDkYc kcRscVIh1fOfnS9fkCoZmWH90Au9LN579+RskgIWgt7tFjZ2P92DTpXgGRLZ08ZD Hnjk3JhyQ7FSBAUlwtpOhCHePrc6wivsX3lqq2ySwHVUxEDYROR8QENHO8S2vhEe L+fvN4lLw15N3JgLRadfKWPXjcBWbhYcSU50R7+g5sf7MupFR8PVPtXCBt3FXeB2 7HOGQhEcEjwv7PHMvKRWy3CXbYaj41CKgsWiZKCxe9GN/7c8 -----END CERTIFICATE-----Generated at Fri Apr 18 23:43:50 2025 by rpki-client