$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/JAIRU5VihwZ4LC3KcHfyzKG7wS8.roa File: JAIRU5VihwZ4LC3KcHfyzKG7wS8.roa (raw, json) Hash identifier: 0YO+x4tgbmGQqdACK75z5cPGX581iv+O7004zW8gXAo= Subject key identifier: 24:02:11:53:95:62:87:06:78:2C:2D:CA:70:77:F2:CC:A1:BB:C1:2F Certificate issuer: /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9 Certificate serial: 0D18 Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/JAIRU5VihwZ4LC3KcHfyzKG7wS8.roa Signing time: Mon 10 Feb 2025 14:08:20 +0000 ROA not before: Mon 10 Feb 2025 14:08:20 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4782 IP address blocks: 124.199.96.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 16:48:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3352 (0xd18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9 Validity Not Before: Feb 10 14:08:20 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2402115395628706782C2DCA7077F2CCA1BBC12F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:d7:fa:85:e4:df:ac:f1:f9:68:f6:80:fb:07: 80:e0:d7:4a:28:21:08:75:28:bb:c8:b8:9b:ec:2b: 8c:c6:55:aa:3a:7b:75:40:bc:fc:d0:78:74:73:21: 4e:16:e6:e4:49:ea:b2:01:ee:96:49:89:4d:72:de: 20:a0:d4:24:91:dd:13:29:10:36:14:4c:1d:0f:c5: 76:96:81:3a:7b:c1:64:87:1c:ce:cb:41:c2:fb:48: 69:6b:b0:e5:c9:6b:55:51:a7:0b:70:a2:e0:d0:f0: 48:3d:38:b7:cf:e6:7c:00:49:44:60:d1:9c:d2:5b: 62:a8:0f:24:d8:6b:c9:7c:01:5e:89:69:67:3b:4b: ab:7a:6c:e4:69:8d:39:1f:8d:17:ef:cd:28:26:73: 94:22:fb:ef:24:3b:cb:1d:5e:87:58:87:8d:ff:ce: ef:f0:21:a1:57:66:f7:07:38:71:08:43:2b:11:c3: 50:76:56:13:fb:a7:6c:bb:20:67:5f:e5:5d:11:b5: da:12:76:56:d6:d3:47:7f:76:00:45:91:d3:69:05: 7e:b5:ab:b0:c9:f1:ae:2e:8e:ab:83:7c:f8:5b:ba: eb:4e:3d:40:49:ff:d3:f3:a6:f5:f6:7e:95:c5:09: 6c:95:b3:02:31:57:09:04:cb:07:b8:5d:90:a7:d8: d7:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:02:11:53:95:62:87:06:78:2C:2D:CA:70:77:F2:CC:A1:BB:C1:2F X509v3 Authority Key Identifier: keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/JAIRU5VihwZ4LC3KcHfyzKG7wS8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.199.96.0/20 Signature Algorithm: sha256WithRSAEncryption 9a:fc:04:7d:97:c1:6c:8a:9c:54:a7:ef:7a:3c:05:8b:f9:cf: 03:b6:dc:da:2d:75:e9:a0:4d:32:03:a8:09:1b:af:59:66:42: a0:00:53:ea:d9:aa:ae:fb:69:0f:c0:55:6c:51:d9:57:72:3b: fc:c1:4e:4a:a4:23:8f:08:18:39:30:4c:cf:fd:24:ae:d3:b1: b5:ea:f7:85:f0:da:89:e7:0d:1c:da:bf:02:88:12:35:1e:81: 61:f4:f2:3e:9b:19:08:52:bd:21:ad:e8:a7:41:e4:de:57:6a: cc:b6:f0:f0:d0:e5:21:ba:c7:51:88:81:4a:9a:44:36:42:eb: f8:73:ba:b9:86:db:c8:f1:52:7b:27:83:d5:b2:50:2c:f2:5b: 8a:05:b8:ba:0a:ec:a2:48:f9:78:0a:e4:a5:d8:58:9b:d8:7e: 67:05:55:ac:4b:2a:3b:dc:82:d7:60:f5:32:5f:57:e6:9b:4f: 07:f0:6e:84:cd:4a:2b:52:eb:c8:29:89:03:c3:66:f0:d6:1e: 82:5f:e1:57:f6:8c:52:9a:4f:db:45:38:77:1b:c5:b8:fa:cd: f7:52:47:d3:63:82:81:2c:9b:d6:63:aa:da:2f:7a:25:7e:d1: c7:bc:ce:ee:eb:c1:00:b3:d5:72:75:2f:4b:04:ab:e9:82:6f: 63:3e:17:f4 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDRgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yNTAyMTAx NDA4MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI0MDIxMTUzOTU2Mjg3 MDY3ODJDMkRDQTcwNzdGMkNDQTFCQkMxMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCY1/qF5N+s8flo9oD7B4Dg10ooIQh1KLvIuJvsK4zGVao6e3VA vPzQeHRzIU4W5uRJ6rIB7pZJiU1y3iCg1CSR3RMpEDYUTB0PxXaWgTp7wWSHHM7L QcL7SGlrsOXJa1VRpwtwouDQ8Eg9OLfP5nwASURg0ZzSW2KoDyTYa8l8AV6JaWc7 S6t6bORpjTkfjRfvzSgmc5Qi++8kO8sdXodYh43/zu/wIaFXZvcHOHEIQysRw1B2 VhP7p2y7IGdf5V0RtdoSdlbW00d/dgBFkdNpBX61q7DJ8a4ujquDfPhbuutOPUBJ /9PzpvX2fpXFCWyVswIxVwkEywe4XZCn2NdDAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUJAIRU5VihwZ4LC3KcHfyzKG7wS8wHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ 7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL0pBSVJVNVZpaHdaNExDM0tjSGZ5ektH N3dTOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR8x2AwDQYJ KoZIhvcNAQELBQADggEBAJr8BH2XwWyKnFSn73o8BYv5zwO23NotdemgTTIDqAkb r1lmQqAAU+rZqq77aQ/AVWxR2VdyO/zBTkqkI48IGDkwTM/9JK7TsbXq94Xw2onn DRzavwKIEjUegWH08j6bGQhSvSGt6KdB5N5Xasy28PDQ5SG6x1GIgUqaRDZC6/hz urmG28jxUnsng9WyUCzyW4oFuLoK7KJI+XgK5KXYWJvYfmcFVaxLKjvcgtdg9TJf V+abTwfwboTNSitS68gpiQPDZvDWHoJf4Vf2jFKaT9tFOHcbxbj6zfdSR9NjgoEs m9ZjqtoveiV+0ce8zu7rwQCz1XJ1L0sEq+mCb2M+F/Q= -----END CERTIFICATE-----Generated at Tue Apr 22 14:59:30 2025 by rpki-client