$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sSGvnXodUrsdPHg4F1xXd5TvST0.roa File: sSGvnXodUrsdPHg4F1xXd5TvST0.roa (raw, json) Hash identifier: celgTx71MvL5iMCblI7DZ4Vhf4qIi68D+ztkxkYr2mI= Subject key identifier: B1:21:AF:9D:7A:1D:52:BB:1D:3C:78:38:17:5C:57:77:94:EF:49:3D Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 130D Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sSGvnXodUrsdPHg4F1xXd5TvST0.roa Signing time: Mon 10 Feb 2025 14:09:02 +0000 ROA not before: Mon 10 Feb 2025 14:09:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131628 IP address blocks: 175.99.224.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 21:06:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4877 (0x130d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Feb 10 14:09:02 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B121AF9D7A1D52BB1D3C7838175C577794EF493D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:31:b5:94:e9:78:8f:85:c9:43:ce:27:9c:18: ef:90:bb:fc:f9:72:30:16:55:78:4e:4b:a8:4a:0f: 80:82:36:4e:2c:5b:1a:31:a1:c9:21:69:e2:14:2a: bf:02:b2:2e:2c:8d:8a:94:11:96:8e:1b:96:db:32: 6e:fe:d0:88:51:db:8a:63:3e:c5:f2:e6:a0:c4:dd: a1:d3:b4:44:1c:8f:7d:8a:ef:99:f3:23:ef:3a:b3: c3:04:36:30:d1:f6:8f:94:cc:18:63:79:46:6c:ad: 53:3d:a3:8c:18:bc:6b:8e:ff:c7:ff:8e:d1:e7:50: a5:d2:13:af:31:31:5d:19:b3:c3:98:f8:04:63:19: d2:d5:39:96:fb:f4:6d:e1:ae:bc:d7:5a:60:12:0d: f0:95:30:74:57:45:17:ce:b8:c9:b7:56:37:a3:6e: a9:2c:52:d5:33:92:e5:21:2a:a8:bb:4b:7e:da:95: 26:22:99:e7:3d:03:d3:f3:f7:70:e4:a6:ef:3c:7b: 98:53:04:31:69:30:36:af:fc:5b:b3:4f:65:cc:21: 3e:77:9e:f7:ca:18:32:d4:96:71:d6:f3:8f:dc:4d: 69:bc:f9:aa:4d:77:1a:82:30:27:43:bc:13:ed:6f: d2:ca:c2:4e:5b:de:9c:04:4b:0c:b6:cb:6e:cc:82: 22:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:21:AF:9D:7A:1D:52:BB:1D:3C:78:38:17:5C:57:77:94:EF:49:3D X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sSGvnXodUrsdPHg4F1xXd5TvST0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 175.99.224.0/24 Signature Algorithm: sha256WithRSAEncryption 6b:7c:0b:4e:2d:c7:5c:f8:15:eb:4d:2b:af:d8:d3:59:cf:46: 3e:5b:1e:5e:59:1f:b2:a5:b3:1f:05:d1:cb:75:1c:36:aa:13: 33:01:4e:6b:fe:ae:2a:cc:ed:46:7e:e8:62:e6:d8:fc:a1:7b: 4c:c2:ea:b8:d0:e8:70:61:7e:31:14:95:33:2a:1b:70:8f:0e: 64:df:77:3d:52:37:35:89:3f:06:7c:41:33:5a:88:cd:80:17: db:f8:3d:dd:0d:e6:e2:53:dc:be:1b:c6:31:61:b4:2d:ef:bc: 56:f9:53:82:73:e3:66:fb:2f:f9:c4:cb:f5:36:d1:35:d1:9f: 89:16:99:be:7a:66:9b:14:35:9e:d1:37:c9:bd:0a:fc:55:df: db:d6:25:af:7b:67:61:cd:1c:b3:62:b8:1f:56:26:f3:97:4a: e1:a2:9d:86:10:20:2a:ce:ca:51:84:d5:2a:cf:84:d5:a4:c7: 11:18:7d:a7:8d:7f:05:aa:5c:75:98:ee:7e:4a:b0:e8:74:49: d0:68:0b:0f:91:d0:43:dc:23:32:62:fe:8b:de:26:0e:74:2a: 72:50:51:6d:2d:64:82:bf:79:6c:0b:5c:35:32:87:fb:c7:ce: 9e:bf:3f:2f:1c:b9:31:4f:67:ce:76:00:81:d9:23:9a:13:8f: d3:ca:bf:de -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx NDA5MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIxMjFBRjlEN0ExRDUy QkIxRDNDNzgzODE3NUM1Nzc3OTRFRjQ5M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8MbWU6XiPhclDziecGO+Qu/z5cjAWVXhOS6hKD4CCNk4sWxox ockhaeIUKr8Csi4sjYqUEZaOG5bbMm7+0IhR24pjPsXy5qDE3aHTtEQcj32K75nz I+86s8MENjDR9o+UzBhjeUZsrVM9o4wYvGuO/8f/jtHnUKXSE68xMV0Zs8OY+ARj GdLVOZb79G3hrrzXWmASDfCVMHRXRRfOuMm3VjejbqksUtUzkuUhKqi7S37alSYi mec9A9Pz93Dkpu88e5hTBDFpMDav/FuzT2XMIT53nvfKGDLUlnHW84/cTWm8+apN dxqCMCdDvBPtb9LKwk5b3pwESwy2y27MgiIPAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUsSGvnXodUrsdPHg4F1xXd5TvST0wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvc1NHdm5Yb2RVcnNkUEhn NEYxeFhkNVR2U1QwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AK9j4DANBgkqhkiG9w0BAQsFAAOCAQEAa3wLTi3HXPgV600rr9jTWc9GPlseXlkf sqWzHwXRy3UcNqoTMwFOa/6uKsztRn7oYubY/KF7TMLquNDocGF+MRSVMyobcI8O ZN93PVI3NYk/BnxBM1qIzYAX2/g93Q3m4lPcvhvGMWG0Le+8VvlTgnPjZvsv+cTL 9TbRNdGfiRaZvnpmmxQ1ntE3yb0K/FXf29Ylr3tnYc0cs2K4H1Ym85dK4aKdhhAg Ks7KUYTVKs+E1aTHERh9p41/BapcdZjufkqw6HRJ0GgLD5HQQ9wjMmL+i94mDnQq clBRbS1kgr95bAtcNTKH+8fOnr8/Lxy5MU9nznYAgdkjmhOP08q/3g== -----END CERTIFICATE-----Generated at Tue Apr 8 16:56:36 2025 by rpki-client