$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/KdQpVoFev0RLtAdoRgMnSEVLA9Y.roa File: KdQpVoFev0RLtAdoRgMnSEVLA9Y.roa (raw, json) Hash identifier: GbHrP4b/lSe0rDFj7rhKJCerF/xF5+yjUOliojpQYg8= Subject key identifier: 29:D4:29:56:81:5E:BF:44:4B:B4:07:68:46:03:27:48:45:4B:03:D6 Certificate issuer: /CN=B2CA39D8D17B10D97D5A51E0EA2F9FB1BC40CD90 Certificate serial: 0D67 Authority key identifier: B2:CA:39:D8:D1:7B:10:D9:7D:5A:51:E0:EA:2F:9F:B1:BC:40:CD:90 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/sso52NF7ENl9WlHg6i-fsbxAzZA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/KdQpVoFev0RLtAdoRgMnSEVLA9Y.roa Signing time: Mon 10 Feb 2025 13:58:40 +0000 ROA not before: Mon 10 Feb 2025 13:58:40 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24158 IP address blocks: 124.29.160.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/sso52NF7ENl9WlHg6i-fsbxAzZA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/sso52NF7ENl9WlHg6i-fsbxAzZA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/sso52NF7ENl9WlHg6i-fsbxAzZA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 19:08:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3431 (0xd67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B2CA39D8D17B10D97D5A51E0EA2F9FB1BC40CD90 Validity Not Before: Feb 10 13:58:40 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=29D42956815EBF444BB4076846032748454B03D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:97:36:48:dd:24:28:b7:22:81:88:9a:fc:8c: 69:c8:39:31:ef:e9:bf:5b:5c:23:31:dc:b8:5e:7b: eb:99:b8:a8:da:65:16:f2:10:21:55:ae:4f:39:6e: 15:c1:1c:84:e7:42:88:2d:1d:b4:d2:18:99:ee:f7: 94:90:d3:af:04:12:9f:c0:f0:db:f2:75:24:ab:02: 8a:98:60:31:8a:df:a1:e0:74:7f:52:87:d1:8a:54: eb:43:ce:83:2f:f0:2c:df:4e:6e:40:fc:27:cf:3c: b1:38:e6:54:1d:e1:7f:f9:54:fe:ee:e7:3d:98:19: d0:29:20:1f:9d:ef:6d:ff:42:e8:1d:05:b0:41:23: 36:44:9d:c7:2c:f3:db:31:42:cd:d7:d8:a8:4a:0d: e0:92:2d:70:35:34:a7:e7:9c:63:65:5f:1a:0d:5b: 3e:2e:8c:79:94:3d:96:43:89:b5:ef:26:52:e5:e0: 8a:41:27:ef:b8:f6:70:fc:05:dd:f6:dd:42:6e:74: fd:d6:9d:98:39:73:38:64:e3:09:17:e0:d8:d3:95: ce:d5:4c:46:e3:66:11:17:7a:ba:3e:65:8e:9b:40: 6a:88:67:58:3b:a5:01:7f:b4:a2:7f:1f:0a:51:87: 9d:52:8f:aa:3c:4a:22:2b:8d:4c:31:79:a4:af:36: f1:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:D4:29:56:81:5E:BF:44:4B:B4:07:68:46:03:27:48:45:4B:03:D6 X509v3 Authority Key Identifier: keyid:B2:CA:39:D8:D1:7B:10:D9:7D:5A:51:E0:EA:2F:9F:B1:BC:40:CD:90 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/sso52NF7ENl9WlHg6i-fsbxAzZA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/sso52NF7ENl9WlHg6i-fsbxAzZA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIWANMOBILE/KdQpVoFev0RLtAdoRgMnSEVLA9Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.29.160.0/19 Signature Algorithm: sha256WithRSAEncryption 3d:03:50:ef:86:3b:43:02:d8:80:7a:1d:39:ae:b7:0c:02:f6: 55:b9:4b:06:7c:6b:08:d3:82:71:cb:29:d3:7e:d1:82:30:cc: 7e:57:e5:e8:82:ed:b3:ca:3a:c0:86:36:77:b3:05:2e:a5:95: c7:df:37:2c:94:d1:93:f7:4f:70:2e:79:73:7c:36:ec:73:21: e9:21:b0:a0:9d:3b:3e:bc:32:86:98:9c:1e:22:29:a9:ef:32: c0:88:49:f1:7b:98:1d:06:60:8c:52:6e:db:10:e5:c0:8f:1f: 41:58:3e:16:79:f8:66:eb:28:7f:17:5d:ec:fc:57:b3:29:58: 7a:f2:f0:5f:47:52:f2:bd:44:50:ee:eb:00:b1:25:3e:32:8e: ff:2d:8f:37:f6:e7:79:d4:cf:0b:ef:19:f1:31:e8:67:13:39: 39:ad:83:1e:63:37:4f:72:d1:7e:dd:2b:6c:56:63:16:cf:cc: e0:41:62:80:d0:2a:6d:c3:45:92:a3:82:18:e3:cd:cd:b0:39: 40:31:6b:39:04:bb:d8:1c:ce:d7:aa:ab:b9:0e:c2:8f:64:64: 03:2e:23:af:ce:e9:58:aa:d5:e5:da:1c:d4:d1:bc:cc:41:d0: 01:9d:26:da:27:68:7b:93:5b:6a:da:ab:4a:03:25:0e:08:56: c7:5c:fd:ea -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgICDWcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjJD QTM5RDhEMTdCMTBEOTdENUE1MUUwRUEyRjlGQjFCQzQwQ0Q5MDAeFw0yNTAyMTAx MzU4NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5RDQyOTU2ODE1RUJG NDQ0QkI0MDc2ODQ2MDMyNzQ4NDU0QjAzRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7lzZI3SQotyKBiJr8jGnIOTHv6b9bXCMx3Lhee+uZuKjaZRby ECFVrk85bhXBHITnQogtHbTSGJnu95SQ068EEp/A8NvydSSrAoqYYDGK36HgdH9S h9GKVOtDzoMv8CzfTm5A/CfPPLE45lQd4X/5VP7u5z2YGdApIB+d723/QugdBbBB IzZEnccs89sxQs3X2KhKDeCSLXA1NKfnnGNlXxoNWz4ujHmUPZZDibXvJlLl4IpB J++49nD8Bd323UJudP3WnZg5czhk4wkX4NjTlc7VTEbjZhEXero+ZY6bQGqIZ1g7 pQF/tKJ/HwpRh51Sj6o8SiIrjUwxeaSvNvFpAgMBAAGjggH6MIIB9jAdBgNVHQ4E FgQUKdQpVoFev0RLtAdoRgMnSEVLA9YwHwYDVR0jBBgwFoAUsso52NF7ENl9WlHg 6i+fsbxAzZAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBiBgNVHR8EWzBZMFeg VaBThlFyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJV0FO TU9CSUxFL3NzbzUyTkY3RU5sOVdsSGc2aS1mc2J4QXpaQS5jcmwwYAYIKwYBBQUH AQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtp L1RXTklDQ0Evc3NvNTJORjdFTmw5V2xIZzZpLWZzYnhBelpBLmNlcjAOBgNVHQ8B Af8EBAMCB4AwgaIGCCsGAQUFBwELBIGVMIGSMF0GCCsGAQUFBzALhlFyc3luYzov L3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJV0FOTU9CSUxFL0tkUXBW b0ZldjBSTHRBZG9SZ01uU0VWTEE5WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8v cnJkcC50d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAO MAwEAgABMAYDBAV8HaAwDQYJKoZIhvcNAQELBQADggEBAD0DUO+GO0MC2IB6HTmu twwC9lW5SwZ8awjTgnHLKdN+0YIwzH5X5eiC7bPKOsCGNnezBS6llcffNyyU0ZP3 T3AueXN8NuxzIekhsKCdOz68MoaYnB4iKanvMsCISfF7mB0GYIxSbtsQ5cCPH0FY PhZ5+GbrKH8XXez8V7MpWHry8F9HUvK9RFDu6wCxJT4yjv8tjzf253nUzwvvGfEx 6GcTOTmtgx5jN09y0X7dK2xWYxbPzOBBYoDQKm3DRZKjghjjzc2wOUAxazkEu9gc zteqq7kOwo9kZAMuI6/O6Viq1eXaHNTRvMxB0AGdJtonaHuTW2raq0oDJQ4IVsdc /eo= -----END CERTIFICATE-----Generated at Wed Apr 16 18:14:31 2025 by rpki-client