$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/ciru1rpoutQlXOtJdiM27oK93fs.roa File: ciru1rpoutQlXOtJdiM27oK93fs.roa (raw, json) Hash identifier: WMIxprQ2XFLPzgvC22DVbXoBQnCPjO96rJoPA3pdlPk= Subject key identifier: 72:2A:EE:D6:BA:68:BA:D4:25:5C:EB:49:76:23:36:EE:82:BD:DD:FB Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0D5C Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/ciru1rpoutQlXOtJdiM27oK93fs.roa Signing time: Mon 10 Feb 2025 14:13:14 +0000 ROA not before: Mon 10 Feb 2025 14:13:14 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131596 IP address blocks: 116.241.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 21:18:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3420 (0xd5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Feb 10 14:13:14 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=722AEED6BA68BAD4255CEB49762336EE82BDDDFB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3a:39:dd:2e:ff:bb:9b:b3:d6:78:93:d4:ac: fe:e7:d7:b6:df:09:4d:50:51:de:d5:13:8c:c3:29: 8b:66:49:e0:8f:d8:1d:b9:84:dd:88:d7:e1:ef:71: f7:91:33:0d:c4:ec:36:b6:29:58:fc:63:11:b4:da: e8:5d:95:c5:f0:6d:d9:ec:e9:69:c4:50:9c:da:1d: ba:5f:38:b0:df:51:c7:ce:a7:e2:cd:67:83:61:d0: 91:cd:eb:00:35:82:a6:9a:77:26:45:05:2e:99:ae: 95:a0:c5:e0:e0:ff:81:9c:22:db:cf:e8:de:15:54: c2:ca:c0:be:0c:dc:3d:b2:67:ba:30:0a:fb:99:8b: 63:4e:b1:a4:04:df:c0:14:a2:4e:85:c5:e3:d5:d4: 2e:77:4c:6a:26:1a:8b:3d:c0:73:04:eb:4b:0a:53: 55:d7:e3:e2:6b:44:1a:0c:c6:b5:a8:11:05:ed:0d: 8a:7e:8e:64:55:f3:9c:48:4f:a9:2d:ae:22:a9:9f: 78:58:b9:68:9c:53:40:c5:95:6d:19:76:70:e2:9e: 8d:2b:14:5a:22:a9:53:be:62:f3:0e:41:df:f4:03: bb:e9:56:87:1c:69:53:a5:6c:1a:7a:0a:f5:a4:e0: f9:de:46:4d:86:1b:d0:ce:5e:bb:94:92:3c:9c:c2: ae:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:2A:EE:D6:BA:68:BA:D4:25:5C:EB:49:76:23:36:EE:82:BD:DD:FB X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/ciru1rpoutQlXOtJdiM27oK93fs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 116.241.0.0/16 Signature Algorithm: sha256WithRSAEncryption a3:81:3b:ea:81:f4:37:36:5f:33:7c:14:d6:f7:85:d2:6c:01: 66:2e:34:d1:e1:2b:ba:33:c9:8a:b7:02:96:56:18:8c:97:c7: 65:b9:30:27:a8:79:98:7a:2e:72:2e:fe:40:d8:39:6f:1c:92: 8f:30:bd:a6:ef:6d:69:55:5b:6e:f0:d0:8c:73:7d:b5:08:b4: 2a:5b:2c:4f:15:9e:d6:95:bc:db:d1:1d:97:d5:8d:3c:cd:0d: a6:1e:cf:8d:91:b6:9b:60:6e:a4:ef:a3:31:9f:d9:bd:b3:9e: e7:47:a9:8a:1f:96:97:68:ec:17:8a:91:ce:64:7b:54:bc:91: 92:41:38:e7:f7:69:34:95:b4:f5:78:28:f1:d1:df:2c:37:eb: 0f:0a:83:c2:0c:50:90:1b:86:c7:69:c4:65:47:1c:43:ef:43: 14:a7:06:f9:76:7a:ee:9e:bb:dc:53:9e:34:4b:b1:30:8f:0a: db:93:ab:f0:59:bb:a2:f5:35:66:30:c2:68:60:bc:5b:55:4a: 66:19:0d:7e:8a:2c:56:e7:66:b7:23:d7:f3:a4:ae:e2:53:8a: 14:96:83:6a:38:76:df:fb:1a:38:98:91:7d:1f:02:a9:af:7b: 32:69:18:f1:54:68:cd:37:ca:da:de:62:01:62:23:f0:db:8a: d9:3c:c0:57 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDVwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx NDEzMTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcyMkFFRUQ2QkE2OEJB RDQyNTVDRUI0OTc2MjMzNkVFODJCRERERkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzOjndLv+7m7PWeJPUrP7n17bfCU1QUd7VE4zDKYtmSeCP2B25 hN2I1+HvcfeRMw3E7Da2KVj8YxG02uhdlcXwbdns6WnEUJzaHbpfOLDfUcfOp+LN Z4Nh0JHN6wA1gqaadyZFBS6ZrpWgxeDg/4GcItvP6N4VVMLKwL4M3D2yZ7owCvuZ i2NOsaQE38AUok6FxePV1C53TGomGos9wHME60sKU1XX4+JrRBoMxrWoEQXtDYp+ jmRV85xIT6ktriKpn3hYuWicU0DFlW0ZdnDino0rFFoiqVO+YvMOQd/0A7vpVocc aVOlbBp6CvWk4PneRk2GG9DOXruUkjycwq4HAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUciru1rpoutQlXOtJdiM27oK93fswHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9jaXJ1MXJwb3V0UWxYT3RKZGlN MjdvSzkzZnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAdPEw DQYJKoZIhvcNAQELBQADggEBAKOBO+qB9Dc2XzN8FNb3hdJsAWYuNNHhK7ozyYq3 ApZWGIyXx2W5MCeoeZh6LnIu/kDYOW8cko8wvabvbWlVW27w0IxzfbUItCpbLE8V ntaVvNvRHZfVjTzNDaYez42RtptgbqTvozGf2b2znudHqYoflpdo7BeKkc5ke1S8 kZJBOOf3aTSVtPV4KPHR3yw36w8Kg8IMUJAbhsdpxGVHHEPvQxSnBvl2eu6eu9xT njRLsTCPCtuTq/BZu6L1NWYwwmhgvFtVSmYZDX6KLFbnZrcj1/OkruJTihSWg2o4 dt/7GjiYkX0fAqmvezJpGPFUaM03ytreYgFiI/Dbitk8wFc= -----END CERTIFICATE-----Generated at Tue Apr 22 20:29:52 2025 by rpki-client