$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/icJfYpIQH2DbBMM4UrAQ9cGoOhA.roa File: icJfYpIQH2DbBMM4UrAQ9cGoOhA.roa (raw, json) Hash identifier: CDsd8sCsUoopPDwo6FQuvBqfiV3V9errSwsfa30pSyw= Subject key identifier: 89:C2:5F:62:92:10:1F:60:DB:04:C3:38:52:B0:10:F5:C1:A8:3A:10 Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0D6F Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/icJfYpIQH2DbBMM4UrAQ9cGoOhA.roa Signing time: Mon 10 Feb 2025 14:13:20 +0000 ROA not before: Mon 10 Feb 2025 14:13:20 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131596 IP address blocks: 61.58.64.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 22:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3439 (0xd6f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Feb 10 14:13:20 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=89C25F6292101F60DB04C33852B010F5C1A83A10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:02:02:3f:36:54:29:0f:61:b1:96:94:21:6d: 66:01:1c:07:c6:c7:c2:b0:2d:ba:7d:6f:0e:aa:5a: ec:c5:9c:09:02:69:0a:8b:c0:9d:9a:4e:d8:16:8f: 95:62:0e:97:df:b1:d4:e5:22:76:5c:74:d2:91:7d: 23:f2:89:46:2f:47:d5:7b:6e:aa:ca:ed:ac:86:df: 22:dc:a0:24:de:61:b4:26:76:9d:a9:98:b7:67:15: e7:a7:d0:f3:5a:af:27:b9:c0:db:20:ca:4d:76:50: b1:eb:01:d7:99:58:14:ca:b2:f1:d9:11:c0:b2:54: 9d:c0:ed:3b:88:eb:62:d6:7e:32:40:eb:14:87:a6: 70:dc:e0:c7:37:ca:33:1e:c9:ae:bf:e7:65:23:3a: 0f:10:59:6b:ce:4a:de:86:d1:3f:8c:e8:68:3a:df: bc:37:70:43:80:5b:60:79:de:25:fb:ff:96:fc:59: 24:5d:cb:0a:1f:4f:a5:c9:e8:90:8c:36:ad:d9:1c: 95:df:9e:4d:25:2c:e6:46:b4:ee:ad:1f:34:19:0a: 52:3b:ee:47:90:75:69:a8:01:1b:34:ba:6b:ea:3e: 2c:a9:1d:7a:be:dd:d0:8a:76:a5:24:0c:ac:4e:b6: a6:f5:3c:0a:83:b8:f5:3f:ac:d5:bd:97:fe:30:af: 02:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:C2:5F:62:92:10:1F:60:DB:04:C3:38:52:B0:10:F5:C1:A8:3A:10 X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/icJfYpIQH2DbBMM4UrAQ9cGoOhA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.58.64.0/21 Signature Algorithm: sha256WithRSAEncryption 7a:9d:d6:55:1e:1f:78:95:df:af:18:fa:f7:b2:c0:26:2a:5e: 68:85:0b:cc:60:cb:91:bc:15:d5:36:9d:19:39:17:d8:75:77: ea:c1:bc:5c:06:3c:85:b4:c9:18:0a:46:3f:b1:a1:20:f4:b6: 99:74:b4:80:cb:79:ab:a1:e4:33:73:3d:04:f4:c2:b2:d7:70: 26:f0:4a:be:aa:f3:74:83:16:55:cf:f4:1f:b9:8f:c3:5a:34: a8:48:de:24:1b:4c:0a:ff:5d:bb:12:0b:5d:ea:d1:59:5b:75: df:5c:2c:07:49:2d:f0:c5:92:55:59:97:69:70:f1:46:59:97: 04:2a:5b:e8:85:d0:6f:80:21:ce:1a:ca:32:f0:25:0d:8f:23: fa:93:53:ec:83:07:bd:f2:a0:c7:b0:49:7a:aa:ae:c3:55:74: 55:08:1a:b1:a8:3b:4a:e8:ad:62:be:e4:2b:c7:15:1b:60:fc: d1:12:8a:71:7e:59:61:1f:59:22:90:17:11:fc:df:3b:8d:86: 28:59:2c:ec:f1:ef:60:2e:71:f6:02:e6:95:48:3c:51:80:f2: 0f:cb:94:ae:03:d6:b0:ea:93:f0:19:62:7d:4e:98:ea:e4:3f: ea:cc:89:6b:13:ab:c2:51:47:5e:2d:40:65:20:b8:74:8a:98: f9:23:6b:2c -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDW8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx NDEzMjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5QzI1RjYyOTIxMDFG NjBEQjA0QzMzODUyQjAxMEY1QzFBODNBMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWAgI/NlQpD2GxlpQhbWYBHAfGx8KwLbp9bw6qWuzFnAkCaQqL wJ2aTtgWj5ViDpffsdTlInZcdNKRfSPyiUYvR9V7bqrK7ayG3yLcoCTeYbQmdp2p mLdnFeen0PNarye5wNsgyk12ULHrAdeZWBTKsvHZEcCyVJ3A7TuI62LWfjJA6xSH pnDc4Mc3yjMeya6/52UjOg8QWWvOSt6G0T+M6Gg637w3cEOAW2B53iX7/5b8WSRd ywofT6XJ6JCMNq3ZHJXfnk0lLOZGtO6tHzQZClI77keQdWmoARs0umvqPiypHXq+ 3dCKdqUkDKxOtqb1PAqDuPU/rNW9l/4wrwINAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUicJfYpIQH2DbBMM4UrAQ9cGoOhAwHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9pY0pmWXBJUUgyRGJCTU00VXJB UTljR29PaEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTpA MA0GCSqGSIb3DQEBCwUAA4IBAQB6ndZVHh94ld+vGPr3ssAmKl5ohQvMYMuRvBXV Np0ZORfYdXfqwbxcBjyFtMkYCkY/saEg9LaZdLSAy3mroeQzcz0E9MKy13Am8Eq+ qvN0gxZVz/QfuY/DWjSoSN4kG0wK/127Egtd6tFZW3XfXCwHSS3wxZJVWZdpcPFG WZcEKlvohdBvgCHOGsoy8CUNjyP6k1Psgwe98qDHsEl6qq7DVXRVCBqxqDtK6K1i vuQrxxUbYPzREopxfllhH1kikBcR/N87jYYoWSzs8e9gLnH2AuaVSDxRgPIPy5Su A9aw6pPwGWJ9Tpjq5D/qzIlrE6vCUUdeLUBlILh0ipj5I2ss -----END CERTIFICATE-----Generated at Fri Apr 18 22:45:23 2025 by rpki-client