$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/AmN3C7dalDhMS90TWOr-0Vmy4nI.roa File: AmN3C7dalDhMS90TWOr-0Vmy4nI.roa (raw, json) Hash identifier: +XvXAx3u+R7fspcyaYKvBqpQzN2MoUV7y4tTd/GPkHs= Subject key identifier: 02:63:77:0B:B7:5A:94:38:4C:4B:DD:13:58:EA:FE:D1:59:B2:E2:72 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E44 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/AmN3C7dalDhMS90TWOr-0Vmy4nI.roa Signing time: Mon 10 Feb 2025 14:03:22 +0000 ROA not before: Mon 10 Feb 2025 14:03:22 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 124.155.176.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3652 (0xe44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:22 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0263770BB75A94384C4BDD1358EAFED159B2E272 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:cf:d7:88:ea:32:9f:f1:06:0a:09:80:27:d1: 66:f2:85:ea:42:cb:2f:69:bb:6a:b5:8b:8e:90:ef: 3d:98:29:e9:4a:e7:ac:88:aa:a1:e6:bf:25:eb:1a: 1d:91:e8:30:52:04:91:4a:17:bd:7c:ed:ef:14:9c: d5:d1:5b:ca:c8:26:54:95:3b:e7:0f:37:54:f9:c1: fe:df:85:6d:3e:05:c4:df:8d:42:ea:79:fc:00:08: b3:af:86:d9:e0:97:7c:58:43:93:f1:48:11:48:66: 72:ad:8f:f3:6e:c8:ab:21:93:14:48:30:e6:b4:c5: 2c:bc:e6:dc:21:71:2b:ad:9a:be:b5:4d:5a:83:e8: ae:11:97:a1:e3:9c:aa:54:e1:6c:59:38:89:3e:3a: 6b:4b:1f:b5:e4:3a:55:e7:94:75:68:34:74:95:1a: 2d:ea:02:69:7a:05:51:37:dd:1c:bb:1b:6c:80:e2: 82:3a:8f:f6:28:c1:54:14:23:0d:86:aa:c0:cf:75: f7:fe:3e:55:c9:50:28:95:83:b0:ef:d6:60:32:71: 6a:25:9d:b3:7a:a1:3d:8e:98:d1:0d:3b:15:49:ac: 9f:65:5f:1f:7f:f2:bb:ef:4c:d1:97:f8:07:62:56: 97:c4:14:bc:1d:f6:9a:50:08:33:80:cf:a7:7b:c0: 29:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:63:77:0B:B7:5A:94:38:4C:4B:DD:13:58:EA:FE:D1:59:B2:E2:72 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/AmN3C7dalDhMS90TWOr-0Vmy4nI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.155.176.0/21 Signature Algorithm: sha256WithRSAEncryption 34:55:b5:1d:23:bd:35:bc:a3:bd:20:60:9f:3b:91:e2:5d:87: 31:3c:25:fb:58:2c:6c:73:2d:d7:e6:47:33:fd:ba:43:a1:ea: ba:68:c8:74:5b:e2:08:61:a4:6f:f6:e8:0e:5b:55:ac:dd:6f: 2b:f4:71:b2:9f:a4:1b:2b:d8:13:71:ff:e5:d2:1b:c8:e6:31: 43:f4:25:bd:fc:c5:02:f4:81:dc:f7:8b:1d:53:2d:6b:6c:f9: dd:25:ce:d1:c8:d1:67:19:6f:fd:82:d7:2b:a4:37:49:ba:8b: 81:1d:6a:d5:98:43:3f:c3:fa:45:1c:4e:cf:3d:68:13:30:1a: 0d:80:f7:a6:99:74:11:c3:5e:f7:2e:e1:5c:bc:7c:32:65:6d: 29:d6:af:12:c8:18:08:f6:42:a3:c6:6e:bf:70:37:33:e6:fd: 1e:f5:38:e7:9e:36:ea:d5:77:3c:b4:84:b5:da:fa:e9:78:6b: e9:e0:03:62:f1:2a:c0:3b:78:a7:80:0f:22:49:87:7f:1e:11: 15:18:9b:f7:8a:0d:6d:cf:02:33:2e:2b:b1:ec:fd:56:f9:b8: f5:6a:f3:7c:77:76:9a:8f:0e:1d:44:ef:04:c3:e6:81:c8:3e: b1:1f:71:12:be:b5:c5:b9:84:3c:21:b0:b3:7b:c8:d3:4d:b5: cd:88:8b:36 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDAyNjM3NzBCQjc1QTk0 Mzg0QzRCREQxMzU4RUFGRUQxNTlCMkUyNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGz9eI6jKf8QYKCYAn0WbyhepCyy9pu2q1i46Q7z2YKelK56yI qqHmvyXrGh2R6DBSBJFKF7187e8UnNXRW8rIJlSVO+cPN1T5wf7fhW0+BcTfjULq efwACLOvhtngl3xYQ5PxSBFIZnKtj/NuyKshkxRIMOa0xSy85twhcSutmr61TVqD 6K4Rl6HjnKpU4WxZOIk+OmtLH7XkOlXnlHVoNHSVGi3qAml6BVE33Ry7G2yA4oI6 j/YowVQUIw2GqsDPdff+PlXJUCiVg7Dv1mAycWolnbN6oT2OmNENOxVJrJ9lXx9/ 8rvvTNGX+AdiVpfEFLwd9ppQCDOAz6d7wCmzAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUAmN3C7dalDhMS90TWOr+0Vmy4nIwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9BbU4zQzdkYWxEaE1TOTBUV09y LTBWbXk0bkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJuw MA0GCSqGSIb3DQEBCwUAA4IBAQA0VbUdI701vKO9IGCfO5HiXYcxPCX7WCxscy3X 5kcz/bpDoeq6aMh0W+IIYaRv9ugOW1Ws3W8r9HGyn6QbK9gTcf/l0hvI5jFD9CW9 /MUC9IHc94sdUy1rbPndJc7RyNFnGW/9gtcrpDdJuouBHWrVmEM/w/pFHE7PPWgT MBoNgPemmXQRw173LuFcvHwyZW0p1q8SyBgI9kKjxm6/cDcz5v0e9Tjnnjbq1Xc8 tIS12vrpeGvp4ANi8SrAO3ingA8iSYd/HhEVGJv3ig1tzwIzLiux7P1W+bj1avN8 d3aajw4dRO8Ew+aByD6xH3ESvrXFuYQ8IbCze8jTTbXNiIs2 -----END CERTIFICATE-----Generated at Wed Feb 19 22:04:42 2025 by rpki-client