$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/Hm6pvMtSNZJ55uMlcTR9v3r55l8.roa File: Hm6pvMtSNZJ55uMlcTR9v3r55l8.roa (raw, json) Hash identifier: Wv8bWwTgCbBBcRcISBLPEy1yk1kzS4wcPvIt2gCEtas= Subject key identifier: 1E:6E:A9:BC:CB:52:35:92:79:E6:E3:25:71:34:7D:BF:7A:F9:E6:5F Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E55 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Hm6pvMtSNZJ55uMlcTR9v3r55l8.roa Signing time: Mon 10 Feb 2025 14:03:25 +0000 ROA not before: Mon 10 Feb 2025 14:03:25 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 27.147.0.0/21 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3669 (0xe55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:25 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1E6EA9BCCB52359279E6E32571347DBF7AF9E65F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:12:30:58:68:e6:b1:b4:ee:2c:2e:61:76:57: 9f:0c:bd:5b:78:a9:3c:1d:79:e3:7b:d6:00:12:12: 4a:5a:85:c9:bd:3a:af:d1:fd:db:13:55:b0:f2:42: 77:fa:e1:8c:78:04:9d:be:f0:65:c6:29:51:39:44: 15:98:22:49:59:a2:ac:fd:17:30:f4:07:0d:3c:38: 0b:ba:d0:7f:25:c1:b4:fd:e7:91:73:a9:73:99:2d: f4:bc:ea:ff:76:9b:26:5b:39:b2:b5:8f:9c:47:6a: b2:0b:18:ab:8e:5e:cf:7d:27:35:34:c7:6d:9a:5e: f9:d5:3c:c2:e6:81:a6:48:a0:4f:12:2a:1a:eb:21: 36:e2:58:e2:f2:38:8d:3e:2e:fa:04:9b:1c:c2:9a: e4:7b:85:44:70:7b:90:4c:fe:b2:15:c5:e2:e4:15: cc:a8:31:3e:fd:8d:79:57:fd:65:08:51:ce:da:71: 9d:ab:d1:b8:64:86:06:a4:9a:7f:b9:a6:1e:68:9e: e1:53:b5:d6:f8:b1:c8:ba:c3:cf:98:cb:b2:21:36: 8b:1d:03:29:aa:f3:0c:ac:dd:10:4c:c5:64:6b:41: 35:97:c7:3e:a9:78:65:21:71:51:7f:48:39:54:cf: 66:ce:97:ee:cf:26:36:61:a2:13:2f:ff:06:ed:08: e0:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:6E:A9:BC:CB:52:35:92:79:E6:E3:25:71:34:7D:BF:7A:F9:E6:5F X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Hm6pvMtSNZJ55uMlcTR9v3r55l8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.147.0.0/21 Signature Algorithm: sha256WithRSAEncryption 33:ff:e6:a9:ef:e0:4c:95:75:2d:f4:e2:3b:04:7e:70:aa:c8: d9:06:a3:73:b4:1c:64:7e:fd:41:9c:7d:f1:b7:e0:ed:aa:54: e7:ca:71:f1:92:00:ff:1c:35:46:ac:7f:02:35:fa:3f:05:a2: c2:2a:52:01:45:9e:69:25:e8:e4:8a:67:80:29:24:c1:d0:1d: e8:54:22:bf:a7:9f:72:de:f2:89:1f:ce:60:a1:bc:d1:b2:c6: af:ce:d7:ca:d1:5c:b3:b4:55:49:71:b9:b9:f8:46:c3:6b:8b: ad:da:af:4e:c1:c1:47:f8:b3:6b:b5:53:6c:53:4a:13:7c:f7: 1a:eb:5c:e6:8f:17:a2:e2:b5:a5:0c:50:17:06:9d:54:5f:90: 86:5b:ef:1a:e8:38:29:4d:1a:97:8b:78:ee:31:21:52:27:a8: 6d:79:ab:24:c7:92:49:90:58:9b:fe:a3:41:0f:9d:7e:4a:b6: eb:09:d4:04:8a:ec:7f:a6:eb:29:17:81:37:d8:87:0a:c5:d1: 1d:14:8e:85:08:08:7d:df:41:97:fe:fd:43:4c:15:3d:2c:80: b4:3f:50:1e:88:48:50:08:5c:76:6a:83:f0:93:2b:cd:f0:72: ea:b9:8e:d3:95:bb:49:1a:fe:4a:67:a7:05:c8:c4:52:07:e4: dc:1d:ee:fe -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFNkVBOUJDQ0I1MjM1 OTI3OUU2RTMyNTcxMzQ3REJGN0FGOUU2NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuEjBYaOaxtO4sLmF2V58MvVt4qTwdeeN71gASEkpahcm9Oq/R /dsTVbDyQnf64Yx4BJ2+8GXGKVE5RBWYIklZoqz9FzD0Bw08OAu60H8lwbT955Fz qXOZLfS86v92myZbObK1j5xHarILGKuOXs99JzU0x22aXvnVPMLmgaZIoE8SKhrr ITbiWOLyOI0+LvoEmxzCmuR7hURwe5BM/rIVxeLkFcyoMT79jXlX/WUIUc7acZ2r 0bhkhgakmn+5ph5onuFTtdb4sci6w8+Yy7IhNosdAymq8wys3RBMxWRrQTWXxz6p eGUhcVF/SDlUz2bOl+7PJjZhohMv/wbtCOBVAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUHm6pvMtSNZJ55uMlcTR9v3r55l8wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9IbTZwdk10U05aSjU1dU1sY1RS OXYzcjU1bDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MA MA0GCSqGSIb3DQEBCwUAA4IBAQAz/+ap7+BMlXUt9OI7BH5wqsjZBqNztBxkfv1B nH3xt+DtqlTnynHxkgD/HDVGrH8CNfo/BaLCKlIBRZ5pJejkimeAKSTB0B3oVCK/ p59y3vKJH85gobzRssavztfK0VyztFVJcbm5+EbDa4ut2q9OwcFH+LNrtVNsU0oT fPca61zmjxei4rWlDFAXBp1UX5CGW+8a6DgpTRqXi3juMSFSJ6hteaskx5JJkFib /qNBD51+SrbrCdQEiux/puspF4E32IcKxdEdFI6FCAh930GX/v1DTBU9LIC0P1Ae iEhQCFx2aoPwkyvN8HLquY7TlbtJGv5KZ6cFyMRSB+TcHe7+ -----END CERTIFICATE-----Generated at Wed Feb 19 22:08:26 2025 by rpki-client