$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/NRr9kewH4TDu0GFnDWbVaae0BD8.roa File: NRr9kewH4TDu0GFnDWbVaae0BD8.roa (raw, json) Hash identifier: bMZkXvdeRiTJj6MND+oHTjoUY9Sv7vYgL33mhheEvgM= Subject key identifier: 35:1A:FD:91:EC:07:E1:30:EE:D0:61:67:0D:66:D5:69:A7:B4:04:3F Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E5B Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/NRr9kewH4TDu0GFnDWbVaae0BD8.roa Signing time: Mon 10 Feb 2025 14:03:26 +0000 ROA not before: Mon 10 Feb 2025 14:03:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 61.57.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3675 (0xe5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:26 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=351AFD91EC07E130EED061670D66D569A7B4043F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:bf:ab:16:11:47:17:f5:9f:b7:d2:21:7f:67: 7c:01:7a:3b:00:d6:df:ed:72:eb:21:96:5d:72:0f: 92:68:34:29:ef:ea:9b:f4:4e:aa:14:13:1a:69:84: 1a:61:d6:22:38:eb:ae:89:8f:18:58:26:c6:df:e5: bc:a9:a2:31:8f:58:e7:78:1f:d1:26:d8:03:e7:84: 3b:37:5f:2d:9d:81:ff:6a:10:78:99:30:30:bb:f3: b8:5c:a8:a4:5e:f0:3d:13:63:19:03:e7:0a:f1:e0: 9b:2c:c5:fd:06:ee:71:a7:f9:07:43:2e:96:a2:d4: a8:f9:9c:b1:57:5d:8b:c6:24:70:f0:ac:69:9f:9d: 5e:79:b4:24:48:39:a9:47:27:c7:ba:8a:c7:36:5c: d0:5b:a8:7c:7d:ee:5e:fa:2e:37:0f:23:82:11:ec: e1:5d:32:e2:dd:05:49:5d:43:e0:89:41:b6:20:a7: 76:44:60:8c:7b:85:a9:85:c2:d3:a1:78:bb:be:3d: f8:ff:94:21:d4:fe:1a:77:db:6c:7f:08:3f:36:3b: 68:7b:b6:e4:58:17:e2:16:8a:47:93:42:b8:70:97: 27:98:5d:8f:d3:d9:af:60:2c:84:61:66:5b:f2:f8: 4a:b8:36:26:72:c4:3e:5c:48:2e:da:75:99:4a:08: b2:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:1A:FD:91:EC:07:E1:30:EE:D0:61:67:0D:66:D5:69:A7:B4:04:3F X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/NRr9kewH4TDu0GFnDWbVaae0BD8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.152.0/21 Signature Algorithm: sha256WithRSAEncryption 3d:44:6c:f4:d0:5d:1a:73:95:3a:ff:e6:3c:f1:d7:87:0a:ab: c3:25:29:b3:cb:c9:a6:10:26:76:9e:40:76:47:cf:c5:e0:2b: 34:2c:9c:94:f1:60:47:c2:16:37:eb:c0:38:81:09:de:14:41: 4c:03:a5:81:91:31:6f:42:f4:1a:39:aa:90:9b:15:e3:0b:32: 0b:4b:a8:cd:2a:d3:fa:4d:1d:30:f2:d1:12:38:3c:9e:e2:1f: 08:a2:09:9e:7d:8a:ba:ad:70:1f:41:aa:9e:b7:ef:f0:50:36: fd:be:4a:bd:65:df:d7:44:b8:eb:1d:61:04:f4:8f:36:87:c2: 06:66:22:cf:f6:7e:37:d8:20:70:ae:1e:89:8d:7b:9a:f2:3a: 77:d9:a2:79:5b:fa:88:33:45:7d:e4:be:d3:a4:dc:4e:c3:5b: 78:96:d0:c6:fd:cf:11:87:4e:43:f9:f9:f3:cc:23:6b:2d:cc: 5e:81:84:63:dc:40:4d:6f:37:b7:d9:b4:96:8f:42:96:f5:5f: 73:1c:d7:4c:f9:fd:4a:fa:67:37:81:a1:87:41:ee:50:db:82: f2:f7:71:df:22:4e:b6:26:57:9c:b6:be:c7:b3:08:f0:10:cb: 07:e6:e6:3f:91:f4:ae:d7:32:34:0f:3a:b9:31:55:60:04:b2: ab:54:43:f9 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM1MUFGRDkxRUMwN0Ux MzBFRUQwNjE2NzBENjZENTY5QTdCNDA0M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXv6sWEUcX9Z+30iF/Z3wBejsA1t/tcushll1yD5JoNCnv6pv0 TqoUExpphBph1iI4666JjxhYJsbf5bypojGPWOd4H9Em2APnhDs3Xy2dgf9qEHiZ MDC787hcqKRe8D0TYxkD5wrx4Jssxf0G7nGn+QdDLpai1Kj5nLFXXYvGJHDwrGmf nV55tCRIOalHJ8e6isc2XNBbqHx97l76LjcPI4IR7OFdMuLdBUldQ+CJQbYgp3ZE YIx7hamFwtOheLu+Pfj/lCHU/hp322x/CD82O2h7tuRYF+IWikeTQrhwlyeYXY/T 2a9gLIRhZlvy+Eq4NiZyxD5cSC7adZlKCLLzAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUNRr9kewH4TDu0GFnDWbVaae0BD8wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9OUnI5a2V3SDRURHUwR0ZuRFdi VmFhZTBCRDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmY MA0GCSqGSIb3DQEBCwUAA4IBAQA9RGz00F0ac5U6/+Y88deHCqvDJSmzy8mmECZ2 nkB2R8/F4Cs0LJyU8WBHwhY368A4gQneFEFMA6WBkTFvQvQaOaqQmxXjCzILS6jN KtP6TR0w8tESODye4h8IogmefYq6rXAfQaqet+/wUDb9vkq9Zd/XRLjrHWEE9I82 h8IGZiLP9n432CBwrh6JjXua8jp32aJ5W/qIM0V95L7TpNxOw1t4ltDG/c8Rh05D +fnzzCNrLcxegYRj3EBNbze32bSWj0KW9V9zHNdM+f1K+mc3gaGHQe5Q24Ly93Hf Ik62Jlectr7HswjwEMsH5uY/kfSu1zI0Dzq5MVVgBLKrVEP5 -----END CERTIFICATE-----Generated at Wed Feb 19 22:05:37 2025 by rpki-client