$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q0UnpJIyhdFzvDVWx4aCpwjKAVA.roa File: Q0UnpJIyhdFzvDVWx4aCpwjKAVA.roa (raw, json) Hash identifier: 89eROstpVCIZyqn2rUtF5omqaQPVlrpaNxYMgDD8lHI= Subject key identifier: 43:45:27:A4:92:32:85:D1:73:BC:35:56:C7:86:82:A7:08:CA:01:50 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E64 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q0UnpJIyhdFzvDVWx4aCpwjKAVA.roa Signing time: Mon 10 Feb 2025 14:03:29 +0000 ROA not before: Mon 10 Feb 2025 14:03:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 27.147.40.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3684 (0xe64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:29 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=434527A4923285D173BC3556C78682A708CA0150 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:b6:4e:6b:1f:e9:05:34:d5:1b:ba:00:f5:05: ac:ee:cb:68:07:f4:80:ca:f2:e3:d9:f0:dd:ce:b4: dc:af:2d:31:dc:12:1f:4d:e1:1f:77:d8:53:6b:08: 21:8c:7e:7a:eb:54:83:dc:a6:b9:ee:1b:43:b2:d6: 4b:64:49:bd:78:2b:f2:07:51:86:12:af:fc:37:d6: 2e:2e:6e:82:63:57:f0:a3:ec:00:ff:34:4c:0d:e8: 06:36:af:dc:7f:ab:56:9a:cd:ad:2a:d5:be:7a:91: c4:d9:04:f3:60:22:42:d1:c5:e2:9c:3a:af:6d:41: ed:eb:39:bd:aa:88:c9:38:a8:e4:42:21:38:a1:94: 1b:e5:5b:dc:e5:63:60:9a:12:07:f8:a3:eb:03:3d: 37:2e:e0:d1:66:50:30:1f:fb:8b:93:31:d6:53:a3: 29:d4:c4:a3:13:96:8d:e9:cd:6b:ce:f1:7e:80:e3: eb:06:56:5c:ba:ee:8d:12:d9:01:ee:c4:75:cd:23: 9a:39:05:42:cf:b9:5a:77:4f:6c:46:2c:f2:99:bf: 9d:b9:c6:0b:42:01:95:7c:7d:dd:e6:af:a5:8a:26: 59:03:23:8e:a0:b2:b2:cf:8f:30:fb:5c:dc:37:aa: 00:1a:6c:4d:64:f5:77:14:ba:01:44:72:2d:7d:f0: 0f:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:45:27:A4:92:32:85:D1:73:BC:35:56:C7:86:82:A7:08:CA:01:50 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q0UnpJIyhdFzvDVWx4aCpwjKAVA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.147.40.0/21 Signature Algorithm: sha256WithRSAEncryption 09:08:2a:60:8b:61:33:26:7f:42:89:da:b3:57:c5:d2:aa:2f: 77:6f:71:f0:97:2a:4c:5b:c1:78:31:30:33:03:0b:b9:7d:b2: 96:d7:cd:68:9a:d7:fa:a0:f4:2c:ad:5e:bf:8c:00:62:e6:f1: c5:36:af:63:d1:7e:2d:a1:c8:4a:b7:71:03:d5:a4:a0:2f:8a: 69:db:0f:3b:ce:e7:75:d9:dc:f9:22:b6:cc:71:ac:54:16:ee: bc:72:93:3c:0a:17:89:7d:01:5f:30:f1:36:19:58:82:f0:e9: 33:ea:b9:01:6c:58:46:2f:e4:c0:43:e7:84:58:2d:8b:c7:de: 26:db:7e:92:55:0d:42:f0:7d:6b:5e:78:fa:ab:99:b8:9a:fb: a7:96:dd:ce:72:c4:54:bc:da:fe:be:99:c1:fc:b3:7a:05:8c: ea:11:8b:01:60:cf:e3:c3:82:f2:45:5f:d3:dc:e0:c7:c7:b0: 25:29:37:ae:10:5b:4c:92:5e:06:c3:c4:bb:bc:41:04:c3:b3: d1:5d:ce:b2:2f:2d:52:ce:1d:3c:e8:c1:a1:94:ec:08:e8:e1: 8e:a3:a3:40:2c:ef:49:1a:55:0d:d8:2c:ac:22:da:8a:92:22: eb:ad:69:21:9d:16:5d:24:fd:fd:24:a1:49:02:38:ed:29:2e: a3:5c:bc:d3 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQzNDUyN0E0OTIzMjg1 RDE3M0JDMzU1NkM3ODY4MkE3MDhDQTAxNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1tk5rH+kFNNUbugD1Bazuy2gH9IDK8uPZ8N3OtNyvLTHcEh9N 4R932FNrCCGMfnrrVIPcprnuG0Oy1ktkSb14K/IHUYYSr/w31i4uboJjV/Cj7AD/ NEwN6AY2r9x/q1aaza0q1b56kcTZBPNgIkLRxeKcOq9tQe3rOb2qiMk4qORCITih lBvlW9zlY2CaEgf4o+sDPTcu4NFmUDAf+4uTMdZToynUxKMTlo3pzWvO8X6A4+sG Vly67o0S2QHuxHXNI5o5BULPuVp3T2xGLPKZv525xgtCAZV8fd3mr6WKJlkDI46g srLPjzD7XNw3qgAabE1k9XcUugFEci198A/RAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUQ0UnpJIyhdFzvDVWx4aCpwjKAVAwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9RMFVucEpJeWhkRnp2RFZXeDRh Q3B3aktBVkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mo MA0GCSqGSIb3DQEBCwUAA4IBAQAJCCpgi2EzJn9CidqzV8XSqi93b3HwlypMW8F4 MTAzAwu5fbKW181omtf6oPQsrV6/jABi5vHFNq9j0X4tochKt3ED1aSgL4pp2w87 zud12dz5IrbMcaxUFu68cpM8CheJfQFfMPE2GViC8Okz6rkBbFhGL+TAQ+eEWC2L x94m236SVQ1C8H1rXnj6q5m4mvunlt3OcsRUvNr+vpnB/LN6BYzqEYsBYM/jw4Ly RV/T3ODHx7AlKTeuEFtMkl4Gw8S7vEEEw7PRXc6yLy1Szh086MGhlOwI6OGOo6NA LO9JGlUN2CysItqKkiLrrWkhnRZdJP39JKFJAjjtKS6jXLzT -----END CERTIFICATE-----Generated at Wed Feb 19 22:03:24 2025 by rpki-client