$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/YAk83dYDKpQ7pmys7JJP_xXbxnw.roa File: YAk83dYDKpQ7pmys7JJP_xXbxnw.roa (raw, json) Hash identifier: d/eDCgDi+eBj3pxS3SyDUkXcfRwImf7MXPmMoCjBztM= Subject key identifier: 60:09:3C:DD:D6:03:2A:94:3B:A6:6C:AC:EC:92:4F:FF:15:DB:C6:7C Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E5E Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/YAk83dYDKpQ7pmys7JJP_xXbxnw.roa Signing time: Mon 10 Feb 2025 14:03:27 +0000 ROA not before: Mon 10 Feb 2025 14:03:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 123.50.56.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3678 (0xe5e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:27 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=60093CDDD6032A943BA66CACEC924FFF15DBC67C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:af:3f:4b:d6:cf:e7:ea:eb:bc:b8:10:d0:b0: 4d:89:eb:04:28:2b:ea:4e:e0:86:50:cd:ce:04:77: 27:1f:44:de:7a:74:bc:48:09:3d:f8:bd:fd:bf:e5: a8:c4:c8:13:67:8f:db:ef:84:6b:07:5d:be:d0:9e: 5f:27:13:86:75:6f:d2:bd:07:65:32:f2:3d:0e:3e: 90:e2:35:3f:02:7c:5f:1f:46:fc:b6:22:94:8b:3e: f2:44:9c:cd:26:05:68:10:23:72:0e:c7:08:e3:f6: 76:e5:e5:f7:4f:da:39:72:96:00:72:97:fd:9f:2b: b9:7c:34:3e:96:bb:78:3e:cf:38:f4:17:70:5f:1b: d5:d8:19:73:eb:85:c2:fe:2c:67:f0:a0:de:a3:32: b0:f0:25:78:32:4e:c5:79:99:25:f3:e4:d4:39:79: 0c:2e:91:5f:72:e6:41:aa:ca:e1:66:30:aa:d4:58: 84:02:bd:22:b5:ea:85:a3:d3:05:de:99:c8:72:e7: 6b:25:12:47:f1:56:9a:32:75:16:57:55:e1:99:e3: da:ec:4f:96:4f:4f:54:d9:51:4d:aa:23:59:36:bd: 4e:43:5e:73:3e:ff:1a:06:ea:b5:9a:e5:5d:fa:b3: 65:9a:f7:4d:96:da:37:3d:19:ad:c1:38:9d:d4:0b: cc:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:09:3C:DD:D6:03:2A:94:3B:A6:6C:AC:EC:92:4F:FF:15:DB:C6:7C X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/YAk83dYDKpQ7pmys7JJP_xXbxnw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.50.56.0/21 Signature Algorithm: sha256WithRSAEncryption 96:04:96:ef:60:2c:49:bb:4c:14:4b:24:30:11:aa:36:2f:5a: c6:08:87:fa:33:63:54:0f:e5:16:e8:b8:fc:e9:17:99:0e:b8: 24:fe:df:b1:e2:1c:d1:9e:02:b9:1b:5c:52:64:c4:39:31:85: af:b3:31:de:ea:83:6e:0d:9a:4b:21:24:96:da:2a:e3:0a:9a: 57:8f:10:3c:e9:76:b2:33:a3:38:de:4f:11:e9:e8:b3:f3:42: 54:30:a6:5f:66:f3:a3:10:a1:11:ea:cf:13:0f:b9:67:15:e4: 5e:a4:28:d2:3c:42:54:06:9c:45:4e:6a:77:d9:28:1d:ab:d1: 53:0d:8a:ba:6d:8e:3d:0c:57:38:09:27:55:08:e8:09:ac:08: be:cf:50:cb:1d:fd:48:91:27:49:06:73:a9:63:f1:f2:ce:8b: 2c:4e:b9:5b:7f:3a:74:ff:5c:b7:61:47:a2:29:51:72:41:cb: 25:6d:9b:57:7d:45:2e:21:e2:cb:e2:6a:7b:e5:df:16:53:dc: a1:15:44:a9:a3:b4:d6:ea:dc:88:98:bd:05:d8:71:d0:2e:eb: f2:e0:e3:9f:5f:84:57:d0:10:ec:21:7d:2a:da:d8:5d:6e:a9: a6:02:07:0e:eb:4d:23:05:0f:fc:2d:e5:9d:e4:a8:1f:2a:c8: dd:f7:e1:c9 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYwMDkzQ0RERDYwMzJB OTQzQkE2NkNBQ0VDOTI0RkZGMTVEQkM2N0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0rz9L1s/n6uu8uBDQsE2J6wQoK+pO4IZQzc4EdycfRN56dLxI CT34vf2/5ajEyBNnj9vvhGsHXb7Qnl8nE4Z1b9K9B2Uy8j0OPpDiNT8CfF8fRvy2 IpSLPvJEnM0mBWgQI3IOxwjj9nbl5fdP2jlylgByl/2fK7l8ND6Wu3g+zzj0F3Bf G9XYGXPrhcL+LGfwoN6jMrDwJXgyTsV5mSXz5NQ5eQwukV9y5kGqyuFmMKrUWIQC vSK16oWj0wXemchy52slEkfxVpoydRZXVeGZ49rsT5ZPT1TZUU2qI1k2vU5DXnM+ /xoG6rWa5V36s2Wa902W2jc9Ga3BOJ3UC8zdAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUYAk83dYDKpQ7pmys7JJP/xXbxnwwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9ZQWs4M2RZREtwUTdwbXlzN0pK UF94WGJ4bncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDezI4 MA0GCSqGSIb3DQEBCwUAA4IBAQCWBJbvYCxJu0wUSyQwEao2L1rGCIf6M2NUD+UW 6Lj86ReZDrgk/t+x4hzRngK5G1xSZMQ5MYWvszHe6oNuDZpLISSW2irjCppXjxA8 6XayM6M43k8R6eiz80JUMKZfZvOjEKER6s8TD7lnFeRepCjSPEJUBpxFTmp32Sgd q9FTDYq6bY49DFc4CSdVCOgJrAi+z1DLHf1IkSdJBnOpY/HyzossTrlbfzp0/1y3 YUeiKVFyQcslbZtXfUUuIeLL4mp75d8WU9yhFUSpo7TW6tyImL0F2HHQLuvy4OOf X4RX0BDsIX0q2thdbqmmAgcO600jBQ/8LeWd5KgfKsjd9+HJ -----END CERTIFICATE-----Generated at Wed Feb 19 22:00:17 2025 by rpki-client