$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/_CRqpZI-ui3KorMZehHXcen8ido.roa File: _CRqpZI-ui3KorMZehHXcen8ido.roa (raw, json) Hash identifier: X6AHqteCPiX1i62GJQ1BukNjyzYpWbVsFuwuF6z8k4I= Subject key identifier: FC:24:6A:A5:92:3E:BA:2D:CA:A2:B3:19:7A:11:D7:71:E9:FC:89:DA Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E41 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/_CRqpZI-ui3KorMZehHXcen8ido.roa Signing time: Mon 10 Feb 2025 14:03:21 +0000 ROA not before: Mon 10 Feb 2025 14:03:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 61.57.156.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3649 (0xe41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:21 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=FC246AA5923EBA2DCAA2B3197A11D771E9FC89DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:19:03:a2:21:15:c2:0c:01:c0:b2:7a:3b:a6: f5:e1:17:8a:08:dd:4c:2b:31:13:8a:92:bb:fe:5d: 9a:76:a1:ed:41:dc:d2:c1:25:ae:10:d2:5d:3f:c3: 94:56:c3:ac:b3:8d:74:50:e4:dc:20:83:59:3e:60: 5a:00:45:e1:d9:ac:b2:2a:c0:d3:44:b8:14:11:56: 21:35:71:91:d6:4a:02:2d:41:3d:14:d6:23:c3:ed: fc:8a:81:de:f3:d1:69:02:b4:a7:1f:a9:74:9f:3a: ea:30:07:25:45:46:ef:51:04:65:06:c7:3c:7b:73: 4c:c3:ed:da:86:4a:47:8f:c3:8e:53:f4:03:46:f1: e4:b4:b0:e6:18:3a:8a:63:ca:e8:a9:a2:29:40:28: d1:a1:d1:3a:d2:87:70:59:03:c2:dd:45:31:23:58: 61:a6:e2:e0:ab:e7:86:a9:68:8f:c5:f2:f5:e7:9e: bb:3a:ac:c7:1b:3c:a3:3e:85:1d:77:a1:20:71:d8: d1:da:44:65:e4:ad:92:fa:5a:74:9e:06:68:8c:e7: bc:31:6a:a6:0c:ec:b4:68:ac:b8:ba:1c:b8:ef:ff: 00:5f:fc:b1:46:56:73:21:df:13:7a:4e:c4:4a:f2: cb:67:14:e0:72:82:34:d6:b8:41:e3:56:57:84:9f: 57:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:24:6A:A5:92:3E:BA:2D:CA:A2:B3:19:7A:11:D7:71:E9:FC:89:DA X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/_CRqpZI-ui3KorMZehHXcen8ido.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.156.0/22 Signature Algorithm: sha256WithRSAEncryption 1f:a8:9c:0a:aa:03:dd:64:d6:76:d1:de:33:b1:58:83:bc:57: a5:8a:a3:88:a4:be:63:22:85:c8:8d:19:99:10:e8:fa:13:7b: d8:9e:22:09:ba:39:0f:d4:72:df:cb:df:b2:8e:3d:fa:43:bb: 47:d9:7b:a7:a3:83:b7:bd:9b:c1:af:74:c6:f6:d9:a1:b2:bb: 72:c8:1a:81:1a:c2:7d:48:00:94:d5:66:3c:88:ca:f4:c1:2b: ca:b6:c4:c3:64:d1:91:d8:b2:5b:25:dc:92:24:ec:65:97:b3: 8b:ca:db:aa:6f:b0:6e:9f:13:26:80:58:f1:70:a4:71:d5:b6: e0:2b:d4:83:c3:90:29:9e:a8:07:6c:9f:88:a1:6e:10:ee:71: 68:78:c4:11:f6:b1:ca:9e:9f:a5:9d:4f:dd:e3:0a:54:81:58: 91:3c:7e:19:d8:63:68:d0:ae:71:40:52:b0:7f:e8:be:b0:62: 9a:f7:c4:ca:41:1f:b3:17:ba:a5:2d:56:70:ec:61:1f:37:ad: 07:6f:90:e8:77:5e:f7:58:7d:6a:ec:27:0a:ea:ec:b3:64:df: e3:0e:2f:29:59:7b:e9:f2:64:1f:a4:6d:f0:5c:b3:39:7b:7b: 35:96:43:78:14:58:09:91:7d:e3:96:74:21:77:e0:9f:3a:f4: 0a:0c:27:ea -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZDMjQ2QUE1OTIzRUJB MkRDQUEyQjMxOTdBMTFENzcxRTlGQzg5REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAGQOiIRXCDAHAsno7pvXhF4oI3UwrMROKkrv+XZp2oe1B3NLB Ja4Q0l0/w5RWw6yzjXRQ5Nwgg1k+YFoAReHZrLIqwNNEuBQRViE1cZHWSgItQT0U 1iPD7fyKgd7z0WkCtKcfqXSfOuowByVFRu9RBGUGxzx7c0zD7dqGSkePw45T9ANG 8eS0sOYYOopjyuipoilAKNGh0TrSh3BZA8LdRTEjWGGm4uCr54apaI/F8vXnnrs6 rMcbPKM+hR13oSBx2NHaRGXkrZL6WnSeBmiM57wxaqYM7LRorLi6HLjv/wBf/LFG VnMh3xN6TsRK8stnFOBygjTWuEHjVleEn1f3AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU/CRqpZI+ui3KorMZehHXcen8idowHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9fQ1JxcFpJLXVpM0tvck1aZWhI WGNlbjhpZG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPTmc MA0GCSqGSIb3DQEBCwUAA4IBAQAfqJwKqgPdZNZ20d4zsViDvFeliqOIpL5jIoXI jRmZEOj6E3vYniIJujkP1HLfy9+yjj36Q7tH2Xuno4O3vZvBr3TG9tmhsrtyyBqB GsJ9SACU1WY8iMr0wSvKtsTDZNGR2LJbJdySJOxll7OLytuqb7BunxMmgFjxcKRx 1bbgK9SDw5ApnqgHbJ+IoW4Q7nFoeMQR9rHKnp+lnU/d4wpUgViRPH4Z2GNo0K5x QFKwf+i+sGKa98TKQR+zF7qlLVZw7GEfN60Hb5Dod173WH1q7CcK6uyzZN/jDi8p WXvp8mQfpG3wXLM5e3s1lkN4FFgJkX3jlnQhd+CfOvQKDCfq -----END CERTIFICATE-----Generated at Wed Feb 19 22:03:45 2025 by rpki-client