$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/dSGUFwfH0gUvNhHBReq24435jc0.roa File: dSGUFwfH0gUvNhHBReq24435jc0.roa (raw, json) Hash identifier: iksoV4OR/eCoh//ymgI120hOpTS/74B290bkF2IYunM= Subject key identifier: 75:21:94:17:07:C7:D2:05:2F:36:11:C1:45:EA:B6:E3:8D:F9:8D:CD Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E40 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/dSGUFwfH0gUvNhHBReq24435jc0.roa Signing time: Mon 10 Feb 2025 14:03:21 +0000 ROA not before: Mon 10 Feb 2025 14:03:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 45.64.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3648 (0xe40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:21 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=7521941707C7D2052F3611C145EAB6E38DF98DCD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:29:ee:bd:5e:87:1a:df:4e:1e:82:fb:84:60: 17:66:e9:53:b9:2d:94:5a:20:e6:1a:06:2a:06:8b: 0a:71:de:d6:f3:a5:24:5f:32:9a:39:07:9c:37:ff: f8:bb:69:5e:aa:3f:42:62:d9:6b:a3:ee:f2:4a:e6: 5b:88:0f:48:62:8d:06:b1:54:36:1d:29:a5:4d:c8: d2:96:70:6d:14:f0:84:7b:25:d7:81:76:91:fd:39: ba:e1:08:06:a6:62:30:fd:01:7c:47:be:79:e2:7f: fb:66:07:6d:85:2c:3c:c5:29:a2:fa:ec:1e:ed:bd: 53:f7:aa:e4:a8:08:34:77:dc:1b:8a:68:4e:b6:aa: 28:68:36:98:8b:cd:d4:62:97:23:94:9f:a9:ba:eb: d2:10:fb:23:d7:12:60:59:37:79:81:4f:d4:73:91: d4:3a:42:4d:13:fb:b1:01:7e:d4:d0:f3:36:80:56: 01:d3:62:7c:7c:17:71:6c:9a:14:9b:bb:1b:18:3b: 8e:08:af:5d:db:64:7a:94:25:cb:14:7d:48:94:d4: aa:98:9d:9a:5e:c7:7d:bb:11:f0:b6:54:eb:62:be: a1:59:06:70:8e:d3:95:d3:43:15:63:2e:81:ca:10: 8c:b8:e0:4e:b8:25:87:16:03:8e:14:b6:31:86:95: 38:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:21:94:17:07:C7:D2:05:2F:36:11:C1:45:EA:B6:E3:8D:F9:8D:CD X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/dSGUFwfH0gUvNhHBReq24435jc0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.64.232.0/22 Signature Algorithm: sha256WithRSAEncryption 0a:d5:f2:4c:c9:43:c6:46:73:49:f9:a7:56:2c:10:c1:b6:3d: 10:0d:d5:1a:2a:1e:f2:79:bb:c4:14:95:58:96:f7:76:b5:75: d7:28:dd:f9:b6:82:22:45:30:a0:22:71:45:10:78:3d:f2:49: 73:83:e3:cd:b8:42:9c:dc:d7:84:ae:03:cb:4e:e6:0a:bd:14: 3c:c7:0a:e6:1a:17:7a:b5:3b:7e:86:36:f8:19:66:d9:c7:7b: 45:2a:fa:6c:58:ab:f9:58:d0:bb:57:13:37:25:41:e4:05:8a: 44:24:85:9c:eb:c1:69:31:a0:78:3a:1d:ab:e6:b0:06:d0:2e: d1:07:6d:2e:e4:f1:0a:77:39:5a:f2:fd:c9:f5:0c:2b:73:3d: ed:29:11:96:6a:28:bf:1a:c2:6c:b1:0e:59:e8:e9:d3:66:1d: 6b:f2:74:1b:5f:7d:3b:41:c3:ba:04:08:b9:43:a0:65:d5:2e: 69:b9:21:50:55:8b:42:1b:62:ee:96:03:b7:ff:93:b3:4f:91: 75:9b:a6:f9:f4:66:72:2b:71:9e:ae:24:aa:78:1e:ad:1c:b0: 6b:f9:53:1d:b3:7c:9f:24:dd:30:c7:40:d7:70:70:ef:70:88: 6d:f0:d3:89:06:5b:a6:39:f6:9a:bc:c3:90:56:57:71:3c:15: 6f:cc:3f:63 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc1MjE5NDE3MDdDN0Qy MDUyRjM2MTFDMTQ1RUFCNkUzOERGOThEQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBKe69Xoca304egvuEYBdm6VO5LZRaIOYaBioGiwpx3tbzpSRf Mpo5B5w3//i7aV6qP0Ji2Wuj7vJK5luID0hijQaxVDYdKaVNyNKWcG0U8IR7JdeB dpH9ObrhCAamYjD9AXxHvnnif/tmB22FLDzFKaL67B7tvVP3quSoCDR33BuKaE62 qihoNpiLzdRilyOUn6m669IQ+yPXEmBZN3mBT9RzkdQ6Qk0T+7EBftTQ8zaAVgHT Ynx8F3FsmhSbuxsYO44Ir13bZHqUJcsUfUiU1KqYnZpex327EfC2VOtivqFZBnCO 05XTQxVjLoHKEIy44E64JYcWA44UtjGGlThdAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUdSGUFwfH0gUvNhHBReq24435jc0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9kU0dVRndmSDBnVXZOaEhCUmVx MjQ0MzVqYzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUDo MA0GCSqGSIb3DQEBCwUAA4IBAQAK1fJMyUPGRnNJ+adWLBDBtj0QDdUaKh7yebvE FJVYlvd2tXXXKN35toIiRTCgInFFEHg98klzg+PNuEKc3NeErgPLTuYKvRQ8xwrm Ghd6tTt+hjb4GWbZx3tFKvpsWKv5WNC7VxM3JUHkBYpEJIWc68FpMaB4Oh2r5rAG 0C7RB20u5PEKdzla8v3J9Qwrcz3tKRGWaii/GsJssQ5Z6OnTZh1r8nQbX307QcO6 BAi5Q6Bl1S5puSFQVYtCG2LulgO3/5OzT5F1m6b59GZyK3GeriSqeB6tHLBr+VMd s3yfJN0wx0DXcHDvcIht8NOJBlumOfaavMOQVldxPBVvzD9j -----END CERTIFICATE-----Generated at Wed Feb 19 22:04:15 2025 by rpki-client