$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/dclQBIMFB3gA8e_6og8WyGji0Hc.roa File: dclQBIMFB3gA8e_6og8WyGji0Hc.roa (raw, json) Hash identifier: 0bzoeGWinQhH04aBnvFIAorkO0F7kjOu/Txv+JfyU5w= Subject key identifier: 75:C9:50:04:83:05:07:78:00:F1:EF:FA:A2:0F:16:C8:68:E2:D0:77 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E5D Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/dclQBIMFB3gA8e_6og8WyGji0Hc.roa Signing time: Mon 10 Feb 2025 14:03:27 +0000 ROA not before: Mon 10 Feb 2025 14:03:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 61.57.128.0/21 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3677 (0xe5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:27 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=75C950048305077800F1EFFAA20F16C868E2D077 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:4f:e7:fd:13:05:55:8a:12:a6:1f:b2:b6:b8: a7:b4:72:90:e4:88:09:a8:e4:2a:ed:1e:3c:80:cc: 88:87:2d:6f:eb:cb:0a:90:fd:4c:a5:63:11:00:2c: 7f:92:af:a2:f8:2a:54:21:9a:8a:7b:04:97:18:28: 77:0e:59:34:cf:83:e1:a5:47:3e:45:21:9e:d1:68: 89:e2:0d:16:90:7d:7d:d2:77:3c:0a:4c:d8:13:f5: 30:62:f3:28:9d:f6:1c:38:c8:3e:33:76:4e:38:16: 28:c8:8c:7c:4d:19:29:04:d7:5e:d9:95:dd:34:47: 86:06:ab:85:99:06:66:1a:94:39:ab:1b:82:c7:ce: c7:fa:40:26:42:c7:21:60:ce:07:42:1d:5c:7f:0e: a4:ee:58:ce:a0:79:01:62:a0:90:d3:5b:ad:17:e8: b8:68:c6:53:2c:ec:21:b6:fb:ca:96:92:fa:39:2b: c5:1e:18:bf:44:7f:b8:46:2e:d1:8f:32:fb:6d:b5: ad:99:39:30:ff:e9:40:64:36:41:27:a8:37:5e:09: 80:c8:0f:63:6e:d8:c8:8d:97:3e:77:0b:2a:56:5c: 5e:f9:a3:6b:6a:b8:04:6b:20:1c:44:42:d5:dd:04: 61:53:b0:93:c0:ea:dd:47:8c:cc:e1:b2:15:35:0e: 2c:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:C9:50:04:83:05:07:78:00:F1:EF:FA:A2:0F:16:C8:68:E2:D0:77 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/dclQBIMFB3gA8e_6og8WyGji0Hc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.128.0/21 Signature Algorithm: sha256WithRSAEncryption 49:51:9f:00:be:31:db:98:35:7f:37:d9:fa:01:2f:87:17:8d: cb:9a:43:48:11:b6:c6:10:65:d9:ef:47:25:eb:85:b2:80:0e: 15:e6:a7:1f:1d:c6:1f:0d:66:59:f7:fc:38:95:07:a9:98:d6: 6a:57:e3:f1:3c:6c:b2:1d:f5:dd:4f:46:50:c7:de:ad:34:b5: 07:eb:74:eb:4a:47:c9:c0:d7:f5:7d:c9:bd:3f:51:b1:ff:9a: d1:0f:85:4a:df:a0:30:21:fa:64:ec:07:22:1e:50:ee:07:97: 04:d0:69:1f:66:5d:8c:86:c1:48:98:e5:f8:0a:5c:2d:b4:8b: be:20:0a:8a:49:b0:62:ea:0d:d8:48:d8:26:76:cc:de:39:ce: 5e:de:7a:fa:c0:15:b9:88:e1:b2:7c:4b:b4:21:e1:86:2c:8e: b8:0d:01:35:b0:fb:43:f5:28:23:e9:f2:cb:c5:11:fc:2f:78: 89:91:c3:c6:06:2e:8d:88:e9:7b:d1:5d:6f:46:20:41:25:25: 7f:3f:41:8b:7d:16:21:12:3c:86:12:0e:11:ff:19:3f:d5:60: 97:19:02:e4:e8:94:f9:c4:08:4c:e3:36:32:1f:f5:8a:16:2e: 97:5c:95:b2:05:e1:a9:a2:56:2d:44:d9:13:21:f1:01:62:6b: d9:03:c2:ce -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc1Qzk1MDA0ODMwNTA3 NzgwMEYxRUZGQUEyMEYxNkM4NjhFMkQwNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDiT+f9EwVVihKmH7K2uKe0cpDkiAmo5CrtHjyAzIiHLW/rywqQ /UylYxEALH+Sr6L4KlQhmop7BJcYKHcOWTTPg+GlRz5FIZ7RaIniDRaQfX3SdzwK TNgT9TBi8yid9hw4yD4zdk44FijIjHxNGSkE117Zld00R4YGq4WZBmYalDmrG4LH zsf6QCZCxyFgzgdCHVx/DqTuWM6geQFioJDTW60X6LhoxlMs7CG2+8qWkvo5K8Ue GL9Ef7hGLtGPMvttta2ZOTD/6UBkNkEnqDdeCYDID2Nu2MiNlz53CypWXF75o2tq uARrIBxEQtXdBGFTsJPA6t1HjMzhshU1DiwDAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUdclQBIMFB3gA8e/6og8WyGji0HcwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9kY2xRQklNRkIzZ0E4ZV82b2c4 V3lHamkwSGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmA MA0GCSqGSIb3DQEBCwUAA4IBAQBJUZ8AvjHbmDV/N9n6AS+HF43LmkNIEbbGEGXZ 70cl64WygA4V5qcfHcYfDWZZ9/w4lQepmNZqV+PxPGyyHfXdT0ZQx96tNLUH63Tr SkfJwNf1fcm9P1Gx/5rRD4VK36AwIfpk7AciHlDuB5cE0GkfZl2MhsFImOX4Clwt tIu+IAqKSbBi6g3YSNgmdszeOc5e3nr6wBW5iOGyfEu0IeGGLI64DQE1sPtD9Sgj 6fLLxRH8L3iJkcPGBi6NiOl70V1vRiBBJSV/P0GLfRYhEjyGEg4R/xk/1WCXGQLk 6JT5xAhM4zYyH/WKFi6XXJWyBeGpolYtRNkTIfEBYmvZA8LO -----END CERTIFICATE-----Generated at Wed Feb 19 22:11:18 2025 by rpki-client