$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/ro2fWeWJ7ajGq7qmdHq_JCOn4So.roa File: ro2fWeWJ7ajGq7qmdHq_JCOn4So.roa (raw, json) Hash identifier: leXv3pc667+54fptoHHKoWsUz+YHHV2dKn1iNgPAQss= Subject key identifier: AE:8D:9F:59:E5:89:ED:A8:C6:AB:BA:A6:74:7A:BF:24:23:A7:E1:2A Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0E58 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ro2fWeWJ7ajGq7qmdHq_JCOn4So.roa Signing time: Mon 10 Feb 2025 14:03:26 +0000 ROA not before: Mon 10 Feb 2025 14:03:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 27.147.16.0/21 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 23:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3672 (0xe58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Feb 10 14:03:26 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=AE8D9F59E589EDA8C6ABBAA6747ABF2423A7E12A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:a0:b4:54:e4:28:5e:64:9a:c2:c1:87:38:62: 5b:f4:ca:26:6f:87:04:7f:42:1b:85:28:0a:22:14: bc:74:cf:9a:12:52:1f:71:2b:5f:a9:a5:06:e7:0b: 0f:f1:4f:b5:66:0a:cc:b4:38:58:49:36:b4:b2:79: f7:02:4e:c0:6e:52:96:bf:57:da:b5:80:bd:79:3d: 61:84:bf:4d:a4:36:5e:bd:31:32:ac:64:3e:1c:06: a6:b0:55:d5:5d:d5:a0:6a:4d:52:a2:b5:f4:2a:47: a2:dd:89:1f:b2:33:7e:54:b9:36:cb:24:3b:42:f0: 29:b7:c9:61:f9:b5:57:ed:6d:36:40:21:bd:7e:b1: f1:63:06:0f:b5:ac:f1:f1:df:dd:88:fa:60:fe:ff: ec:d9:1b:36:eb:53:bc:22:b4:65:3d:81:74:0e:2a: 7c:03:2e:62:0c:61:87:02:a1:cd:da:dd:eb:7f:b4: 32:3b:7e:44:67:99:d7:5a:26:37:22:bc:1b:9a:d2: 31:3c:6b:f2:88:56:de:cf:74:6b:ff:63:99:3c:38: c4:5a:2e:fd:75:02:6b:9f:a9:45:44:a8:30:6a:37: ca:40:43:a7:02:f9:dc:95:3d:c5:8f:4d:59:fc:df: c2:c0:5e:e5:a8:24:0c:d0:95:4f:81:18:ab:f8:0c: 80:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:8D:9F:59:E5:89:ED:A8:C6:AB:BA:A6:74:7A:BF:24:23:A7:E1:2A X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ro2fWeWJ7ajGq7qmdHq_JCOn4So.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.147.16.0/21 Signature Algorithm: sha256WithRSAEncryption 54:bb:0b:ac:f5:91:bc:fe:4a:ba:6d:7f:41:57:ed:3c:27:52: d9:4b:ab:65:53:cd:b2:56:8c:3c:97:32:d7:3a:9f:52:f0:cb: 1c:b5:18:eb:37:d0:eb:ac:5f:6c:ce:ef:9a:d6:9e:3a:78:dd: 4d:6b:12:2c:f5:ab:b5:a1:60:d7:d5:1d:34:8a:60:13:1c:2c: 9e:dc:fe:e8:e7:fc:48:ab:35:42:a1:ce:bf:a0:43:72:ef:35: 0a:88:92:90:7e:05:97:ac:9b:6a:b9:5d:2b:8f:d5:72:fa:f2: 2e:6a:4a:23:4c:05:54:c2:75:5e:ed:b2:16:92:e3:7a:25:8b: 0c:6d:ee:44:8d:d8:7b:38:3d:1b:47:04:55:0c:ee:bc:3f:85: 9a:fb:23:15:6a:1a:cc:27:6c:44:4a:b3:1e:41:3d:9b:de:84: 17:63:94:ab:fb:83:36:25:86:6f:43:f0:fd:7c:a0:b2:d7:c4: 5f:3f:b9:59:80:7e:6c:18:3f:25:fe:f9:af:6c:53:e7:7d:2e: a0:38:c7:31:f6:0b:58:9b:db:d2:c3:c4:d1:67:a8:66:43:93: bb:c0:e4:70:6f:1f:ce:6c:0c:1d:8e:c0:fe:cb:03:99:9b:5e: 03:0c:08:43:29:86:00:68:00:0a:64:1d:73:ca:fe:1e:ef:81: 3e:c5:24:18 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx NDAzMjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFFOEQ5RjU5RTU4OUVE QThDNkFCQkFBNjc0N0FCRjI0MjNBN0UxMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaoLRU5CheZJrCwYc4Ylv0yiZvhwR/QhuFKAoiFLx0z5oSUh9x K1+ppQbnCw/xT7VmCsy0OFhJNrSyefcCTsBuUpa/V9q1gL15PWGEv02kNl69MTKs ZD4cBqawVdVd1aBqTVKitfQqR6LdiR+yM35UuTbLJDtC8Cm3yWH5tVftbTZAIb1+ sfFjBg+1rPHx392I+mD+/+zZGzbrU7witGU9gXQOKnwDLmIMYYcCoc3a3et/tDI7 fkRnmddaJjcivBua0jE8a/KIVt7PdGv/Y5k8OMRaLv11AmufqUVEqDBqN8pAQ6cC +dyVPcWPTVn838LAXuWoJAzQlU+BGKv4DIBdAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUro2fWeWJ7ajGq7qmdHq/JCOn4SowHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9ybzJmV2VXSjdhakdxN3FtZEhx X0pDT240U28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MQ MA0GCSqGSIb3DQEBCwUAA4IBAQBUuwus9ZG8/kq6bX9BV+08J1LZS6tlU82yVow8 lzLXOp9S8MsctRjrN9DrrF9szu+a1p46eN1NaxIs9au1oWDX1R00imATHCye3P7o 5/xIqzVCoc6/oENy7zUKiJKQfgWXrJtquV0rj9Vy+vIuakojTAVUwnVe7bIWkuN6 JYsMbe5Ejdh7OD0bRwRVDO68P4Wa+yMVahrMJ2xESrMeQT2b3oQXY5Sr+4M2JYZv Q/D9fKCy18RfP7lZgH5sGD8l/vmvbFPnfS6gOMcx9gtYm9vSw8TRZ6hmQ5O7wORw bx/ObAwdjsD+ywOZm14DDAhDKYYAaAAKZB1zyv4e74E+xSQY -----END CERTIFICATE-----Generated at Wed Feb 19 22:01:52 2025 by rpki-client