$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/gtwNaTFQxm3bTznZIB85skP76ZQ.roa File: gtwNaTFQxm3bTznZIB85skP76ZQ.roa (raw, json) Hash identifier: nV1lWIFxdvaGhLmnRjEH9XjZURFymKZ6+YGGA8bDxXQ= Subject key identifier: 82:DC:0D:69:31:50:C6:6D:DB:4F:39:D9:20:1F:39:B2:43:FB:E9:94 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 124D Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/gtwNaTFQxm3bTznZIB85skP76ZQ.roa Signing time: Mon 10 Feb 2025 14:14:41 +0000 ROA not before: Mon 10 Feb 2025 14:14:41 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 10085 IP address blocks: 203.163.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 21:36:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4685 (0x124d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:41 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=82DC0D693150C66DDB4F39D9201F39B243FBE994 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:bd:99:89:ff:1b:aa:d6:c6:07:0b:3f:03:37: 55:4c:77:f2:d5:47:cc:f6:f0:40:eb:e9:22:f1:c3: 52:e0:43:ea:a0:25:ba:d5:79:a9:b5:34:08:53:13: 12:1e:9d:9c:86:08:83:6f:c9:08:06:35:d4:54:36: 47:31:43:ee:f0:27:73:28:ff:21:9d:01:40:a7:0d: ad:39:d8:41:7a:84:0c:1a:b5:e1:c2:2f:c0:dd:55: e5:84:c9:18:7e:0a:27:43:b8:21:e5:97:c6:e0:67: 61:3f:12:c3:aa:9e:6e:cd:c9:81:e7:d8:2e:75:ff: 18:29:eb:f7:8e:cf:53:e9:13:c6:ed:bc:c4:44:e2: 94:c5:2f:9d:4e:83:1c:ff:8a:c3:04:31:99:98:49: fc:5e:cf:a1:ef:0c:56:dc:ca:7b:4c:02:11:99:1f: b1:54:a9:a2:55:6f:bf:2d:9b:b3:3e:49:ba:ef:37: 92:ea:90:8b:38:70:1f:22:05:6f:10:7f:0b:93:d5: 0b:6e:af:31:5d:b1:06:90:4f:26:cc:31:6b:dd:98: 3b:89:61:13:76:ae:ed:e9:ce:f1:0e:e2:37:31:da: 19:b8:85:06:74:a7:1a:c1:1e:9b:e8:4c:a2:59:c0: ba:8e:59:64:71:2c:0d:26:5a:94:eb:c8:6e:8c:66: 57:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:DC:0D:69:31:50:C6:6D:DB:4F:39:D9:20:1F:39:B2:43:FB:E9:94 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/gtwNaTFQxm3bTznZIB85skP76ZQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.163.196.0/22 Signature Algorithm: sha256WithRSAEncryption 91:ad:bd:bb:ad:d2:27:9a:dd:94:93:56:13:de:b4:64:63:39: fd:18:55:5c:cb:db:54:95:8a:a6:2f:e8:46:5c:15:dd:2b:b1: 44:92:a2:c1:b4:89:7f:0e:46:4a:12:2f:b4:c2:9a:3f:61:f2: 28:a4:57:d6:b3:1f:93:a9:b5:ac:0b:77:05:3b:54:d8:4d:86: 59:2f:e0:1c:33:87:08:32:b3:da:db:47:16:b4:77:86:2d:96: 7c:20:e8:83:10:15:d2:02:be:48:8e:ff:f8:9a:e0:ab:38:48: c1:62:dc:08:74:3e:ab:7d:03:2f:5f:21:92:22:00:f7:c9:f6: d3:22:5b:ef:0f:dd:2b:17:ee:88:be:10:64:a4:36:a0:50:a6: 1d:b9:8d:d3:9c:e6:46:8a:6c:c5:ed:8c:28:d6:ab:15:18:ce: f1:2a:a2:be:9c:e3:ba:ad:db:49:11:b7:12:30:c4:eb:e2:c4: 55:4d:fb:cb:c6:cb:4c:97:bb:ef:8c:de:61:51:86:4b:f4:75: 25:ca:74:da:fe:b8:a2:54:ce:ea:c1:ab:ca:01:fd:9f:de:4c: 8a:ff:40:77:e7:a3:00:9c:7d:02:a1:30:68:3d:93:cc:8b:ec: a8:d0:30:88:b8:c4:03:4d:28:46:e5:a7:d4:1d:24:46:f4:c4: c2:96:d2:1b -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgyREMwRDY5MzE1MEM2 NkREQjRGMzlEOTIwMUYzOUIyNDNGQkU5OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3vZmJ/xuq1sYHCz8DN1VMd/LVR8z28EDr6SLxw1LgQ+qgJbrV eam1NAhTExIenZyGCINvyQgGNdRUNkcxQ+7wJ3Mo/yGdAUCnDa052EF6hAwateHC L8DdVeWEyRh+CidDuCHll8bgZ2E/EsOqnm7NyYHn2C51/xgp6/eOz1PpE8btvMRE 4pTFL51Ogxz/isMEMZmYSfxez6HvDFbcyntMAhGZH7FUqaJVb78tm7M+SbrvN5Lq kIs4cB8iBW8QfwuT1QturzFdsQaQTybMMWvdmDuJYRN2ru3pzvEO4jcx2hm4hQZ0 pxrBHpvoTKJZwLqOWWRxLA0mWpTryG6MZlcbAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUgtwNaTFQxm3bTznZIB85skP76ZQwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9ndHdOYVRGUXhtM2JU em5aSUI4NXNrUDc2WlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCy6PEMA0GCSqGSIb3DQEBCwUAA4IBAQCRrb27rdInmt2Uk1YT3rRkYzn9GFVc y9tUlYqmL+hGXBXdK7FEkqLBtIl/DkZKEi+0wpo/YfIopFfWsx+TqbWsC3cFO1TY TYZZL+AcM4cIMrPa20cWtHeGLZZ8IOiDEBXSAr5Ijv/4muCrOEjBYtwIdD6rfQMv XyGSIgD3yfbTIlvvD90rF+6IvhBkpDagUKYduY3TnOZGimzF7Ywo1qsVGM7xKqK+ nOO6rdtJEbcSMMTr4sRVTfvLxstMl7vvjN5hUYZL9HUlynTa/riiVM7qwavKAf2f 3kyK/0B356MAnH0CoTBoPZPMi+yo0DCIuMQDTShG5afUHSRG9MTCltIb -----END CERTIFICATE-----Generated at Sun Apr 6 19:54:32 2025 by rpki-client