$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/Sy1F_a4V3Lif37VEOWW6mP92i4E.roa File: Sy1F_a4V3Lif37VEOWW6mP92i4E.roa (raw, json) Hash identifier: LKfqJKZ6BLmRQBWO8GIbgctVbys6nSd9eLqv1OiYU8w= Subject key identifier: 4B:2D:45:FD:AE:15:DC:B8:9F:DF:B5:44:39:65:BA:98:FF:76:8B:81 Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Certificate serial: 0C73 Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/Sy1F_a4V3Lif37VEOWW6mP92i4E.roa Signing time: Mon 10 Feb 2025 14:13:40 +0000 ROA not before: Mon 10 Feb 2025 14:13:40 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131629 IP address blocks: 103.119.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 01:08:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3187 (0xc73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Validity Not Before: Feb 10 14:13:40 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4B2D45FDAE15DCB89FDFB5443965BA98FF768B81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:05:ff:21:2b:22:c2:cd:26:3a:fd:03:9b:16: 56:2c:a1:70:d6:37:65:a6:29:8d:9b:15:08:df:12: b7:d5:a5:0f:68:8d:56:85:82:16:3a:a4:3a:a7:a8: 43:07:4d:54:b8:87:82:37:13:cd:b6:5c:f2:38:c9: e3:cb:da:3b:fb:8e:33:d5:4b:91:4c:fe:18:a9:5a: 6b:6d:63:af:04:64:b2:df:40:4f:6f:6b:8f:a1:18: 50:d9:29:e1:7c:24:2f:fc:a0:0c:95:38:0b:e0:4e: 97:ba:a9:9e:34:f1:3c:c5:52:00:47:85:07:2a:be: 20:cc:d2:56:71:ab:36:00:07:12:e7:4e:67:ca:79: fa:c2:21:b3:28:91:dd:82:ac:cb:d8:0a:65:83:4c: fc:87:33:ef:21:a5:e8:d2:a5:b2:a8:99:4e:b0:e5: 01:04:79:7e:42:b8:36:30:9f:e2:8a:b7:2d:0a:bc: 72:bf:c1:28:99:58:15:6d:08:a6:ce:2c:9b:48:c3: 8c:8e:ab:aa:64:b4:ce:e5:c5:ea:95:bf:9e:bb:34: df:8e:c8:23:a9:e8:25:d9:25:32:b9:d6:de:d8:6e: ad:b5:04:c9:48:e5:5a:ac:e9:25:c8:41:8c:c2:5d: 03:e6:a4:29:80:10:9a:90:9b:b5:2f:d6:27:39:f2: 1e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:2D:45:FD:AE:15:DC:B8:9F:DF:B5:44:39:65:BA:98:FF:76:8B:81 X509v3 Authority Key Identifier: keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/Sy1F_a4V3Lif37VEOWW6mP92i4E.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.212.0/22 Signature Algorithm: sha256WithRSAEncryption 4d:33:79:6b:e0:9c:06:c8:9f:06:41:4f:4e:30:d7:6d:05:ff: aa:45:34:d6:d5:1c:aa:c8:12:f0:1c:0f:4c:4c:46:67:a4:d9: 88:69:f1:ad:81:0c:aa:a5:ab:d8:1a:96:a3:f6:18:55:73:f3: 46:e4:1c:83:64:27:f6:20:e4:81:3c:6f:7e:67:13:f3:4c:76: 17:ad:22:36:29:5b:81:c6:99:fb:b8:3f:6b:fe:94:7c:b3:b9: c6:be:1a:8e:ac:14:b5:17:de:9b:f5:16:69:4e:00:a2:ec:de: 39:7f:c5:c2:45:56:bb:ca:4d:00:95:28:4a:8a:27:84:20:27: dc:63:b8:b7:60:a1:ef:e5:71:1f:a6:a4:f0:aa:6d:43:ab:fb: 3e:80:53:13:62:f5:30:2f:b4:b3:ac:35:39:97:ea:6d:54:f3: 11:78:ee:a5:99:fa:a8:2b:57:0c:fd:12:da:7d:8e:7a:42:2d: fd:f0:fc:f9:48:9b:14:ee:40:a3:81:a4:96:41:b0:c8:44:c2: 07:d1:88:cf:d6:7b:68:7f:4d:ba:19:47:e8:54:4b:32:cb:15: 56:91:e3:7c:85:d5:59:15:a4:9b:c6:ce:3c:7c:c9:f7:51:e8: 8d:df:c1:56:6d:fb:1c:42:7b:f2:06:73:b3:b8:b3:e6:f1:2b: 19:c3:09:64 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNTAyMTAx NDEzNDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRCMkQ0NUZEQUUxNURD Qjg5RkRGQjU0NDM5NjVCQTk4RkY3NjhCODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtBf8hKyLCzSY6/QObFlYsoXDWN2WmKY2bFQjfErfVpQ9ojVaF ghY6pDqnqEMHTVS4h4I3E822XPI4yePL2jv7jjPVS5FM/hipWmttY68EZLLfQE9v a4+hGFDZKeF8JC/8oAyVOAvgTpe6qZ408TzFUgBHhQcqviDM0lZxqzYABxLnTmfK efrCIbMokd2CrMvYCmWDTPyHM+8hpejSpbKomU6w5QEEeX5CuDYwn+KKty0KvHK/ wSiZWBVtCKbOLJtIw4yOq6pktM7lxeqVv567NN+OyCOp6CXZJTK51t7Ybq21BMlI 5Vqs6SXIQYzCXQPmpCmAEJqQm7Uv1ic58h4PAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUSy1F/a4V3Lif37VEOWW6mP92i4EwHwYDVR0jBBgwFoAUXNEK1bakd108UE1m EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvU3kxRl9hNFYzTGlmMzdW RU9XVzZtUDkyaTRFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME Amd31DANBgkqhkiG9w0BAQsFAAOCAQEATTN5a+CcBsifBkFPTjDXbQX/qkU01tUc qsgS8BwPTExGZ6TZiGnxrYEMqqWr2BqWo/YYVXPzRuQcg2Qn9iDkgTxvfmcT80x2 F60iNilbgcaZ+7g/a/6UfLO5xr4ajqwUtRfem/UWaU4AouzeOX/FwkVWu8pNAJUo SoonhCAn3GO4t2Ch7+VxH6ak8KptQ6v7PoBTE2L1MC+0s6w1OZfqbVTzEXjupZn6 qCtXDP0S2n2OekIt/fD8+UibFO5Ao4GklkGwyETCB9GIz9Z7aH9NuhlH6FRLMssV VpHjfIXVWRWkm8bOPHzJ91Hojd/BVm37HEJ78gZzs7iz5vErGcMJZA== -----END CERTIFICATE-----Generated at Mon Apr 14 23:39:25 2025 by rpki-client