$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/iYhsLmbrPqcQEp7DILngZqrDl3k.roa File: iYhsLmbrPqcQEp7DILngZqrDl3k.roa (raw, json) Hash identifier: hCvrbHWgIQLjuO3fCfliFS9Hj6WutWEpcj1/49ANFX0= Subject key identifier: 89:88:6C:2E:66:EB:3E:A7:10:12:9E:C3:20:B9:E0:66:AA:C3:97:79 Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Certificate serial: 0C6E Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/iYhsLmbrPqcQEp7DILngZqrDl3k.roa Signing time: Mon 10 Feb 2025 14:13:39 +0000 ROA not before: Mon 10 Feb 2025 14:13:39 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 139637 IP address blocks: 103.119.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 22:06:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3182 (0xc6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Validity Not Before: Feb 10 14:13:39 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=89886C2E66EB3EA710129EC320B9E066AAC39779 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:9d:35:f1:db:22:28:fd:77:ab:02:b2:2f:b1: 97:ee:45:9f:fd:b4:ac:2c:97:e2:e0:be:b3:40:b2: 81:f3:3b:55:9d:f7:b1:3a:77:17:69:0f:03:7a:38: 31:73:95:a5:6c:3e:35:60:fc:48:de:7f:a8:be:06: f7:76:a7:9a:0d:df:71:90:dd:66:ef:7d:62:ee:23: 2d:35:06:2b:b6:2a:a9:d4:eb:61:59:7b:d1:4f:65: 01:1c:99:d9:19:29:ff:61:05:bb:6c:94:2b:68:ca: 94:a2:f7:95:3b:27:66:3f:c2:4e:56:68:6f:20:1a: 26:d2:9d:9e:fa:db:9e:40:d8:ed:e0:e7:cb:48:a7: e3:28:8b:fc:01:d2:d7:6f:dc:5a:01:db:04:6b:77: 8a:18:9a:a2:e7:c5:be:1a:88:35:bd:a0:75:cd:a2: b0:a7:e1:85:2b:f6:ff:e4:06:ed:8b:6c:0a:fb:51: f8:dc:c3:95:cd:6f:eb:31:59:4b:f6:d2:52:ed:90: 47:de:d6:f4:89:45:7c:ef:3c:13:68:71:c8:57:5e: ad:05:68:12:5a:2a:b5:a7:81:6a:61:61:c2:97:63: ef:23:dd:c7:ed:a3:2c:a6:27:1a:84:d1:36:47:1a: ad:f8:e9:c1:f0:35:8e:5d:02:db:d9:83:a2:f9:23: ef:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:88:6C:2E:66:EB:3E:A7:10:12:9E:C3:20:B9:E0:66:AA:C3:97:79 X509v3 Authority Key Identifier: keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/iYhsLmbrPqcQEp7DILngZqrDl3k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.215.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:5f:dd:eb:5f:44:c5:14:77:cf:c4:5e:1c:00:d2:e6:5d:1d: 17:54:bc:97:45:ea:58:2a:ed:57:ee:02:31:16:8e:5c:2b:a2: 60:81:65:0c:ed:41:d0:89:9e:35:6d:1f:b7:4b:ec:3f:7e:95: 3b:f2:38:9a:3f:84:2f:f3:db:aa:3f:ae:15:70:6c:6f:8a:72: 03:46:07:70:ff:1e:77:4b:13:bc:a4:2e:fc:fb:53:a9:44:09: 68:23:0b:72:59:d8:d5:d5:45:6c:f5:ef:96:03:c4:dd:68:28: 84:4e:fb:11:de:a3:05:79:b1:69:59:b7:ed:54:0c:93:d5:97: 0c:65:f1:27:fa:0f:28:40:2b:57:0c:72:8a:15:ec:9d:bc:eb: a7:da:ea:7f:49:e5:59:51:63:3f:86:dd:8a:54:85:c4:66:68: 9e:d4:d4:4f:50:7a:fa:27:65:cd:57:a1:08:49:ec:9b:35:95: 9f:4a:fd:4e:82:f2:7c:75:4b:4f:24:f1:b5:9f:7c:56:bd:2f: 71:f3:72:76:fc:ee:e9:f0:ab:be:52:43:f9:b6:06:e2:0a:f8: 38:78:c3:e9:9a:f6:79:55:36:09:25:93:41:26:5b:97:ea:22: ef:ef:d0:0a:70:f9:da:1d:72:ec:77:7b:b7:53:c0:af:6c:c0: 84:37:1d:9e -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDG4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNTAyMTAx NDEzMzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5ODg2QzJFNjZFQjNF QTcxMDEyOUVDMzIwQjlFMDY2QUFDMzk3NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHnTXx2yIo/XerArIvsZfuRZ/9tKwsl+LgvrNAsoHzO1Wd97E6 dxdpDwN6ODFzlaVsPjVg/Ejef6i+Bvd2p5oN33GQ3WbvfWLuIy01Biu2KqnU62FZ e9FPZQEcmdkZKf9hBbtslCtoypSi95U7J2Y/wk5WaG8gGibSnZ76255A2O3g58tI p+Moi/wB0tdv3FoB2wRrd4oYmqLnxb4aiDW9oHXNorCn4YUr9v/kBu2LbAr7Ufjc w5XNb+sxWUv20lLtkEfe1vSJRXzvPBNocchXXq0FaBJaKrWngWphYcKXY+8j3cft oyymJxqE0TZHGq346cHwNY5dAtvZg6L5I+/5AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUiYhsLmbrPqcQEp7DILngZqrDl3kwHwYDVR0jBBgwFoAUXNEK1bakd108UE1m EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvaVloc0xtYnJQcWNRRXA3 RElMbmdacXJEbDNrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGd31zANBgkqhkiG9w0BAQsFAAOCAQEAK1/d619ExRR3z8ReHADS5l0dF1S8l0Xq WCrtV+4CMRaOXCuiYIFlDO1B0ImeNW0ft0vsP36VO/I4mj+EL/Pbqj+uFXBsb4py A0YHcP8ed0sTvKQu/PtTqUQJaCMLclnY1dVFbPXvlgPE3WgohE77Ed6jBXmxaVm3 7VQMk9WXDGXxJ/oPKEArVwxyihXsnbzrp9rqf0nlWVFjP4bdilSFxGZontTUT1B6 +idlzVehCEnsmzWVn0r9ToLyfHVLTyTxtZ98Vr0vcfNydvzu6fCrvlJD+bYG4gr4 OHjD6Zr2eVU2CSWTQSZbl+oi7+/QCnD52h1y7Hd7t1PAr2zAhDcdng== -----END CERTIFICATE-----Generated at Sat Apr 5 18:59:38 2025 by rpki-client