$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/xRQPFBwu-gjKVoAgocMVNz-60BI.roa File: xRQPFBwu-gjKVoAgocMVNz-60BI.roa (raw, json) Hash identifier: 9B/mGGQv4u8s5lKgfWdd5cuX4df7cbeme3ehFibb+MU= Subject key identifier: C5:14:0F:14:1C:2E:FA:08:CA:56:80:20:A1:C3:15:37:3F:BA:D0:12 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0DFC Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/xRQPFBwu-gjKVoAgocMVNz-60BI.roa Signing time: Mon 10 Feb 2025 13:59:18 +0000 ROA not before: Mon 10 Feb 2025 13:59:18 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9922 IP address blocks: 61.61.4.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 20:38:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3580 (0xdfc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Feb 10 13:59:18 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C5140F141C2EFA08CA568020A1C315373FBAD012 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:20:af:76:1e:b8:69:ae:1b:7b:33:52:71:cd: ad:48:b0:9e:9b:aa:2a:0b:95:f2:3c:1f:fa:37:df: 5d:0c:7d:84:ab:df:fd:c3:ab:60:ae:b5:69:72:74: 26:b1:78:62:2c:e0:b8:8d:d0:8f:17:8f:c2:eb:93: 32:df:be:49:9b:be:d4:7f:5b:59:8a:8d:a7:cd:68: 09:c3:b7:8f:b9:4f:5a:15:6e:67:8e:8e:23:17:c2: 67:4a:e3:46:88:38:bc:db:b2:99:34:ac:8d:99:22: 9d:ef:db:83:da:b2:10:a8:4d:65:84:14:ae:3f:63: 66:b7:21:23:0a:ff:36:73:a0:4a:b4:4b:b2:fa:fd: a2:7b:66:07:87:87:19:6f:8b:c0:f1:e3:bf:41:66: 27:f1:b4:98:8d:a8:44:fa:bf:39:f4:9e:6c:d0:ed: 39:b8:53:ed:16:02:33:94:e0:b7:38:47:ce:58:e5: c7:9d:ff:8c:0b:4f:08:45:67:39:f8:6a:2c:53:ec: a3:67:2c:5f:58:be:b1:ad:75:ae:db:40:cc:24:09: be:3f:53:d4:62:70:83:ad:64:3e:70:0b:9c:4c:7d: f2:9b:aa:b6:96:56:de:7a:02:52:c6:5b:a0:e2:dd: 75:14:9d:eb:12:82:16:61:54:4a:35:bf:f1:aa:10: 93:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:14:0F:14:1C:2E:FA:08:CA:56:80:20:A1:C3:15:37:3F:BA:D0:12 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/xRQPFBwu-gjKVoAgocMVNz-60BI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.4.0/23 Signature Algorithm: sha256WithRSAEncryption 53:d1:23:2f:f1:30:fc:3b:fb:0c:d1:22:6e:a9:13:d6:14:f0: 62:42:c3:e6:9c:36:79:8c:b8:a4:62:de:1a:30:55:13:95:4c: 9c:15:22:6f:98:c1:bb:85:47:6c:94:54:4f:8c:2d:33:61:ac: bd:28:1e:4f:8b:c6:95:59:09:58:c4:5e:e3:33:ce:bf:eb:91: 7d:67:e3:36:fd:9c:85:3d:7b:71:d6:e6:05:bc:c7:3f:ee:8a: ab:3d:0f:47:15:f9:bc:5f:87:74:bf:ef:1a:58:0e:92:f6:c1: 99:5f:87:09:97:86:b4:a3:94:4d:b9:43:5d:7f:28:a4:7b:ee: b3:86:ac:01:09:7e:08:3d:16:9b:2d:ab:d8:bc:2c:39:72:16: 59:7d:41:52:22:c3:4d:3b:c3:4c:26:a2:dd:a9:c7:da:be:1e: c8:1b:c7:a6:7b:64:73:7a:4a:93:f6:06:6c:de:43:d6:39:20: 74:2f:b9:13:e6:bf:bb:10:41:f6:3e:06:60:9d:a3:91:86:8a: ca:0a:c3:c8:3c:8d:cb:90:65:7e:40:b4:53:95:39:5c:1f:0e: 3b:9b:d8:f7:86:07:9f:d4:4d:36:8a:76:54:6e:f0:b2:d4:d6: 0e:a6:e9:0b:31:d2:d9:6c:f2:03:58:a1:fb:ef:5a:93:3c:c0: d6:eb:29:04 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDfwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx MzU5MThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM1MTQwRjE0MUMyRUZB MDhDQTU2ODAyMEExQzMxNTM3M0ZCQUQwMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5IK92Hrhprht7M1Jxza1IsJ6bqioLlfI8H/o3310MfYSr3/3D q2CutWlydCaxeGIs4LiN0I8Xj8LrkzLfvkmbvtR/W1mKjafNaAnDt4+5T1oVbmeO jiMXwmdK40aIOLzbspk0rI2ZIp3v24PashCoTWWEFK4/Y2a3ISMK/zZzoEq0S7L6 /aJ7ZgeHhxlvi8Dx479BZifxtJiNqET6vzn0nmzQ7Tm4U+0WAjOU4Lc4R85Y5ced /4wLTwhFZzn4aixT7KNnLF9YvrGtda7bQMwkCb4/U9RicIOtZD5wC5xMffKbqraW Vt56AlLGW6Di3XUUnesSghZhVEo1v/GqEJN1AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUxRQPFBwu+gjKVoAgocMVNz+60BIwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3hSUVBGQnd1LWdqS1ZvQWdvY01WTnot NjBCSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAE9PQQwDQYJ KoZIhvcNAQELBQADggEBAFPRIy/xMPw7+wzRIm6pE9YU8GJCw+acNnmMuKRi3how VROVTJwVIm+YwbuFR2yUVE+MLTNhrL0oHk+LxpVZCVjEXuMzzr/rkX1n4zb9nIU9 e3HW5gW8xz/uiqs9D0cV+bxfh3S/7xpYDpL2wZlfhwmXhrSjlE25Q11/KKR77rOG rAEJfgg9Fpstq9i8LDlyFll9QVIiw007w0wmot2px9q+Hsgbx6Z7ZHN6SpP2Bmze Q9Y5IHQvuRPmv7sQQfY+BmCdo5GGisoKw8g8jcuQZX5AtFOVOVwfDjub2PeGB5/U TTaKdlRu8LLU1g6m6Qsx0tls8gNYofvvWpM8wNbrKQQ= -----END CERTIFICATE-----Generated at Mon Apr 14 16:21:46 2025 by rpki-client