$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/ok9BNTlr8zllkLmhpMWa7wsAAc0.roa File: ok9BNTlr8zllkLmhpMWa7wsAAc0.roa (raw, json) Hash identifier: qKkb+N05tfHOvmVIj8XG1Ddu4jYqKsPQyO4D2CXXHtM= Subject key identifier: A2:4F:41:35:39:6B:F3:39:65:90:B9:A1:A4:C5:9A:EF:0B:00:01:CD Certificate issuer: /CN=3F84FAED6CB47E112F24C6B0277A4862270672CA Certificate serial: 0130 Authority key identifier: 3F:84:FA:ED:6C:B4:7E:11:2F:24:C6:B0:27:7A:48:62:27:06:72:CA Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/P4T67Wy0fhEvJMawJ3pIYicGcso.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/ok9BNTlr8zllkLmhpMWa7wsAAc0.roa Signing time: Mon 10 Feb 2025 13:45:16 +0000 ROA not before: Mon 10 Feb 2025 13:45:16 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 14618 IP address blocks: 113.192.24.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/P4T67Wy0fhEvJMawJ3pIYicGcso.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/P4T67Wy0fhEvJMawJ3pIYicGcso.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/P4T67Wy0fhEvJMawJ3pIYicGcso.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 04:06:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 304 (0x130) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3F84FAED6CB47E112F24C6B0277A4862270672CA Validity Not Before: Feb 10 13:45:16 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A24F4135396BF3396590B9A1A4C59AEF0B0001CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:47:e3:72:4d:c6:a4:e2:3d:9c:11:37:b2:eb: 33:ba:1c:6f:b2:1b:49:bd:53:cd:99:35:1a:9f:3b: 0a:d4:7d:05:a6:66:3a:fe:6b:a1:f2:54:40:52:bd: 67:d3:60:d5:4a:50:d6:33:59:8b:34:a0:ae:54:8e: c1:78:b2:64:a6:b5:1e:db:7b:9f:b4:6b:71:81:34: e7:99:d9:6e:f3:c1:75:83:5d:69:95:6a:92:4c:f8: 8f:be:59:ac:ac:68:52:bb:7f:aa:cb:66:80:ab:01: a4:ff:97:a8:aa:7b:c3:50:c8:17:56:41:72:10:0c: 27:4c:5a:32:09:5a:3a:be:cb:aa:3f:ec:98:b3:15: f1:81:6d:0f:08:15:79:b1:e0:96:35:f4:37:a2:60: f2:45:06:7c:be:9b:7b:df:f9:34:bf:6f:3a:30:7d: c0:25:54:b0:ec:72:ed:8c:cb:36:e4:11:7e:2f:0b: 0b:c5:b3:c2:df:35:a5:27:0c:c0:09:2d:b0:52:d4: 1e:af:41:c6:1e:d9:b6:24:27:31:19:57:cc:23:19: e5:04:32:05:0b:52:00:14:19:d7:1a:3a:b6:3b:00: 5f:29:42:b2:57:c4:52:a2:84:60:e2:fc:bb:93:46: c5:c4:e8:08:68:c2:3a:4c:8c:9a:59:e1:a8:cd:3a: b8:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:4F:41:35:39:6B:F3:39:65:90:B9:A1:A4:C5:9A:EF:0B:00:01:CD X509v3 Authority Key Identifier: keyid:3F:84:FA:ED:6C:B4:7E:11:2F:24:C6:B0:27:7A:48:62:27:06:72:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/P4T67Wy0fhEvJMawJ3pIYicGcso.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/P4T67Wy0fhEvJMawJ3pIYicGcso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/ok9BNTlr8zllkLmhpMWa7wsAAc0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.192.24.0/23 Signature Algorithm: sha256WithRSAEncryption b5:bc:d0:95:44:c3:f2:e5:27:ec:2a:bf:34:65:b9:07:d3:c8: 41:4e:2c:d5:6f:06:34:82:42:8e:e2:10:da:df:9e:35:5a:e5: 7b:d4:0f:21:4d:b6:fd:8b:08:81:53:91:14:eb:75:ef:6f:b6: 23:28:71:e6:47:d5:1f:fb:a6:ae:79:b5:04:48:bc:dc:ab:f0: e3:ec:22:8e:71:f3:fc:e2:ef:5a:32:93:ca:29:fa:35:28:5a: e3:0b:f0:a1:ec:81:77:54:d2:80:db:58:ce:94:69:ed:02:fc: 28:47:25:ae:7f:b6:56:32:64:36:c3:9c:1e:29:f7:de:b6:9e: 23:e2:61:c7:d5:3b:78:e5:72:ed:4b:b7:ab:32:87:17:a5:60: c6:b9:be:e3:93:7e:8f:fa:9a:6b:22:bb:f9:1d:0c:d3:d6:67: 6d:63:87:09:b6:b9:b4:b5:67:42:b1:1b:c4:ba:77:37:9b:dc: ea:ef:81:47:1f:f8:94:69:45:59:e9:24:c3:55:93:41:73:78: c8:b2:36:2a:32:1a:bb:ac:cd:36:3e:e9:32:fb:45:22:6d:5b: 42:ac:8b:d0:1b:a9:3a:a5:34:fa:2d:b6:d5:2d:46:6c:f4:4f: bc:2b:b1:af:00:61:94:4c:04:d6:92:86:b6:63:6a:ac:5d:b5: 26:56:fb:39 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0Y4 NEZBRUQ2Q0I0N0UxMTJGMjRDNkIwMjc3QTQ4NjIyNzA2NzJDQTAeFw0yNTAyMTAx MzQ1MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEyNEY0MTM1Mzk2QkYz Mzk2NTkwQjlBMUE0QzU5QUVGMEIwMDAxQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+R+NyTcak4j2cETey6zO6HG+yG0m9U82ZNRqfOwrUfQWmZjr+ a6HyVEBSvWfTYNVKUNYzWYs0oK5UjsF4smSmtR7be5+0a3GBNOeZ2W7zwXWDXWmV apJM+I++WaysaFK7f6rLZoCrAaT/l6iqe8NQyBdWQXIQDCdMWjIJWjq+y6o/7Jiz FfGBbQ8IFXmx4JY19DeiYPJFBny+m3vf+TS/bzowfcAlVLDscu2MyzbkEX4vCwvF s8LfNaUnDMAJLbBS1B6vQcYe2bYkJzEZV8wjGeUEMgULUgAUGdcaOrY7AF8pQrJX xFKihGDi/LuTRsXE6AhowjpMjJpZ4ajNOrjvAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUok9BNTlr8zllkLmhpMWa7wsAAc0wHwYDVR0jBBgwFoAUP4T67Wy0fhEvJMaw J3pIYicGcsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS1JPTk9T VEVDSC9QNFQ2N1d5MGZoRXZKTWF3SjNwSVlpY0djc28uY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL1A0VDY3V3kwZmhFdkpNYXdKM3BJWWljR2Nzby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0tST05PU1RFQ0gvb2s5Qk5UbHI4 emxsa0xtaHBNV2E3d3NBQWMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAXHAGDANBgkqhkiG9w0BAQsFAAOCAQEAtbzQlUTD8uUn7Cq/NGW5B9PI QU4s1W8GNIJCjuIQ2t+eNVrle9QPIU22/YsIgVORFOt172+2Iyhx5kfVH/umrnm1 BEi83Kvw4+wijnHz/OLvWjKTyin6NSha4wvwoeyBd1TSgNtYzpRp7QL8KEclrn+2 VjJkNsOcHin33raeI+Jhx9U7eOVy7Uu3qzKHF6Vgxrm+45N+j/qaayK7+R0M09Zn bWOHCba5tLVnQrEbxLp3N5vc6u+BRx/4lGlFWekkw1WTQXN4yLI2KjIau6zNNj7p MvtFIm1bQqyL0BupOqU0+i221S1GbPRPvCuxrwBhlEwE1pKGtmNqrF21Jlb7OQ== -----END CERTIFICATE-----Generated at Sat Apr 5 00:02:11 2025 by rpki-client