$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/xfjFkkBPzAyUEcspnbwh0W9UvWY.roa File: xfjFkkBPzAyUEcspnbwh0W9UvWY.roa (raw, json) Hash identifier: EwwusAdzqu+9KZ3zwSn//pIOZD/Ic/ut/hDcDdczyLI= Subject key identifier: C5:F8:C5:92:40:4F:CC:0C:94:11:CB:29:9D:BC:21:D1:6F:54:BD:66 Certificate issuer: /CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0 Certificate serial: 0458 Authority key identifier: 42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/xfjFkkBPzAyUEcspnbwh0W9UvWY.roa Signing time: Mon 10 Feb 2025 13:57:40 +0000 ROA not before: Mon 10 Feb 2025 13:57:40 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 63909 IP address blocks: 160.25.221.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 05:36:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1112 (0x458) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0 Validity Not Before: Feb 10 13:57:40 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C5F8C592404FCC0C9411CB299DBC21D16F54BD66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c2:2c:a3:d1:87:b8:9c:11:c2:a8:4e:7d:a6: f7:26:90:27:3e:a7:69:bb:b1:01:10:93:4e:c5:3d: d7:34:46:90:77:6b:a3:f8:be:cc:c5:b3:58:bc:ce: 0f:e0:a7:7d:ec:da:bc:12:1b:b8:f9:7a:d6:43:85: 05:b0:79:2a:b7:fe:df:9f:94:16:bf:e7:df:17:21: a5:ac:ef:2c:1a:77:fb:4a:e6:74:5c:cf:18:8f:81: bd:1b:88:7e:be:19:0a:fd:70:c8:55:1e:72:bd:09: 92:8c:9d:98:8d:76:79:ad:ee:ff:0a:e9:77:20:53: 5a:a8:a3:c5:85:e1:a2:4c:8c:7f:95:b4:69:bf:ab: 37:ef:32:94:09:17:c2:f6:d0:68:8f:2b:82:a6:ab: 47:d3:36:29:92:62:55:bb:65:b6:49:47:7c:ca:d0: f6:85:fd:ec:7d:3b:42:ba:75:d0:30:cd:89:77:c0: a9:82:94:e3:9b:44:86:06:93:f5:d5:63:a4:07:80: 55:21:f6:36:8c:95:64:48:55:17:4b:a7:38:83:96: 8c:c4:97:14:8f:44:bb:9b:a6:d5:65:59:08:bd:72: ae:5a:b9:27:8d:3c:bb:fe:ea:cd:d0:89:20:b3:53: f2:9b:9f:e7:4e:81:21:18:81:f0:f2:83:f9:d2:76: 80:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F8:C5:92:40:4F:CC:0C:94:11:CB:29:9D:BC:21:D1:6F:54:BD:66 X509v3 Authority Key Identifier: keyid:42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/xfjFkkBPzAyUEcspnbwh0W9UvWY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.25.221.0/24 Signature Algorithm: sha256WithRSAEncryption 50:4e:9f:69:56:78:21:98:ee:ee:79:99:b1:c1:16:3c:74:0e: ff:8c:20:ef:fb:27:80:38:cb:ac:fd:be:ea:04:9c:51:17:2b: e8:06:c4:5f:dd:e8:e4:42:ee:2a:70:b8:46:b0:8f:3e:09:37: 38:5e:52:01:b7:5a:73:ba:28:d5:39:bd:d3:1e:50:7b:fa:08: 3a:54:f3:1a:21:eb:8a:7f:f0:20:5f:12:5e:c4:ea:08:0b:71: 9b:69:d2:4f:6c:f4:7f:12:d9:e0:ec:3a:c3:4b:5e:a6:cb:ba: 8d:ef:73:70:41:bb:8b:a0:10:6f:42:e0:b4:4e:b4:99:cd:1d: 1c:24:21:99:4f:b6:46:c4:fd:de:23:4a:a1:96:62:23:63:1f: 53:9d:26:27:40:a6:3d:61:e8:52:59:02:71:e1:5e:20:92:f5: 25:86:ff:13:61:ef:fc:dd:9c:8c:07:ea:c5:92:49:16:a1:2b: d9:a1:5a:78:25:ec:13:a1:54:6b:0c:71:03:c7:97:1d:f2:7b: d0:26:0e:b3:63:bb:40:b0:8c:08:5f:f4:8a:96:6f:d5:a6:78: 3b:4f:87:53:8e:29:57:f5:45:e0:41:65:36:d9:df:0c:de:cc: 35:c8:f3:8a:6f:84:f4:ca:04:87:78:a8:18:49:b6:34:89:8d: 7f:56:0a:f0 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICBFgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDIy RTdDOTVEODdERTlBRUVCMjEyQTBDNENDQjAxNzRFNjVDQTVEMDAeFw0yNTAyMTAx MzU3NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM1RjhDNTkyNDA0RkND MEM5NDExQ0IyOTlEQkMyMUQxNkY1NEJENjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6wiyj0Ye4nBHCqE59pvcmkCc+p2m7sQEQk07FPdc0RpB3a6P4 vszFs1i8zg/gp33s2rwSG7j5etZDhQWweSq3/t+flBa/598XIaWs7ywad/tK5nRc zxiPgb0biH6+GQr9cMhVHnK9CZKMnZiNdnmt7v8K6XcgU1qoo8WF4aJMjH+VtGm/ qzfvMpQJF8L20GiPK4Kmq0fTNimSYlW7ZbZJR3zK0PaF/ex9O0K6ddAwzYl3wKmC lOObRIYGk/XVY6QHgFUh9jaMlWRIVRdLpziDlozElxSPRLubptVlWQi9cq5auSeN PLv+6s3QiSCzU/Kbn+dOgSEYgfDyg/nSdoBFAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUxfjFkkBPzAyUEcspnbwh0W9UvWYwHwYDVR0jBBgwFoAUQi58ldh96a7rISoM TMsBdOZcpdAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0tJUFRF Q0gvUWk1OGxkaDk2YTdySVNvTVRNc0JkT1pjcGRBLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9RaTU4bGRoOTZhN3JJU29NVE1zQmRPWmNwZEEuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TS0lQVEVDSC94ZmpGa2tCUHpBeVVF Y3NwbmJ3aDBXOVV2V1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAoBndMA0GCSqGSIb3DQEBCwUAA4IBAQBQTp9pVnghmO7ueZmxwRY8dA7/jCDv +yeAOMus/b7qBJxRFyvoBsRf3ejkQu4qcLhGsI8+CTc4XlIBt1pzuijVOb3THlB7 +gg6VPMaIeuKf/AgXxJexOoIC3GbadJPbPR/Etng7DrDS16my7qN73NwQbuLoBBv QuC0TrSZzR0cJCGZT7ZGxP3eI0qhlmIjYx9TnSYnQKY9YehSWQJx4V4gkvUlhv8T Ye/83ZyMB+rFkkkWoSvZoVp4JewToVRrDHEDx5cd8nvQJg6zY7tAsIwIX/SKlm/V png7T4dTjilX9UXgQWU22d8M3sw1yPOKb4T0ygSHeKgYSbY0iY1/Vgrw -----END CERTIFICATE-----Generated at Mon Apr 7 02:05:28 2025 by rpki-client