$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CMnGAlxBFbO6nkyXB9KnRwk-SAc.roa File: CMnGAlxBFbO6nkyXB9KnRwk-SAc.roa (raw, json) Hash identifier: 1GhsgJw5ZLBuooYGaV740YRQw4KK55fpM/okMQhBZmU= Subject key identifier: 08:C9:C6:02:5C:41:15:B3:BA:9E:4C:97:07:D2:A7:47:09:3E:48:07 Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A Certificate serial: 2434 Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CMnGAlxBFbO6nkyXB9KnRwk-SAc.roa Signing time: Mon 10 Feb 2025 14:18:23 +0000 ROA not before: Mon 10 Feb 2025 14:18:23 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24164 IP address blocks: 49.159.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 18:17:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9268 (0x2434) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08469E113701815993013E13E548A2B340E44E0A Validity Not Before: Feb 10 14:18:23 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=08C9C6025C4115B3BA9E4C9707D2A747093E4807 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b1:1c:04:68:62:e9:e9:cb:e2:bc:43:b5:e9: 4b:c4:92:fd:b5:39:56:90:1e:9e:33:46:1e:43:67: 7b:57:0c:40:c8:3c:4f:72:ac:0c:90:ed:98:d1:03: a0:d0:07:90:43:8e:74:b9:30:2d:75:eb:a0:9a:34: 9c:68:4e:78:21:3a:de:8f:c0:1c:b6:a6:fc:b2:13: 7d:d9:fd:b3:83:6d:8f:f7:a5:55:92:4c:50:6f:4e: 37:81:5a:29:d7:99:59:30:28:ca:9e:98:b9:c0:52: f6:70:71:d8:7e:c2:89:0f:16:05:f1:7a:c2:69:e5: e6:4b:75:37:91:8a:f9:09:8a:9c:29:07:3f:81:bd: 1f:97:03:74:6a:bc:d9:70:17:57:7b:02:2a:7d:ea: 7e:9f:4f:0c:db:af:19:51:ba:86:93:db:f8:4d:e6: 60:ad:08:5a:94:f9:ce:ac:d3:74:7e:bc:7c:27:03: bd:cd:b4:d2:ca:30:39:3d:64:57:a4:7c:36:fc:96: 9e:a9:02:8c:14:aa:bf:f7:86:28:0a:38:a8:73:4d: 95:c1:4d:7b:81:ec:09:4c:5d:88:be:ec:3b:ad:28: 10:b1:55:b8:3c:b2:e5:c8:f9:ff:67:74:82:da:01: 5d:6d:5d:81:91:fb:54:be:bd:bb:51:26:89:39:57: d2:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:C9:C6:02:5C:41:15:B3:BA:9E:4C:97:07:D2:A7:47:09:3E:48:07 X509v3 Authority Key Identifier: keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CMnGAlxBFbO6nkyXB9KnRwk-SAc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.159.232.0/21 Signature Algorithm: sha256WithRSAEncryption 68:75:a4:ed:a0:94:69:36:dd:71:64:08:c4:d6:cc:24:bd:a1: 1a:58:8f:38:d3:94:89:89:5c:bc:0d:5d:9c:38:60:83:21:7e: dc:52:46:60:ec:50:8e:80:31:9f:0b:0c:91:e3:ff:69:6e:cf: a2:7f:ec:14:ce:77:49:aa:9e:46:57:f7:7e:d8:37:80:ad:c2: 03:d4:44:36:41:a0:1c:02:65:37:9d:9b:40:34:af:3a:a1:51: 71:fd:09:51:69:4e:35:1b:8e:b3:17:9b:53:1f:f9:1e:f5:b0: 8d:3c:ad:e1:3c:7c:80:d3:c6:4e:f2:61:e3:0e:18:10:1a:1b: 74:27:ce:13:81:b7:77:04:41:69:17:9b:d4:1f:a4:cd:1b:1a: ca:71:92:76:be:97:29:39:df:2f:cd:35:38:9f:3b:de:16:6e: bb:44:f8:63:84:83:3a:4e:35:9c:d5:72:d8:1f:ac:82:ff:d7: 2c:05:1a:57:72:0a:4d:3f:c4:30:c8:8c:b3:4b:34:01:3c:0f: 1f:eb:61:47:37:d4:0b:43:f8:59:48:ff:60:fd:76:cf:93:4e: 81:0c:87:ae:bb:50:b9:b7:73:d7:92:66:de:ed:b4:e9:be:09: 57:25:eb:f1:fc:d7:85:f2:0d:11:e6:95:77:cb:f3:7f:1d:9d: 80:a6:58:1e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICJDQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0 NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNTAyMTAx NDE4MjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4QzlDNjAyNUM0MTE1 QjNCQTlFNEM5NzA3RDJBNzQ3MDkzRTQ4MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAsRwEaGLp6cvivEO16UvEkv21OVaQHp4zRh5DZ3tXDEDIPE9y rAyQ7ZjRA6DQB5BDjnS5MC1166CaNJxoTnghOt6PwBy2pvyyE33Z/bODbY/3pVWS TFBvTjeBWinXmVkwKMqemLnAUvZwcdh+wokPFgXxesJp5eZLdTeRivkJipwpBz+B vR+XA3RqvNlwF1d7Aip96n6fTwzbrxlRuoaT2/hN5mCtCFqU+c6s03R+vHwnA73N tNLKMDk9ZFekfDb8lp6pAowUqr/3higKOKhzTZXBTXuB7AlMXYi+7DutKBCxVbg8 suXI+f9ndILaAV1tXYGR+1S+vbtRJok5V9KZAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUCMnGAlxBFbO6nkyXB9KnRwk+SAcwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T 5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL0NNbkdBbHhCRmJPNm5reVhC OUtuUndrLVNBYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx n+gwDQYJKoZIhvcNAQELBQADggEBAGh1pO2glGk23XFkCMTWzCS9oRpYjzjTlImJ XLwNXZw4YIMhftxSRmDsUI6AMZ8LDJHj/2luz6J/7BTOd0mqnkZX937YN4CtwgPU RDZBoBwCZTedm0A0rzqhUXH9CVFpTjUbjrMXm1Mf+R71sI08reE8fIDTxk7yYeMO GBAaG3QnzhOBt3cEQWkXm9QfpM0bGspxkna+lyk53y/NNTifO94WbrtE+GOEgzpO NZzVctgfrIL/1ywFGldyCk0/xDDIjLNLNAE8Dx/rYUc31AtD+FlI/2D9ds+TToEM h667ULm3c9eSZt7ttOm+CVcl6/H814XyDRHmlXfL838dnYCmWB4= -----END CERTIFICATE-----Generated at Fri Apr 18 16:40:08 2025 by rpki-client