$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/ktJgcu1hqqX0AvoK9CUDlaSnNcM.roa File: ktJgcu1hqqX0AvoK9CUDlaSnNcM.roa (raw, json) Hash identifier: Mvj+x+lMcfjsdaYCj/LVCWEEMgsZ4KHEHYKs+nO1erg= Subject key identifier: 92:D2:60:72:ED:61:AA:A5:F4:02:FA:0A:F4:25:03:95:A4:A7:35:C3 Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A Certificate serial: 23CF Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/ktJgcu1hqqX0AvoK9CUDlaSnNcM.roa Signing time: Mon 10 Feb 2025 14:17:57 +0000 ROA not before: Mon 10 Feb 2025 14:17:57 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24165 IP address blocks: 114.198.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 22:38:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9167 (0x23cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08469E113701815993013E13E548A2B340E44E0A Validity Not Before: Feb 10 14:17:57 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=92D26072ED61AAA5F402FA0AF4250395A4A735C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:cf:5e:72:30:4b:72:1e:cb:57:24:6e:d5:e2: 8c:63:0b:e2:be:36:13:71:b0:ac:19:5f:f6:da:e5: 23:d4:d6:7a:eb:fc:10:79:78:4e:80:85:83:67:04: 18:16:fe:88:42:57:47:40:e9:63:19:38:4c:79:e5: c6:d6:4f:d4:4f:4d:d3:e2:d8:71:2f:ac:2c:32:22: 88:83:57:e4:fe:ac:a6:a8:91:3f:f6:ca:a9:45:e5: 3c:70:dd:2c:a9:e6:bf:76:27:fa:69:9b:ce:7b:41: d1:fd:34:66:56:9f:9c:9e:f8:3e:f8:bd:43:56:b6: 10:a0:1a:a7:53:30:19:3d:a9:98:b6:ec:0e:16:e1: 75:31:11:be:e4:77:0c:fe:b5:80:47:df:7f:38:40: f7:52:45:a5:ae:ce:bf:ed:d1:c0:05:e1:41:df:49: aa:1a:e2:7c:c8:88:84:e9:67:1c:a4:fd:ba:5f:3d: 24:c0:58:1b:1d:e3:df:89:7f:c7:e7:43:a6:41:2a: 11:71:a1:02:ec:c3:9d:84:ba:2d:a6:2a:41:b2:3f: df:80:62:ee:7d:96:b5:55:e1:e0:96:c1:61:5d:97: 44:27:52:bf:47:b9:c7:0d:d5:41:a5:14:8b:96:dc: 20:65:24:10:f6:b6:1d:34:bf:36:d4:42:0e:f7:fa: f8:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:D2:60:72:ED:61:AA:A5:F4:02:FA:0A:F4:25:03:95:A4:A7:35:C3 X509v3 Authority Key Identifier: keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/ktJgcu1hqqX0AvoK9CUDlaSnNcM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.198.176.0/20 Signature Algorithm: sha256WithRSAEncryption 81:4e:6f:9e:f8:fb:c0:bd:21:53:65:1e:12:89:fa:0d:c7:ee: d3:b7:4e:33:43:11:d5:38:6b:e6:b4:60:5d:7f:1b:3d:4e:ff: 2b:c4:4a:c4:40:20:d5:dc:80:6e:73:c9:1c:0f:15:cc:b7:65: 17:04:b8:98:ce:df:9a:c9:d8:14:78:5a:46:3e:c1:87:d2:44: 3e:f5:22:bf:f1:b6:71:d1:51:7b:86:76:40:83:55:3a:2f:75: 24:79:a6:39:e9:57:30:20:fb:f3:d5:32:c0:54:4b:8c:f9:3f: 34:d7:24:2c:62:e1:57:de:cc:45:12:49:ec:14:b6:a3:1f:1e: 5d:1b:8e:b5:07:4c:66:24:5e:8a:2c:f8:d6:ec:79:e0:7c:63: 53:23:04:8f:77:c4:32:99:d3:12:1f:e6:5d:4a:6a:72:eb:73: 15:a9:8e:07:e1:77:af:07:ca:13:38:05:6f:3f:0f:02:9e:f5: cc:11:57:32:4b:d9:ff:32:5e:a1:91:e3:ad:58:3d:c5:15:50: c1:de:3d:c6:02:aa:4d:d1:c5:aa:18:1a:aa:c8:e6:ba:28:8d: 7e:d2:24:ca:cd:33:4f:3d:9b:7b:9a:0c:e8:69:be:eb:b8:ab: fa:2d:de:4d:c4:37:98:37:d8:ba:f5:2c:c8:19:bf:1d:06:2c: ff:47:28:b2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICI88wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0 NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNTAyMTAx NDE3NTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkyRDI2MDcyRUQ2MUFB QTVGNDAyRkEwQUY0MjUwMzk1QTRBNzM1QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCez15yMEtyHstXJG7V4oxjC+K+NhNxsKwZX/ba5SPU1nrr/BB5 eE6AhYNnBBgW/ohCV0dA6WMZOEx55cbWT9RPTdPi2HEvrCwyIoiDV+T+rKaokT/2 yqlF5Txw3Syp5r92J/ppm857QdH9NGZWn5ye+D74vUNWthCgGqdTMBk9qZi27A4W 4XUxEb7kdwz+tYBH3384QPdSRaWuzr/t0cAF4UHfSaoa4nzIiITpZxyk/bpfPSTA WBsd49+Jf8fnQ6ZBKhFxoQLsw52Eui2mKkGyP9+AYu59lrVV4eCWwWFdl0QnUr9H uccN1UGlFIuW3CBlJBD2th00vzbUQg73+vhdAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUktJgcu1hqqX0AvoK9CUDlaSnNcMwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T 5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2t0SmdjdTFocXFYMEF2b0s5 Q1VEbGFTbk5jTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARy xrAwDQYJKoZIhvcNAQELBQADggEBAIFOb574+8C9IVNlHhKJ+g3H7tO3TjNDEdU4 a+a0YF1/Gz1O/yvESsRAINXcgG5zyRwPFcy3ZRcEuJjO35rJ2BR4WkY+wYfSRD71 Ir/xtnHRUXuGdkCDVTovdSR5pjnpVzAg+/PVMsBUS4z5PzTXJCxi4VfezEUSSewU tqMfHl0bjrUHTGYkXoos+NbseeB8Y1MjBI93xDKZ0xIf5l1KanLrcxWpjgfhd68H yhM4BW8/DwKe9cwRVzJL2f8yXqGR461YPcUVUMHePcYCqk3RxaoYGqrI5roojX7S JMrNM089m3uaDOhpvuu4q/ot3k3EN5g32Lr1LMgZvx0GLP9HKLI= -----END CERTIFICATE-----Generated at Thu Apr 17 21:01:05 2025 by rpki-client