$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/cS-04cQPLephKphOnVfz1geMx0o.roa File: cS-04cQPLephKphOnVfz1geMx0o.roa (raw, json) Hash identifier: IU4f9lpN9NvvQKMAweGLxBVPgLMy1JssOAa/e+tvQHI= Subject key identifier: 71:2F:B4:E1:C4:0F:2D:EA:61:2A:98:4E:9D:57:F3:D6:07:8C:C7:4A Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0DEF Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/cS-04cQPLephKphOnVfz1geMx0o.roa Signing time: Mon 10 Feb 2025 13:59:15 +0000 ROA not before: Mon 10 Feb 2025 13:59:15 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18049 IP address blocks: 61.61.56.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 21:19:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3567 (0xdef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Feb 10 13:59:15 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=712FB4E1C40F2DEA612A984E9D57F3D6078CC74A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:c6:b0:42:e4:28:31:a8:b2:05:db:59:b8:c7: c9:3a:7e:64:90:b0:e9:c3:6b:26:47:f2:ba:23:48: b9:80:fe:78:6a:86:7a:29:e4:93:56:a9:02:32:54: 31:b1:73:22:13:12:25:78:23:1b:44:ea:30:5c:cc: 79:37:06:60:de:ef:58:aa:f2:d4:93:0d:79:31:a1: 1c:42:be:83:1f:98:24:a0:82:29:9f:a1:8c:3c:71: a1:3d:d4:29:e8:e8:02:1c:51:98:bf:da:6b:38:e9: 4f:47:3c:b0:5e:75:4e:bd:90:ef:fb:e2:0c:2c:b2: ea:72:6d:b9:cf:84:c3:84:c8:45:11:d1:5b:c8:48: 76:92:14:f9:9e:17:41:af:58:d7:2a:35:5d:71:95: 94:da:ca:d3:df:4d:49:7a:67:36:cc:51:f2:12:9f: e1:e7:91:b3:0e:16:45:3e:1f:47:13:48:4d:e4:5c: c8:18:dc:c3:29:e3:9e:11:9b:5a:94:db:9b:1c:2f: 5a:77:60:fc:64:4f:7b:f3:b1:8e:05:a6:51:ff:19: 7e:a4:24:ab:0e:e5:61:11:ee:ca:a2:76:15:4a:91: aa:12:7e:1e:ad:a2:76:48:1d:32:26:14:f0:54:e1: 0d:b7:22:2b:79:4b:93:7e:45:7d:3e:f0:f9:c4:bc: d8:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:2F:B4:E1:C4:0F:2D:EA:61:2A:98:4E:9D:57:F3:D6:07:8C:C7:4A X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/cS-04cQPLephKphOnVfz1geMx0o.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.56.0/22 Signature Algorithm: sha256WithRSAEncryption 5c:12:8f:27:04:51:3a:52:d8:3e:4e:22:4e:d5:e8:bf:4c:d4: 48:b0:f3:78:41:2c:0c:1f:e7:d3:fd:8d:75:f7:5d:d0:f8:cc: 17:24:a6:3f:49:d5:4b:89:c4:1a:ba:a9:ba:33:32:40:74:51: 26:84:05:c1:92:59:c5:32:71:50:59:4e:5e:67:a9:3c:92:39: 0b:99:de:59:0a:f4:59:b7:c1:5a:35:39:36:2d:4d:0f:3f:95: 11:ca:fb:3c:c7:a3:71:09:b2:f7:59:54:74:f1:d3:dd:98:c1: b8:21:7c:42:a6:41:24:06:94:6b:44:ee:2e:92:db:1f:50:ba: 8d:48:41:6d:b2:16:0f:75:4e:4d:68:43:76:f8:1a:99:e0:d5: 37:23:b9:08:0d:24:1a:83:59:e6:58:69:d2:16:b8:e2:3f:15: 9f:d1:35:62:2a:37:63:ae:ac:62:c5:a8:92:05:35:71:17:ce: f7:45:6d:50:28:be:58:9f:18:64:ef:94:5b:de:8b:23:f5:33: b3:a9:24:84:ed:4f:f1:4d:64:85:8d:ab:c8:87:b5:41:f8:a7: 66:18:09:1b:28:15:fb:ae:05:f8:d6:6b:b9:ac:63:ae:07:49: 4b:46:59:97:7a:3e:13:38:60:e8:0e:6a:0b:94:48:56:99:4e: 9c:99:2f:ec -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx MzU5MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcxMkZCNEUxQzQwRjJE RUE2MTJBOTg0RTlENTdGM0Q2MDc4Q0M3NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKxrBC5CgxqLIF21m4x8k6fmSQsOnDayZH8rojSLmA/nhqhnop 5JNWqQIyVDGxcyITEiV4IxtE6jBczHk3BmDe71iq8tSTDXkxoRxCvoMfmCSggimf oYw8caE91Cno6AIcUZi/2ms46U9HPLBedU69kO/74gwssupybbnPhMOEyEUR0VvI SHaSFPmeF0GvWNcqNV1xlZTaytPfTUl6ZzbMUfISn+HnkbMOFkU+H0cTSE3kXMgY 3MMp454Rm1qU25scL1p3YPxkT3vzsY4FplH/GX6kJKsO5WER7sqidhVKkaoSfh6t onZIHTImFPBU4Q23Iit5S5N+RX0+8PnEvNgDAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUcS+04cQPLephKphOnVfz1geMx0owHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2NTLTA0Y1FQTGVwaEtwaE9uVmZ6MWdl TXgwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PTgwDQYJ KoZIhvcNAQELBQADggEBAFwSjycEUTpS2D5OIk7V6L9M1Eiw83hBLAwf59P9jXX3 XdD4zBckpj9J1UuJxBq6qbozMkB0USaEBcGSWcUycVBZTl5nqTySOQuZ3lkK9Fm3 wVo1OTYtTQ8/lRHK+zzHo3EJsvdZVHTx092YwbghfEKmQSQGlGtE7i6S2x9Quo1I QW2yFg91Tk1oQ3b4Gpng1TcjuQgNJBqDWeZYadIWuOI/FZ/RNWIqN2OurGLFqJIF NXEXzvdFbVAovlifGGTvlFveiyP1M7OpJITtT/FNZIWNq8iHtUH4p2YYCRsoFfuu BfjWa7msY64HSUtGWZd6PhM4YOgOaguUSFaZTpyZL+w= -----END CERTIFICATE-----Generated at Sat Apr 26 20:15:16 2025 by rpki-client