$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/hi4e1zVzsRGKmbhSESfPV2tM-58.roa File: hi4e1zVzsRGKmbhSESfPV2tM-58.roa (raw, json) Hash identifier: e1cHrs7TQFemHN8c/Uwo/nwqAH2mbP76IyN086CTtio= Subject key identifier: 86:2E:1E:D7:35:73:B1:11:8A:99:B8:52:11:27:CF:57:6B:4C:FB:9F Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0E02 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/hi4e1zVzsRGKmbhSESfPV2tM-58.roa Signing time: Mon 10 Feb 2025 13:59:19 +0000 ROA not before: Mon 10 Feb 2025 13:59:19 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9919 IP address blocks: 61.61.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:49:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3586 (0xe02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Feb 10 13:59:19 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=862E1ED73573B1118A99B8521127CF576B4CFB9F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:38:31:cb:1c:c2:25:4d:a0:89:d4:5f:87:f7: ed:09:e3:57:df:ac:3c:2c:9b:f3:aa:92:5e:54:72: ae:ef:48:eb:a4:4d:55:7f:19:28:5f:b1:71:6f:b4: ff:80:8d:ce:93:8e:b3:bb:82:3b:f5:65:0a:09:ab: dd:68:85:83:c5:6e:b2:82:d3:d5:40:4a:c2:47:60: fe:1e:f5:12:c3:74:a1:b6:29:7e:9c:11:52:32:ff: b6:98:2e:56:a3:38:77:53:15:87:08:18:7f:cf:44: 7e:b8:1f:21:50:f2:12:e7:70:d5:6b:89:84:f9:b9: bb:cd:b1:da:ae:c6:5e:4b:ad:01:fe:aa:e5:31:09: 93:32:33:1e:66:d5:61:58:8d:d8:d0:91:d9:96:ca: a4:cb:ea:ee:2d:a6:10:aa:d0:e0:da:b7:a8:76:07: f8:de:9a:61:55:44:30:3a:53:f0:dd:97:e0:5d:f8: a6:c2:a2:25:51:ca:c8:b5:4c:fa:24:4b:04:52:33: a6:fe:fd:3a:92:0e:d8:d2:4a:13:3c:5d:32:32:f1: cb:65:10:f4:af:a9:24:91:bf:a6:f3:da:67:19:6f: e9:5d:36:98:6e:0e:7d:cd:ee:65:5e:76:4b:1e:3d: f9:e9:36:fb:a5:d9:78:6e:e4:cb:6f:d3:8c:18:fb: 98:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:2E:1E:D7:35:73:B1:11:8A:99:B8:52:11:27:CF:57:6B:4C:FB:9F X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/hi4e1zVzsRGKmbhSESfPV2tM-58.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.128.0/18 Signature Algorithm: sha256WithRSAEncryption 3d:91:e6:76:ce:9f:59:dc:9b:36:e3:61:29:6f:5e:fb:d1:85: 43:5f:3e:68:70:2b:0f:68:c4:15:fa:a4:00:ba:9d:10:0d:27: 36:2b:da:57:c3:80:ec:65:e4:dd:8e:09:a5:2a:86:ee:df:9d: 7e:b0:93:41:c4:d2:ec:78:fa:21:7f:84:8c:74:12:44:81:c9: ed:da:83:58:e3:3c:4b:20:92:48:34:5a:1c:36:95:48:71:b0: f5:81:c2:83:29:cb:0b:ff:6e:31:d5:84:b5:d7:16:ad:49:de: 8e:d9:4c:3d:e1:67:4a:02:8b:09:8d:a1:7a:32:59:e5:07:4e: b3:d0:21:aa:5a:92:ab:3d:c5:c5:b1:51:54:65:50:b9:b6:f9: 25:e8:84:b5:65:59:21:d0:d1:25:e5:3e:0b:50:24:e6:89:51: ca:b1:b8:a5:52:1a:93:30:fe:e8:61:29:f1:c4:55:be:7c:8c: 4a:3a:94:f5:a2:42:3a:c1:1a:d8:a4:b1:90:82:bf:83:b1:bc: b8:13:28:97:99:7b:d5:81:07:2e:b0:36:d4:27:f1:42:70:d6: 8c:5f:1c:d8:a5:d1:2f:dc:fc:e1:a5:3a:b6:ab:e0:97:1f:bc: 15:cf:30:29:ea:11:e0:c0:20:9b:a3:f3:c7:a8:67:33:09:ab: 8e:87:de:2b -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDgIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx MzU5MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg2MkUxRUQ3MzU3M0Ix MTE4QTk5Qjg1MjExMjdDRjU3NkI0Q0ZCOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMODHLHMIlTaCJ1F+H9+0J41ffrDwsm/Oqkl5Ucq7vSOukTVV/ GShfsXFvtP+Ajc6TjrO7gjv1ZQoJq91ohYPFbrKC09VASsJHYP4e9RLDdKG2KX6c EVIy/7aYLlajOHdTFYcIGH/PRH64HyFQ8hLncNVriYT5ubvNsdquxl5LrQH+quUx CZMyMx5m1WFYjdjQkdmWyqTL6u4tphCq0ODat6h2B/jemmFVRDA6U/Ddl+Bd+KbC oiVRysi1TPokSwRSM6b+/TqSDtjSShM8XTIy8ctlEPSvqSSRv6bz2mcZb+ldNphu Dn3N7mVedksePfnpNvul2Xhu5Mtv04wY+5inAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUhi4e1zVzsRGKmbhSESfPV2tM+58wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2hpNGUxelZ6c1JHS21iaFNFU2ZQVjJ0 TS01OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAY9PYAwDQYJ KoZIhvcNAQELBQADggEBAD2R5nbOn1ncmzbjYSlvXvvRhUNfPmhwKw9oxBX6pAC6 nRANJzYr2lfDgOxl5N2OCaUqhu7fnX6wk0HE0ux4+iF/hIx0EkSBye3ag1jjPEsg kkg0Whw2lUhxsPWBwoMpywv/bjHVhLXXFq1J3o7ZTD3hZ0oCiwmNoXoyWeUHTrPQ Iapakqs9xcWxUVRlULm2+SXohLVlWSHQ0SXlPgtQJOaJUcqxuKVSGpMw/uhhKfHE Vb58jEo6lPWiQjrBGtiksZCCv4OxvLgTKJeZe9WBBy6wNtQn8UJw1oxfHNil0S/c /OGlOrar4JcfvBXPMCnqEeDAIJuj88eoZzMJq46H3is= -----END CERTIFICATE-----Generated at Sat Apr 26 14:42:25 2025 by rpki-client