$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/jgfYg51U3e9y4asxZTdIvIAvseM.roa File: jgfYg51U3e9y4asxZTdIvIAvseM.roa (raw, json) Hash identifier: SD9ZDG+vY5JR9s1cVfPheKzm90+mB/SbI/nXYPe9C+c= Subject key identifier: 8E:07:D8:83:9D:54:DD:EF:72:E1:AB:31:65:37:48:BC:80:2F:B1:E3 Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0D5A Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/jgfYg51U3e9y4asxZTdIvIAvseM.roa Signing time: Mon 10 Feb 2025 14:12:17 +0000 ROA not before: Mon 10 Feb 2025 14:12:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18419 IP address blocks: 150.129.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3418 (0xd5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Feb 10 14:12:17 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8E07D8839D54DDEF72E1AB31653748BC802FB1E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a5:d1:aa:90:1d:fa:c2:d3:ec:3a:c5:54:75: 8d:ef:a6:de:99:ba:5c:89:7f:88:86:b1:a8:a6:6e: 12:62:89:8c:06:06:b3:97:1a:bb:81:84:d9:0c:e8: b7:b1:51:0d:6e:2a:e1:79:be:5c:13:ff:75:2a:d7: 08:25:4b:ce:b4:ee:85:f6:04:1d:db:13:5d:85:f5: b7:0c:07:e7:4e:33:b8:62:ff:9e:0c:00:56:5f:f6: d6:7c:cc:d7:c1:03:7d:ae:52:b4:4e:5c:21:81:e0: e9:cb:02:e0:53:81:78:c5:60:92:fb:53:ba:bf:8b: fe:35:9b:7f:a7:cb:25:d1:9a:12:44:6e:10:ed:62: 37:cc:d4:4e:91:ca:6b:97:d1:70:a1:99:a7:7f:17: 16:d7:bc:07:e8:f6:b5:5c:5a:c4:14:d9:fc:0f:73: 32:de:88:66:12:c5:1f:54:3d:10:34:3d:4f:88:ab: 6d:27:48:18:82:a6:78:94:71:2a:18:63:1f:0d:d9: ad:a2:fa:3b:8b:1d:f4:46:5c:e7:db:ef:ae:9a:15: 70:6f:ed:0f:06:3b:e1:6d:fa:80:c8:43:d3:d2:98: 89:b2:86:34:5e:a6:c3:e6:65:3f:8d:45:ee:18:38: 75:51:ea:05:db:e4:b8:8c:a7:a5:f3:f5:c2:7f:cb: e8:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:07:D8:83:9D:54:DD:EF:72:E1:AB:31:65:37:48:BC:80:2F:B1:E3 X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/jgfYg51U3e9y4asxZTdIvIAvseM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.129.72.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:00:49:36:3d:af:9b:78:47:b9:43:84:79:a0:8a:5b:c0:bf: ee:ff:74:56:57:82:e7:b4:16:01:aa:e4:0f:83:3a:70:a0:8c: 69:cd:e2:d1:f1:71:43:af:06:04:bb:10:5d:c2:3c:5c:38:7a: 86:e0:de:09:09:fe:ab:8b:92:d6:8a:2e:8d:a9:9b:03:d5:79: 67:17:be:6c:54:5d:fb:a3:b7:4b:22:22:1c:a7:37:f9:29:ac: 06:cf:02:65:36:3f:f6:4f:3f:34:75:39:f5:c8:1f:93:2d:3c: 15:13:1f:55:a2:aa:2c:11:7c:bc:70:61:22:15:a5:87:3d:0d: 0b:1a:1d:c6:eb:ae:55:df:a9:42:4e:cf:d8:ac:33:5a:b7:70: 74:27:27:eb:7a:b0:8e:76:e7:55:a7:81:ac:d7:93:d4:13:f3: fa:81:00:72:a1:a1:ac:4a:d4:76:ea:08:93:6c:80:bf:ee:91: 29:76:e3:7f:fc:86:0f:f4:89:d4:0d:43:cd:1f:53:39:90:89: df:ea:1a:d7:d4:43:b8:88:9a:71:36:05:27:ab:c9:56:c3:82: f6:bc:c4:fe:49:76:2b:bf:25:69:15:2b:7e:ec:ec:49:d5:4e: 5a:aa:ca:e1:a6:e2:cb:80:3c:ca:8a:24:27:ea:8a:34:19:f9: 52:bf:2b:81 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx NDEyMTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhFMDdEODgzOUQ1NERE RUY3MkUxQUIzMTY1Mzc0OEJDODAyRkIxRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCypdGqkB36wtPsOsVUdY3vpt6ZulyJf4iGsaimbhJiiYwGBrOX GruBhNkM6LexUQ1uKuF5vlwT/3Uq1wglS8607oX2BB3bE12F9bcMB+dOM7hi/54M AFZf9tZ8zNfBA32uUrROXCGB4OnLAuBTgXjFYJL7U7q/i/41m3+nyyXRmhJEbhDt YjfM1E6RymuX0XChmad/FxbXvAfo9rVcWsQU2fwPczLeiGYSxR9UPRA0PU+Iq20n SBiCpniUcSoYYx8N2a2i+juLHfRGXOfb766aFXBv7Q8GO+Ft+oDIQ9PSmImyhjRe psPmZT+NRe4YOHVR6gXb5LiMp6Xz9cJ/y+jFAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUjgfYg51U3e9y4asxZTdIvIAvseMwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9qZ2ZZZzUxVTNlOXk0YXN4WlRk SXZJQXZzZU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloFI MA0GCSqGSIb3DQEBCwUAA4IBAQBPAEk2Pa+beEe5Q4R5oIpbwL/u/3RWV4LntBYB quQPgzpwoIxpzeLR8XFDrwYEuxBdwjxcOHqG4N4JCf6ri5LWii6NqZsD1XlnF75s VF37o7dLIiIcpzf5KawGzwJlNj/2Tz80dTn1yB+TLTwVEx9VoqosEXy8cGEiFaWH PQ0LGh3G665V36lCTs/YrDNat3B0JyfrerCOdudVp4Gs15PUE/P6gQByoaGsStR2 6giTbIC/7pEpduN//IYP9InUDUPNH1M5kInf6hrX1EO4iJpxNgUnq8lWw4L2vMT+ SXYrvyVpFSt+7OxJ1U5aqsrhpuLLgDzKiiQn6oo0GflSvyuB -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:43 2025 by rpki-client on console.sobornost.net