$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KRu_I9cGCmDZtTbqERXQhPRnKdI.roa File: KRu_I9cGCmDZtTbqERXQhPRnKdI.roa (raw, json) Hash identifier: 5p9x9kzeH2QCL9Df+1nKajpjXEDVPJb8MWM7YSqVLUk= Subject key identifier: 29:1B:BF:23:D7:06:0A:60:D9:B5:36:EA:11:15:D0:84:F4:67:29:D2 Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 13FE Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KRu_I9cGCmDZtTbqERXQhPRnKdI.roa Signing time: Wed 02 Apr 2025 14:38:44 +0000 ROA not before: Wed 02 Apr 2025 14:38:44 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18248 IP address blocks: 119.75.246.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5118 (0x13fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Apr 2 14:38:44 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=291BBF23D7060A60D9B536EA1115D084F46729D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:73:3e:5f:ce:50:4b:33:80:ec:4d:cc:21:02: d5:a4:a4:d2:39:71:f0:47:75:47:91:43:ed:e7:5a: 3a:36:18:80:2d:8a:bf:3e:61:08:72:c6:64:8d:92: c6:3f:9a:af:cd:ec:d6:8a:a5:58:f2:cf:c6:90:58: e6:b6:09:ac:7f:80:84:26:d7:79:4b:91:d7:af:fb: e7:8d:5e:4a:c7:14:00:7f:a5:f5:14:4c:98:ee:0e: 17:31:f8:6b:87:f2:e0:36:9f:7d:11:46:fb:bf:7c: 5a:e1:b4:d9:c5:23:49:ac:f3:73:10:1c:76:64:f5: 4e:c8:d6:ba:77:3e:b5:4d:f5:27:f2:26:46:1b:cc: 5e:4b:9f:01:ed:46:44:8b:04:69:27:7f:4d:92:70: 30:38:f0:53:83:d5:e7:17:89:3c:ae:0e:fb:9f:df: 04:a9:f0:f3:5d:c9:b6:65:88:87:32:b6:01:b8:95: 80:31:7e:91:fb:78:6c:8c:2f:f2:a9:32:f3:04:0c: 9a:c0:61:42:4c:19:5a:36:cf:46:1b:76:86:62:4e: 26:93:5e:fd:27:ff:0a:b4:a3:6d:6a:a6:31:59:c7: 20:30:6b:d8:08:93:4f:c0:0b:4e:73:84:55:9c:68: d9:cd:20:22:9b:ef:b9:72:dc:d3:c5:ef:a0:02:dd: 95:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:1B:BF:23:D7:06:0A:60:D9:B5:36:EA:11:15:D0:84:F4:67:29:D2 X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KRu_I9cGCmDZtTbqERXQhPRnKdI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.75.246.0/23 Signature Algorithm: sha256WithRSAEncryption 34:33:fc:5d:9a:7d:4e:ee:70:d1:99:ae:4b:4d:bf:e2:bc:8d: 63:ec:10:e2:20:61:8c:81:10:5a:2b:6f:78:5f:25:99:e1:f6: a4:c6:bc:80:e7:53:df:b3:88:56:9b:30:c5:d6:0e:b9:f5:03: 1b:dc:16:2d:83:20:8d:0b:71:9a:ea:cd:82:0d:fa:d3:58:03: d0:f5:4d:32:86:a9:93:82:5f:b7:5f:ca:a8:4d:d9:26:57:a7: 8a:9c:b1:c6:02:95:0a:88:39:98:5a:75:e0:22:23:63:71:f8: 44:a3:d7:b4:0b:f0:47:26:26:6c:9d:8d:02:ab:85:f3:ea:4c: 18:f5:c7:ad:47:ec:4a:a0:2e:32:4c:e7:a6:d6:77:fc:53:56: 8b:d6:c1:2e:37:9c:ce:b2:63:00:7e:be:52:ec:df:94:7f:cf: 3e:99:65:ae:67:8d:fa:02:ec:e8:de:6b:63:d5:2f:09:22:e7: e0:20:31:e7:9f:09:43:45:47:a2:27:5f:14:62:8c:26:56:1b: ce:94:52:12:78:de:33:71:d5:95:7f:68:b5:8f:2b:4a:43:6b: 3c:1d:ed:3b:f3:23:12:54:32:ff:5b:27:26:48:37:ab:e1:f3: 68:b1:38:d8:98:b2:39:c1:e3:d6:04:1a:1b:1d:07:5b:b1:f3: 46:9d:76:78 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICE/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTA0MDIx NDM4NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5MUJCRjIzRDcwNjBB NjBEOUI1MzZFQTExMTVEMDg0RjQ2NzI5RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDxcz5fzlBLM4DsTcwhAtWkpNI5cfBHdUeRQ+3nWjo2GIAtir8+ YQhyxmSNksY/mq/N7NaKpVjyz8aQWOa2Cax/gIQm13lLkdev++eNXkrHFAB/pfUU TJjuDhcx+GuH8uA2n30RRvu/fFrhtNnFI0ms83MQHHZk9U7I1rp3PrVN9SfyJkYb zF5LnwHtRkSLBGknf02ScDA48FOD1ecXiTyuDvuf3wSp8PNdybZliIcytgG4lYAx fpH7eGyML/KpMvMEDJrAYUJMGVo2z0YbdoZiTiaTXv0n/wq0o21qpjFZxyAwa9gI k0/AC05zhFWcaNnNICKb77ly3NPF76AC3ZWVAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUKRu/I9cGCmDZtTbqERXQhPRnKdIwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9LUnVfSTljR0NtRFp0VGJxRVJY UWhQUm5LZEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBd0v2 MA0GCSqGSIb3DQEBCwUAA4IBAQA0M/xdmn1O7nDRma5LTb/ivI1j7BDiIGGMgRBa K294XyWZ4fakxryA51Pfs4hWmzDF1g659QMb3BYtgyCNC3Ga6s2CDfrTWAPQ9U0y hqmTgl+3X8qoTdkmV6eKnLHGApUKiDmYWnXgIiNjcfhEo9e0C/BHJiZsnY0Cq4Xz 6kwY9cetR+xKoC4yTOem1nf8U1aL1sEuN5zOsmMAfr5S7N+Uf88+mWWuZ436Auzo 3mtj1S8JIufgIDHnnwlDRUeiJ18UYowmVhvOlFISeN4zcdWVf2i1jytKQ2s8He07 8yMSVDL/WycmSDer4fNosTjYmLI5wePWBBobHQdbsfNGnXZ4 -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:53 2025 by rpki-client on console.sobornost.net