$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/CRO-f0LFpIWdQTkTSKZmKAkiXLA.roa File: CRO-f0LFpIWdQTkTSKZmKAkiXLA.roa (raw, json) Hash identifier: CXxRuYxp2EZPdGSoXLPmLIxRKWegHNmrNHhXDo9noVE= Subject key identifier: 09:13:BE:7F:42:C5:A4:85:9D:41:39:13:48:A6:66:28:09:22:5C:B0 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F1F Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/CRO-f0LFpIWdQTkTSKZmKAkiXLA.roa Signing time: Fri 22 Aug 2025 09:03:48 +0000 ROA not before: Fri 22 Aug 2025 09:03:48 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131627 IP address blocks: 61.61.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3871 (0xf1f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:48 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0913BE7F42C5A4859D41391348A6662809225CB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4f:bd:0c:b7:77:72:cf:40:16:df:37:5d:35: c8:27:75:8d:b9:6d:4d:36:bb:af:fb:1a:64:88:1c: 11:41:0b:be:be:ab:c5:7d:b3:35:6b:81:cd:86:a8: 7d:a6:43:26:7b:51:4f:24:83:61:d0:83:a3:4e:f8: f0:33:d9:6d:d6:a6:09:b4:46:a2:2d:de:65:e9:69: e4:43:7d:e4:86:19:65:e9:17:54:00:68:10:1d:17: c8:41:c7:42:1b:d6:6d:6e:49:cd:dd:59:dc:d3:6b: 80:0b:b8:1f:90:3f:c2:cd:fe:03:19:23:af:64:b8: fe:e1:52:40:e2:86:ad:d5:7a:76:fd:b3:5e:5f:3a: 2b:77:dc:6c:42:a9:ea:c8:85:eb:50:75:29:da:ac: 18:1b:c1:9b:14:9c:e6:f3:85:98:e5:31:10:9a:45: 3f:db:19:8e:78:8f:75:47:73:0b:46:95:db:6a:f7: ad:8d:fa:30:ca:fe:0c:5f:f6:80:bd:9a:6c:f8:b0: c2:62:b8:35:41:3e:e0:fc:f0:dd:8e:0e:8c:c9:78: 5e:f1:b7:f6:6e:32:49:2a:90:18:a2:f5:5c:4b:ef: 92:5c:6e:06:aa:b2:45:fc:2d:e8:93:f7:08:67:4d: 2a:50:43:ec:41:5b:72:be:cb:c6:ec:d0:d5:03:c6: bc:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:13:BE:7F:42:C5:A4:85:9D:41:39:13:48:A6:66:28:09:22:5C:B0 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/CRO-f0LFpIWdQTkTSKZmKAkiXLA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.70.0/24 Signature Algorithm: sha256WithRSAEncryption 06:fa:4e:9d:69:de:cf:ea:e7:18:e5:e8:72:ca:01:82:be:a0: a8:a5:6b:be:a2:00:0c:a0:7b:da:38:b1:f0:e5:d0:9d:95:7b: c0:28:c8:e2:74:7f:3c:e3:4a:bf:83:61:19:78:fd:04:d0:be: e4:26:3a:d5:4e:71:e5:bf:ca:b2:18:c8:a2:10:66:5d:65:cc: f7:8b:d2:1a:d2:65:3f:dd:74:fe:6e:dd:c5:6e:cd:0c:9d:72: 5d:9f:fd:50:4f:b6:77:94:d2:3b:ff:fb:6b:01:6e:75:b6:e1: ae:4e:f4:5d:b0:90:99:3f:b6:77:e4:a1:7d:7f:7c:22:0c:9a: b5:c7:b6:ad:41:60:dd:83:ef:74:e0:b9:50:a5:bc:6e:41:0d: 9f:3e:ee:38:94:56:ab:1c:53:db:74:52:1d:d3:6b:c3:cf:9e: a3:05:c4:f1:ba:83:1b:3d:d2:77:d4:c8:4e:81:1f:5a:65:e0: 00:da:37:73:96:36:99:a7:86:63:9e:e5:4a:50:9f:86:6f:ff: 8c:61:56:bb:cd:07:0b:ee:a1:5a:52:b8:6b:5c:61:f7:be:06: 40:3e:11:b0:1d:d4:b5:91:68:f0:16:fd:d1:93:cf:f6:b9:80: 8a:76:86:8f:2f:73:ca:a7:47:a7:50:de:98:f6:4d:6b:c3:3e: 43:9a:70:30 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDx8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNDhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA5MTNCRTdGNDJDNUE0 ODU5RDQxMzkxMzQ4QTY2NjI4MDkyMjVDQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPT70Mt3dyz0AW3zddNcgndY25bU02u6/7GmSIHBFBC76+q8V9 szVrgc2GqH2mQyZ7UU8kg2HQg6NO+PAz2W3Wpgm0RqIt3mXpaeRDfeSGGWXpF1QA aBAdF8hBx0Ib1m1uSc3dWdzTa4ALuB+QP8LN/gMZI69kuP7hUkDihq3Venb9s15f Oit33GxCqerIhetQdSnarBgbwZsUnObzhZjlMRCaRT/bGY54j3VHcwtGldtq962N +jDK/gxf9oC9mmz4sMJiuDVBPuD88N2ODozJeF7xt/ZuMkkqkBii9VxL75Jcbgaq skX8LeiT9whnTSpQQ+xBW3K+y8bs0NUDxrz1AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUCRO+f0LFpIWdQTkTSKZmKAkiXLAwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL0NSTy1mMExGcElXZFFUa1RTS1ptS0Fr aVhMQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PUYwDQYJ KoZIhvcNAQELBQADggEBAAb6Tp1p3s/q5xjl6HLKAYK+oKila76iAAyge9o4sfDl 0J2Ve8AoyOJ0fzzjSr+DYRl4/QTQvuQmOtVOceW/yrIYyKIQZl1lzPeL0hrSZT/d dP5u3cVuzQydcl2f/VBPtneU0jv/+2sBbnW24a5O9F2wkJk/tnfkoX1/fCIMmrXH tq1BYN2D73TguVClvG5BDZ8+7jiUVqscU9t0Uh3Ta8PPnqMFxPG6gxs90nfUyE6B H1pl4ADaN3OWNpmnhmOe5UpQn4Zv/4xhVrvNBwvuoVpSuGtcYfe+BkA+EbAd1LWR aPAW/dGTz/a5gIp2ho8vc8qnR6dQ3pj2TWvDPkOacDA= -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:50 2025 by rpki-client