$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KfrHPh4Yhvfn4WWy9lcgmmSluTo.roa File: KfrHPh4Yhvfn4WWy9lcgmmSluTo.roa (raw, json) Hash identifier: cdBIvBsG/PyM+behzm0COB0Q7dn2qUVEheFyRkMVMCo= Subject key identifier: 29:FA:C7:3E:1E:18:86:F7:E7:E1:65:B2:F6:57:20:9A:64:A5:B9:3A Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Certificate serial: 0CEF Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KfrHPh4Yhvfn4WWy9lcgmmSluTo.roa Signing time: Mon 26 Aug 2024 05:12:50 +0000 ROA not before: Mon 26 Aug 2024 05:12:50 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9244 IP address blocks: 61.56.64.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Sep 2024 17:21:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3311 (0xcef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Validity Not Before: Aug 26 05:12:50 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=29FAC73E1E1886F7E7E165B2F657209A64A5B93A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:b6:ed:b1:77:c2:8b:69:fc:15:de:a3:9e:87: da:44:a4:e4:98:77:2a:ca:8b:91:c2:34:0e:0b:0d: 9c:a8:b7:b7:9d:22:db:5d:18:cf:13:90:79:f8:2a: 75:37:af:65:5e:51:37:8c:92:86:fc:c7:5b:65:78: f1:20:d3:ba:ca:13:92:f6:64:84:6c:31:72:6b:98: 1d:5c:6f:9b:f1:aa:e0:33:72:77:b2:f7:b8:d3:d6: 21:4e:8a:ae:cf:37:3e:2c:ea:56:1f:ba:cb:33:b0: 55:83:a9:dc:3f:79:7e:83:b9:e4:d2:71:29:f0:62: 02:5f:0d:8b:46:a9:81:28:54:26:2a:94:77:34:29: 3f:9c:13:ca:15:eb:c3:2e:31:50:e1:15:50:23:8e: 08:5b:92:6d:7b:7b:fb:da:c5:e5:37:8a:5b:9e:9a: 11:f1:71:6a:6b:b8:f9:03:3a:11:8b:46:76:5f:ef: 21:73:93:2f:7b:29:c7:db:45:69:4c:38:7d:58:a0: 6e:dc:ca:11:55:11:a5:84:85:5a:85:1a:90:0d:98: 6a:51:40:23:bb:52:3b:5a:2b:25:01:ee:34:d3:e2: 06:f9:ea:34:f1:a8:28:fc:1b:1b:9d:ae:0f:3e:f3: db:9e:f6:52:66:ca:f2:38:9c:87:5a:4d:93:0e:ef: 66:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:FA:C7:3E:1E:18:86:F7:E7:E1:65:B2:F6:57:20:9A:64:A5:B9:3A X509v3 Authority Key Identifier: keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KfrHPh4Yhvfn4WWy9lcgmmSluTo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.56.64.0/21 Signature Algorithm: sha256WithRSAEncryption 3b:4b:f8:8b:72:bf:4f:d6:a6:6b:f9:26:72:f1:42:f5:3f:e4: 41:b9:dc:de:0a:a6:5d:50:97:7f:13:58:fa:fb:ef:c1:95:61: 4d:83:7a:b4:07:97:9a:29:93:38:68:b8:bb:ef:6a:06:11:5f: 90:dc:de:fb:3e:de:4d:c8:a3:09:b9:80:c4:d9:02:03:d2:c2: e4:4a:5e:f9:03:e3:1d:7d:fa:27:07:95:28:90:52:b1:42:cd: 39:2c:1c:d4:55:02:ce:36:85:a1:3f:23:ca:ab:ab:ae:71:34: 32:7c:a0:8e:c8:c9:8d:85:9b:61:b7:f7:aa:88:4b:c0:13:aa: f6:e4:be:6f:53:aa:45:d8:96:31:4b:4c:bc:09:47:3e:f7:66: 78:68:84:93:eb:c6:30:1d:45:e7:87:1e:8b:2a:1b:31:3f:f4: 02:56:a8:b5:85:33:85:4e:44:bd:85:20:cf:37:83:4c:89:e5: 19:f9:0c:5e:64:28:45:1a:e3:16:7e:06:13:23:c6:25:1b:01: 22:a6:d1:d4:11:1e:32:bc:c5:5a:41:9c:2a:58:d3:c1:f3:bd: d4:91:5e:b2:62:c0:7d:41:8c:43:bf:06:4e:83:3c:d5:cf:38: eb:52:e7:3a:b6:73:db:29:68:34:c7:dd:28:9e:ff:8c:f2:08: 0e:9d:29:0b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNDA4MjYw NTEyNTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5RkFDNzNFMUUxODg2 RjdFN0UxNjVCMkY2NTcyMDlBNjRBNUI5M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwtu2xd8KLafwV3qOeh9pEpOSYdyrKi5HCNA4LDZyot7edIttd GM8TkHn4KnU3r2VeUTeMkob8x1tlePEg07rKE5L2ZIRsMXJrmB1cb5vxquAzcney 97jT1iFOiq7PNz4s6lYfusszsFWDqdw/eX6DueTScSnwYgJfDYtGqYEoVCYqlHc0 KT+cE8oV68MuMVDhFVAjjghbkm17e/vaxeU3iluemhHxcWpruPkDOhGLRnZf7yFz ky97KcfbRWlMOH1YoG7cyhFVEaWEhVqFGpANmGpRQCO7UjtaKyUB7jTT4gb56jTx qCj8Gxudrg8+89ue9lJmyvI4nIdaTZMO72ZTAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUKfrHPh4Yhvfn4WWy9lcgmmSluTowHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL0tmckhQaDRZaHZmbjRXV3k5 bGNnbW1TbHVUby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9 OEAwDQYJKoZIhvcNAQELBQADggEBADtL+Ityv0/Wpmv5JnLxQvU/5EG53N4Kpl1Q l38TWPr778GVYU2DerQHl5opkzhouLvvagYRX5Dc3vs+3k3Iowm5gMTZAgPSwuRK XvkD4x19+icHlSiQUrFCzTksHNRVAs42haE/I8qrq65xNDJ8oI7IyY2Fm2G396qI S8ATqvbkvm9TqkXYljFLTLwJRz73ZnhohJPrxjAdReeHHosqGzE/9AJWqLWFM4VO RL2FIM83g0yJ5Rn5DF5kKEUa4xZ+BhMjxiUbASKm0dQRHjK8xVpBnCpY08HzvdSR XrJiwH1BjEO/Bk6DPNXPOOtS5zq2c9spaDTH3Sie/4zyCA6dKQs= -----END CERTIFICATE-----Generated at Sat Sep 28 12:03:22 2024 by rpki-client on console-fra.rpki-client.org