$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/XQnVnUKhv5DAexcyL8p9vl0Losc.roa File: XQnVnUKhv5DAexcyL8p9vl0Losc.roa (raw, json) Hash identifier: yfFRsG3JT6giCLif8xTO6WJmGV4/ahKDwwiweo9ZLL0= Subject key identifier: 5D:09:D5:9D:42:A1:BF:90:C0:7B:17:32:2F:CA:7D:BE:5D:0B:A2:C7 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0D28 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/XQnVnUKhv5DAexcyL8p9vl0Losc.roa Signing time: Mon 26 Aug 2024 05:19:36 +0000 ROA not before: Mon 26 Aug 2024 05:19:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18042 IP address blocks: 202.151.48.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Sep 2024 03:51:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3368 (0xd28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 26 05:19:36 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5D09D59D42A1BF90C07B17322FCA7DBE5D0BA2C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ce:b8:d9:da:90:17:3b:b7:a7:c0:46:e3:d8: 98:d1:6d:e6:42:99:fc:29:80:a8:a2:43:83:99:c2: 17:dc:e0:5b:06:41:c8:de:dc:f4:ff:68:16:0a:73: c3:33:f7:0d:8d:01:b5:60:fd:8d:9c:76:29:70:59: 24:47:f9:15:d8:14:d7:99:f0:00:5d:9c:ae:cb:c4: 6d:ba:f6:09:e3:ea:b6:45:9f:33:6b:2a:f7:c8:21: 6d:1b:e0:2b:c0:f6:a0:a4:01:6a:c3:4c:d2:1e:01: f8:64:2a:c9:0f:c3:01:30:8a:de:ef:20:ed:ac:b6: 33:37:aa:0c:cb:6b:bb:1f:6d:9b:25:e6:8d:2a:00: 36:14:df:0a:8f:df:ea:f0:cd:0c:0d:38:a5:8a:bc: 0f:98:fb:28:43:53:e3:4f:36:cd:83:f4:3b:bb:2f: 5b:39:08:e3:56:5d:bf:f1:af:65:c6:ae:6d:62:2a: 4f:b1:52:d1:20:49:85:bd:52:9b:03:87:cb:96:63: eb:52:05:09:c7:02:82:8f:46:aa:67:e7:30:31:67: 59:3a:67:fc:72:2a:4b:b0:3b:44:31:21:90:f7:ec: 6b:4e:3f:ed:ba:a4:80:9a:6d:4f:34:6d:81:2d:60: 30:f3:fb:e4:e5:d2:0e:f8:2f:c7:8a:b0:55:a8:35: 05:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:09:D5:9D:42:A1:BF:90:C0:7B:17:32:2F:CA:7D:BE:5D:0B:A2:C7 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/XQnVnUKhv5DAexcyL8p9vl0Losc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.151.48.0/20 Signature Algorithm: sha256WithRSAEncryption 0b:46:b2:17:57:3a:ad:ac:5b:62:5c:c3:ec:a8:1d:e9:05:c8: 1a:92:b6:f3:63:82:73:09:46:38:cd:10:de:f7:65:d0:d1:59: a1:e2:fc:bb:f4:d4:83:ad:f5:46:45:2f:35:12:1f:33:42:29: 73:f2:5a:63:06:15:4b:1d:51:14:81:79:67:9c:93:58:d5:c1: d5:9d:6a:3a:71:bb:07:6a:31:f6:85:c4:aa:bf:b2:47:12:25: ef:dd:40:d0:f7:a8:9d:38:85:16:65:96:8e:79:6f:8e:44:c0: 9c:6b:1e:bd:58:0d:14:f0:9d:4b:bd:06:00:4c:36:e3:2b:d5: e9:51:31:33:f0:62:e4:94:7e:bd:9c:2d:a6:86:ff:db:bd:7c: b2:64:e2:2d:81:37:c8:15:0b:57:2c:16:ef:d7:1c:e3:5c:ec: d8:3d:ec:45:9d:e3:a9:9a:34:b5:c2:da:89:d5:e4:f7:f6:89: 4d:8d:53:ee:6a:27:72:fc:07:68:ca:8b:5b:18:17:89:b4:5c: 54:1b:04:aa:f3:e2:7b:e1:de:b2:8f:74:97:58:39:22:b4:b3: 6a:df:36:33:87:29:82:46:5f:37:d6:24:de:35:7a:3d:18:c2: ca:54:da:bf:48:e5:d1:df:5e:6f:f7:4e:0a:e8:3b:b4:90:56: 45:34:6d:7f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDSgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNDA4MjYw NTE5MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVEMDlENTlENDJBMUJG OTBDMDdCMTczMjJGQ0E3REJFNUQwQkEyQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHzrjZ2pAXO7enwEbj2JjRbeZCmfwpgKiiQ4OZwhfc4FsGQcje 3PT/aBYKc8Mz9w2NAbVg/Y2cdilwWSRH+RXYFNeZ8ABdnK7LxG269gnj6rZFnzNr KvfIIW0b4CvA9qCkAWrDTNIeAfhkKskPwwEwit7vIO2stjM3qgzLa7sfbZsl5o0q ADYU3wqP3+rwzQwNOKWKvA+Y+yhDU+NPNs2D9Du7L1s5CONWXb/xr2XGrm1iKk+x UtEgSYW9UpsDh8uWY+tSBQnHAoKPRqpn5zAxZ1k6Z/xyKkuwO0QxIZD37GtOP+26 pICabU80bYEtYDDz++Tl0g74L8eKsFWoNQVlAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUXQnVnUKhv5DAexcyL8p9vl0LoscwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL1hRblZuVUtodjVEQWV4Y3lM OHA5dmwwTG9zYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATK lzAwDQYJKoZIhvcNAQELBQADggEBAAtGshdXOq2sW2Jcw+yoHekFyBqStvNjgnMJ RjjNEN73ZdDRWaHi/Lv01IOt9UZFLzUSHzNCKXPyWmMGFUsdURSBeWeck1jVwdWd ajpxuwdqMfaFxKq/skcSJe/dQND3qJ04hRZllo55b45EwJxrHr1YDRTwnUu9BgBM NuMr1elRMTPwYuSUfr2cLaaG/9u9fLJk4i2BN8gVC1csFu/XHONc7Ng97EWd46ma NLXC2onV5Pf2iU2NU+5qJ3L8B2jKi1sYF4m0XFQbBKrz4nvh3rKPdJdYOSK0s2rf NjOHKYJGXzfWJN41ej0YwspU2r9I5dHfXm/3TgroO7SQVkU0bX8= -----END CERTIFICATE-----Generated at Fri Sep 27 23:52:49 2024 by rpki-client on console-ams.rpki-client.org