$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LbKOpImaSGiREUdHpoJfwZ1SQss.cer File: LbKOpImaSGiREUdHpoJfwZ1SQss.cer (raw, json) Hash identifier: yG97Pjtqesgqy5p6h8SQL8CHwIjELZBvnuMxgIFLne8= Subject key identifier: 2D:B2:8E:A4:89:9A:48:68:91:11:47:47:A6:82:5F:C1:9D:52:42:CB Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Certificate serial: 34BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/IONET/LbKOpImaSGiREUdHpoJfwZ1SQss.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/IONET/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Mon 10 Feb 2025 14:29:06 +0000 Certificate not after: Tue 26 Aug 2025 01:57:03 +0000 Subordinate resources: AS: 9679 IP: 211.73.96.0/19 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 17:37:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13501 (0x34bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Validity Not Before: Feb 10 14:29:06 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2DB28EA4899A486891114747A6825FC19D5242CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:a9:43:6e:34:68:a2:af:57:4b:0c:29:3c:59: 76:de:76:9b:73:c1:1e:8b:f9:a6:bc:57:ae:f2:88: 5b:b4:0e:57:7a:17:b6:11:50:83:9c:5e:a4:14:92: f5:99:d0:be:76:1c:dd:57:48:80:39:3c:af:99:cf: 77:65:55:eb:76:00:2c:b4:66:23:21:12:cb:ae:b6: 9f:d3:0e:2f:77:7e:bc:1d:51:f6:9b:35:42:db:c9: c0:f8:58:04:24:e1:04:0d:a8:aa:59:65:c2:ca:e5: 6e:78:ba:05:b9:cf:50:e9:8b:1a:ae:8f:92:dd:92: a5:e3:fb:cb:62:e0:5c:d0:d0:df:93:2e:84:c4:cd: ad:be:e7:11:a9:f3:38:e9:88:e1:b0:51:33:7f:5f: 8b:37:59:fe:35:be:2a:73:e8:20:63:5e:74:3d:09: a6:b1:4c:ed:54:0e:bb:d4:11:46:ae:5e:58:cb:52: 67:06:76:29:3f:e2:c7:c8:06:18:a3:a1:bd:a9:ab: 74:4a:f9:35:5d:3e:b7:7b:ad:62:5a:a9:a1:18:77: 9d:a4:7f:19:35:41:d9:b0:b4:7b:be:1b:fc:79:b3: 35:de:70:38:35:f7:d3:4d:69:12:92:bd:fd:9b:3b: 4d:0c:30:68:dd:db:3c:2d:10:40:d8:6c:f4:75:b4: 7d:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:B2:8E:A4:89:9A:48:68:91:11:47:47:A6:82:5F:C1:9D:52:42:CB X509v3 Authority Key Identifier: keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IONET/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IONET/LbKOpImaSGiREUdHpoJfwZ1SQss.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: 9679 sbgp-ipAddrBlock: critical IPv4: 211.73.96.0/19 Signature Algorithm: sha256WithRSAEncryption 59:68:d1:bc:72:91:24:bb:55:35:99:81:28:f5:71:92:91:ca: 92:72:50:53:84:40:01:bb:23:3d:af:2b:c9:2b:b1:77:6c:c0: bf:48:f8:1e:d3:fe:66:2d:a7:a2:ef:50:88:7b:5e:0a:f2:5c: f6:13:d6:7d:0e:89:0f:ff:5f:58:65:61:37:a2:9e:82:75:8e: 67:1b:f3:e0:5b:76:da:44:1d:bc:28:45:bc:30:27:63:22:23: 66:ce:01:19:16:01:39:69:d9:7b:ef:19:b8:e9:66:1c:12:db: de:ce:1e:98:f8:32:2f:f9:ef:72:37:3c:8f:34:34:16:11:8c: d2:f3:f3:b7:60:bc:3e:51:2b:57:82:e5:8c:7e:f6:bf:1b:5c: 9b:21:ab:69:20:eb:df:da:f4:bf:d8:75:61:c9:7d:67:5d:f3: 86:51:d5:98:c0:d9:3a:a7:c7:e0:37:41:d6:30:64:32:1d:52: c4:5d:ad:2c:b9:71:1d:21:84:6b:ad:15:80:27:03:a3:a2:1b: 91:27:c2:80:f4:fb:aa:65:07:d3:79:d2:53:91:2d:05:98:c1: 30:6b:bd:f0:34:cb:ab:f6:5a:d7:59:1d:32:a2:cb:25:c0:42: dc:d2:70:1f:45:80:2f:ef:4b:93:21:e1:04:fe:c0:f8:48:3e: b9:80:9a:c3 -----BEGIN CERTIFICATE----- MIIFZDCCBEygAwIBAgICNL0wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy MUM5NkFCMzQ1NDdFMB4XDTI1MDIxMDE0MjkwNloXDTI1MDgyNjAxNTcwM1owMzEx MC8GA1UEAxMoMkRCMjhFQTQ4OTlBNDg2ODkxMTE0NzQ3QTY4MjVGQzE5RDUyNDJD QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMypQ240aKKvV0sMKTxZ dt52m3PBHov5prxXrvKIW7QOV3oXthFQg5xepBSS9ZnQvnYc3VdIgDk8r5nPd2VV 63YALLRmIyESy662n9MOL3d+vB1R9ps1QtvJwPhYBCThBA2oqlllwsrlbni6BbnP UOmLGq6Pkt2SpeP7y2LgXNDQ35MuhMTNrb7nEanzOOmI4bBRM39fizdZ/jW+KnPo IGNedD0JprFM7VQOu9QRRq5eWMtSZwZ2KT/ix8gGGKOhvamrdEr5NV0+t3utYlqp oRh3naR/GTVB2bC0e74b/HmzNd5wODX3001pEpK9/Zs7TQwwaN3bPC0QQNhs9HW0 fTMCAwEAAaOCAmkwggJlMB0GA1UdDgQWBBQtso6kiZpIaJERR0emgl/BnVJCyzAf BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSU9ORVQvMFYG CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev SU9ORVQvTGJLT3BJbWFTR2lSRVVkSHBvSmZ3WjFTUXNzLm1mdDAxBggrBgEFBQcw DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAZBggrBgEF BQcBCAEB/wQKMAigBjAEAgIlzzAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BdNJYDANBgkqhkiG9w0BAQsFAAOCAQEAWWjRvHKRJLtVNZmBKPVxkpHKknJQU4RA AbsjPa8rySuxd2zAv0j4HtP+Zi2nou9QiHteCvJc9hPWfQ6JD/9fWGVhN6KegnWO Zxvz4Ft22kQdvChFvDAnYyIjZs4BGRYBOWnZe+8ZuOlmHBLb3s4emPgyL/nvcjc8 jzQ0FhGM0vPzt2C8PlErV4LljH72vxtcmyGraSDr39r0v9h1Ycl9Z13zhlHVmMDZ OqfH4DdB1jBkMh1SxF2tLLlxHSGEa60VgCcDo6IbkSfCgPT7qmUH03nSU5EtBZjB MGu98DTLq/Za11kdMqLLJcBC3NJwH0WAL+9LkyHhBP7A+Eg+uYCaww== -----END CERTIFICATE-----Generated at Sat Apr 12 14:31:56 2025 by rpki-client