$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/2M644Owz-KEhZkoe5GtegSYKm_8.roa File: 2M644Owz-KEhZkoe5GtegSYKm_8.roa (raw, json) Hash identifier: 5oGBJIsF1jIk+fuY2Smqdifgzs8+i2Dk3sYviLF+4vo= Subject key identifier: D8:CE:B8:E0:EC:33:F8:A1:21:66:4A:1E:E4:6B:5E:81:26:0A:9B:FF Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0B4C Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/2M644Owz-KEhZkoe5GtegSYKm_8.roa Signing time: Fri 01 Sep 2023 10:00:51 +0000 ROA not before: Fri 01 Sep 2023 10:00:51 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 20473 IP address blocks: 103.129.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 May 2024 17:52:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2892 (0xb4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Sep 1 10:00:51 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D8CEB8E0EC33F8A121664A1EE46B5E81260A9BFF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:7e:f8:de:92:8e:d3:4b:da:51:f5:4c:62:0b: fb:7a:13:c4:0f:f6:01:78:86:48:db:dd:9d:77:b5: 82:ff:9e:83:19:0f:26:05:99:1a:19:03:7d:b6:da: be:bc:01:ba:df:2b:ce:92:73:f1:26:01:cb:d6:53: 45:25:73:9b:9b:17:8f:b3:df:87:6a:03:8b:69:c7: f9:98:4a:1f:91:3d:d9:40:8a:85:26:67:98:5d:99: e6:97:3a:8e:f5:10:2d:9a:dd:8d:34:07:1b:bb:64: ff:90:83:d8:25:bd:87:b5:71:50:07:da:e9:94:32: 0a:bd:28:77:08:fb:7a:94:f3:81:84:e5:15:f0:ac: 72:1d:ba:70:99:1d:68:18:c9:52:95:80:23:93:d2: b5:dc:b4:a0:84:86:9c:64:3d:37:dd:31:57:d8:dd: e2:55:0a:5b:52:f9:1b:5f:e6:c0:c8:7f:5c:b2:38: 2f:f2:23:f4:2e:11:39:88:fc:0d:43:42:fe:a8:88: fe:53:3a:48:e3:76:bb:3d:4b:33:c4:f0:b7:fe:47: d5:f1:75:47:39:9b:7b:d4:8e:f3:47:03:4c:2d:44: fb:4b:86:29:a0:62:61:b1:eb:6b:dd:86:bd:f0:1e: c0:e7:e4:ea:72:e8:2b:8a:bd:f2:04:a1:66:34:21: 13:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:CE:B8:E0:EC:33:F8:A1:21:66:4A:1E:E4:6B:5E:81:26:0A:9B:FF X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/2M644Owz-KEhZkoe5GtegSYKm_8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.129.147.0/24 Signature Algorithm: sha256WithRSAEncryption 33:79:b7:00:04:3f:76:76:e0:b6:d9:2e:4e:8a:0e:92:07:f7: bb:ae:39:cd:dd:2a:e6:79:f5:ec:46:f3:e3:01:b1:ee:da:d9: c2:89:7f:5f:f1:6a:c4:a2:39:0d:90:6e:0b:f3:06:67:e2:36: ec:ac:7d:b7:a6:05:86:38:b2:2c:3a:a2:ea:d5:3d:7b:d0:ff: 4d:e8:b7:86:65:01:f4:1f:67:1e:ed:67:1e:69:e6:b4:7e:6f: d3:e5:a5:1b:01:d7:82:e7:f3:91:57:1e:2d:5e:99:5a:9e:29: e3:bc:38:11:38:a9:cd:f5:e3:8a:d4:95:43:0c:f4:a7:e1:83: 77:7a:ca:5c:43:96:42:2a:0d:53:8f:35:0e:c3:af:71:75:43: 27:67:62:a7:65:5a:42:3d:26:ad:14:53:fc:c2:ca:6f:83:5e: f6:cb:9d:cc:c7:da:04:24:30:09:30:49:27:c9:9a:1c:fa:72: 39:65:99:6f:cf:ba:bc:d4:87:ab:8f:26:f7:ef:a0:3a:dd:ce: 39:2a:12:ed:a0:eb:4a:5f:3f:fb:9d:f8:77:35:d2:1f:be:c8: 0b:7d:93:fb:0c:d8:47:5c:d1:b8:d3:d9:e3:6d:b8:8d:10:d4: 36:25:c6:a7:54:6a:97:6a:3a:f4:87:db:55:08:29:ef:fa:73: dc:6e:0c:0b -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICC0wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMzA5MDEx MDAwNTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ4Q0VCOEUwRUMzM0Y4 QTEyMTY2NEExRUU0NkI1RTgxMjYwQTlCRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTfvjeko7TS9pR9UxiC/t6E8QP9gF4hkjb3Z13tYL/noMZDyYF mRoZA3222r68AbrfK86Sc/EmAcvWU0Ulc5ubF4+z34dqA4tpx/mYSh+RPdlAioUm Z5hdmeaXOo71EC2a3Y00Bxu7ZP+Qg9glvYe1cVAH2umUMgq9KHcI+3qU84GE5RXw rHIdunCZHWgYyVKVgCOT0rXctKCEhpxkPTfdMVfY3eJVCltS+Rtf5sDIf1yyOC/y I/QuETmI/A1DQv6oiP5TOkjjdrs9SzPE8Lf+R9XxdUc5m3vUjvNHA0wtRPtLhimg YmGx62vdhr3wHsDn5Opy6CuKvfIEoWY0IRMhAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU2M644Owz+KEhZkoe5GtegSYKm/8wHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzJNNjQ0T3d6LUtFaFprb2U1R3RlZ1NZ S21fOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZMwDQYJ KoZIhvcNAQELBQADggEBADN5twAEP3Z24LbZLk6KDpIH97uuOc3dKuZ59exG8+MB se7a2cKJf1/xasSiOQ2QbgvzBmfiNuysfbemBYY4siw6ourVPXvQ/03ot4ZlAfQf Zx7tZx5p5rR+b9PlpRsB14Ln85FXHi1emVqeKeO8OBE4qc3144rUlUMM9Kfhg3d6 ylxDlkIqDVOPNQ7Dr3F1QydnYqdlWkI9Jq0UU/zCym+DXvbLnczH2gQkMAkwSSfJ mhz6cjllmW/PurzUh6uPJvfvoDrdzjkqEu2g60pfP/ud+Hc10h++yAt9k/sM2Edc 0bjT2eNtuI0Q1DYlxqdUapdqOvSH21UIKe/6c9xuDAs= -----END CERTIFICATE-----Generated at Tue May 7 14:32:40 2024 by rpki-client on console-fra.rpki-client.org