$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/2yFBWO5LGnCY21Hjh11M0D1zRjs.cer File: 2yFBWO5LGnCY21Hjh11M0D1zRjs.cer (raw, json) Hash identifier: lrj7rP/YzbUbwjdW5vhixp+3JLXMHHv1O201kvfkqBk= Subject key identifier: DB:21:41:58:EE:4B:1A:70:98:DB:51:E3:87:5D:4C:D0:3D:73:46:3B Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Certificate serial: 316D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/2yFBWO5LGnCY21Hjh11M0D1zRjs.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Thu 07 Nov 2024 23:50:04 +0000 Certificate not after: Tue 04 Nov 2025 15:30:21 +0000 Subordinate resources: IP: 2401:d3a0::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 11:24:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12653 (0x316d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Validity Not Before: Nov 7 23:50:04 2024 GMT Not After : Nov 4 15:30:21 2025 GMT Subject: CN=DB214158EE4B1A7098DB51E3875D4CD03D73463B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:29:d9:69:51:0f:84:6f:c2:0e:48:99:37:cb: 45:4c:2e:70:ef:d9:2c:b0:37:30:1b:66:1d:12:f7: aa:af:f4:35:2b:a1:db:a6:61:bb:79:52:9b:12:fa: 53:0c:ec:ef:07:f1:8d:3c:bb:80:0d:58:09:9e:04: 59:be:89:41:f6:be:92:24:52:35:b7:68:15:ff:cc: 88:03:59:7a:5b:60:26:a2:cc:0e:98:43:3a:db:4b: ca:8d:72:5e:ec:7e:8d:38:04:5e:c2:13:dc:86:e8: 9e:1f:07:fc:26:9d:cc:38:e2:04:ef:8d:f3:5a:76: 85:28:65:43:2e:5f:85:46:17:57:0d:5f:35:c5:fe: e0:dc:29:a4:28:22:c7:15:9f:30:3c:63:c5:26:1f: f2:f8:b2:3c:a5:1b:99:c8:44:a9:f8:d9:3e:f2:1d: 5f:4c:40:2a:32:ed:3e:97:80:38:e0:88:d0:ca:c3: 8e:95:5b:c1:4a:f8:8a:bc:0a:f9:1a:e1:0c:a5:5e: b5:86:c0:9d:a7:3d:04:0f:fc:31:d0:ed:0b:f3:43: 12:42:dc:3d:fc:4a:d5:7d:0a:e3:af:92:fc:54:86: b6:cb:c7:7a:02:f7:1c:62:96:66:f6:e1:99:45:90: 96:d9:d1:3e:58:e3:f8:84:52:79:0a:48:b9:8a:8c: d1:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:21:41:58:EE:4B:1A:70:98:DB:51:E3:87:5D:4C:D0:3D:73:46:3B X509v3 Authority Key Identifier: keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINANG/2yFBWO5LGnCY21Hjh11M0D1zRjs.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:d3a0::/32 Signature Algorithm: sha256WithRSAEncryption 0c:b7:00:7c:95:9c:8f:51:2c:26:25:62:2f:48:2b:53:7f:83: 64:71:47:b8:77:d0:56:63:34:a4:7f:90:3e:c6:eb:fa:d4:dd: d5:4e:f2:fe:27:6f:e9:1d:a9:55:59:f1:9f:06:10:2f:3d:62: c8:44:95:81:5b:3a:ab:24:47:83:ee:46:51:99:47:c6:06:34: 98:96:41:1b:98:72:21:3b:b5:20:28:54:17:bb:53:77:6c:23: 07:16:e1:8d:67:bd:50:3c:ef:ef:d6:4e:cd:23:da:66:31:c5: 58:09:b6:37:9b:4a:18:45:13:47:40:b8:04:2d:99:ca:65:55: 3e:da:95:c7:bc:58:f0:88:a9:d3:91:42:83:09:6a:a5:af:c9: ff:aa:e4:a6:e9:3d:ca:57:3e:f0:8c:c1:57:cc:63:19:d2:b3: 73:94:74:a1:09:02:5f:78:6f:3a:46:10:d5:69:26:7d:15:f0: d0:e1:ea:64:38:41:85:3a:88:e0:13:22:e0:b8:6d:b5:49:db: 19:91:60:58:b6:9c:d5:ab:05:33:2f:94:34:27:c7:94:bf:e6: 62:85:a8:f5:3d:fa:a2:22:b6:2c:92:dd:f8:17:96:22:04:db: 24:12:98:1e:ac:d7:82:cc:d0:3d:9f:53:68:c0:05:31:0a:aa: 0a:83:25:d5 -----BEGIN CERTIFICATE----- MIIFTDCCBDSgAwIBAgICMW0wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy MUM5NkFCMzQ1NDdFMB4XDTI0MTEwNzIzNTAwNFoXDTI1MTEwNDE1MzAyMVowMzEx MC8GA1UEAxMoREIyMTQxNThFRTRCMUE3MDk4REI1MUUzODc1RDRDRDAzRDczNDYz QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgp2WlRD4Rvwg5ImTfL RUwucO/ZLLA3MBtmHRL3qq/0NSuh26Zhu3lSmxL6Uwzs7wfxjTy7gA1YCZ4EWb6J Qfa+kiRSNbdoFf/MiANZeltgJqLMDphDOttLyo1yXux+jTgEXsIT3Ibonh8H/Cad zDjiBO+N81p2hShlQy5fhUYXVw1fNcX+4NwppCgixxWfMDxjxSYf8viyPKUbmchE qfjZPvIdX0xAKjLtPpeAOOCI0MrDjpVbwUr4irwK+RrhDKVetYbAnac9BA/8MdDt C/NDEkLcPfxK1X0K46+S/FSGtsvHegL3HGKWZvbhmUWQltnRPljj+IRSeQpIuYqM 0YMCAwEAAaOCAlEwggJNMB0GA1UdDgQWBBTbIUFY7ksacJjbUeOHXUzQPXNGOzAf BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUFBzAF hixyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOQU5HLzBX BggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L1hJTkFORy8yeUZCV081TEduQ1kyMUhqaDExTTBEMXpSanMubWZ0MDEGCCsGAQUF BzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsG AQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHToDANBgkqhkiG9w0BAQsFAAOCAQEA DLcAfJWcj1EsJiViL0grU3+DZHFHuHfQVmM0pH+QPsbr+tTd1U7y/idv6R2pVVnx nwYQLz1iyESVgVs6qyRHg+5GUZlHxgY0mJZBG5hyITu1IChUF7tTd2wjBxbhjWe9 UDzv79ZOzSPaZjHFWAm2N5tKGEUTR0C4BC2ZymVVPtqVx7xY8Iip05FCgwlqpa/J /6rkpuk9ylc+8IzBV8xjGdKzc5R0oQkCX3hvOkYQ1WkmfRXw0OHqZDhBhTqI4BMi 4LhttUnbGZFgWLac1asFMy+UNCfHlL/mYoWo9T36oiK2LJLd+BeWIgTbJBKYHqzX gszQPZ9TaMAFMQqqCoMl1Q== -----END CERTIFICATE-----Generated at Fri Nov 22 06:41:24 2024 by rpki-client on console-ams.rpki-client.org