$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/CpFWBDoeVXB98zz1kn5AZrzY1yA.roa File: CpFWBDoeVXB98zz1kn5AZrzY1yA.roa (raw, json) Hash identifier: tm8m5HXvXfYytlR5MddNmtyo3KOa7Wryi0403mwoZqM= Subject key identifier: 0A:91:56:04:3A:1E:55:70:7D:F3:3C:F5:92:7E:40:66:BC:D8:D7:20 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0DC1 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/CpFWBDoeVXB98zz1kn5AZrzY1yA.roa Signing time: Mon 26 Aug 2024 05:10:24 +0000 ROA not before: Mon 26 Aug 2024 05:10:24 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 124.155.172.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3521 (0xdc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 26 05:10:24 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0A9156043A1E55707DF33CF5927E4066BCD8D720 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:55:d4:75:a4:7b:04:21:62:7d:62:63:38:b0: b6:41:de:ba:89:89:14:b6:bb:e9:84:ed:9f:3b:10: 28:98:67:d1:50:64:52:7f:f4:90:95:d2:c6:9f:4e: c3:7a:52:78:e7:07:85:ea:95:38:53:b2:fc:8d:8e: c0:09:2f:3f:75:90:52:b9:46:ad:ee:6f:26:33:be: d7:1e:b7:a6:ed:55:2d:e4:3c:86:5c:0f:0c:c0:8b: 7e:60:ba:8f:ab:aa:a7:a8:56:75:05:37:71:2b:31: 4a:78:a7:46:19:d3:1c:d2:c6:61:8f:96:a5:78:29: af:04:93:8a:dd:11:37:e9:9a:ba:50:ec:b7:b4:ca: 18:15:01:91:be:44:cc:78:7e:50:35:6b:3b:31:42: 1f:aa:b3:e8:ea:a3:c9:ab:f7:14:f1:82:22:18:df: e4:f3:c6:0f:83:ed:a7:c4:d5:32:0b:5f:ef:81:66: 7d:cc:a8:8f:e7:32:10:e6:3f:3f:ae:cb:5c:cc:13: b3:70:44:e5:af:4f:2d:a4:81:57:27:7e:19:5c:1e: 79:13:73:cf:17:e2:25:1c:30:92:a3:0e:38:c0:d6: a9:7e:76:a7:9c:95:6c:14:cb:5d:8e:f5:93:78:13: ae:3f:02:7d:c3:2c:9c:7d:4c:ba:77:4d:32:2b:eb: fd:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:91:56:04:3A:1E:55:70:7D:F3:3C:F5:92:7E:40:66:BC:D8:D7:20 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/CpFWBDoeVXB98zz1kn5AZrzY1yA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.155.172.0/23 Signature Algorithm: sha256WithRSAEncryption 15:13:95:ef:5d:6c:2f:27:02:37:9b:45:fb:3b:5f:3e:0c:97: 16:90:c5:1a:be:35:f5:6e:94:63:bb:68:67:35:5a:8c:63:b5: 59:42:49:2b:98:dd:91:4e:ec:6f:28:c6:c1:5a:04:a7:e0:6b: 8b:26:66:d7:5f:d6:a9:4a:e8:f4:ab:f8:d5:3e:c4:e7:3c:c1: a8:d1:94:1e:3b:f4:ff:5d:5d:a1:b2:db:32:4d:0d:5e:ca:9a: 9f:ba:0e:e6:8f:9a:f8:8a:de:68:85:43:7f:b1:c6:d1:27:10: 20:15:87:ff:4b:cf:1a:52:33:95:b0:bf:d3:2a:d5:99:13:35: 17:09:ec:fe:1c:cb:08:48:5e:61:f8:7c:4d:dd:db:7c:44:98: da:52:5f:ed:5c:b7:1d:28:b5:11:9e:75:df:f5:18:78:3b:b1: 72:dd:bf:de:09:37:ca:80:48:5e:97:81:c5:ac:0f:5d:04:20: a3:9a:a2:31:39:9d:b7:1e:37:0e:96:83:69:11:f4:5f:ae:f6: fc:fd:d3:ea:a1:7f:43:6b:e0:81:d1:b4:f7:b1:49:3e:5e:b9: 27:7e:fc:70:0e:c3:4c:24:3b:d5:dc:7b:df:a0:ef:60:f7:6d: 58:3e:19:5c:ea:ae:e1:28:60:eb:83:f0:52:3f:2c:17:51:7c: b4:c2:de:28 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDcEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw NTEwMjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBBOTE1NjA0M0ExRTU1 NzA3REYzM0NGNTkyN0U0MDY2QkNEOEQ3MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSVdR1pHsEIWJ9YmM4sLZB3rqJiRS2u+mE7Z87ECiYZ9FQZFJ/ 9JCV0safTsN6UnjnB4XqlThTsvyNjsAJLz91kFK5Rq3ubyYzvtcet6btVS3kPIZc DwzAi35guo+rqqeoVnUFN3ErMUp4p0YZ0xzSxmGPlqV4Ka8Ek4rdETfpmrpQ7Le0 yhgVAZG+RMx4flA1azsxQh+qs+jqo8mr9xTxgiIY3+Tzxg+D7afE1TILX++BZn3M qI/nMhDmPz+uy1zME7NwROWvTy2kgVcnfhlcHnkTc88X4iUcMJKjDjjA1ql+dqec lWwUy12O9ZN4E64/An3DLJx9TLp3TTIr6/1XAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUCpFWBDoeVXB98zz1kn5AZrzY1yAwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9DcEZXQkRvZVZYQjk4enoxa241 QVpyelkxeUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBfJus MA0GCSqGSIb3DQEBCwUAA4IBAQAVE5XvXWwvJwI3m0X7O18+DJcWkMUavjX1bpRj u2hnNVqMY7VZQkkrmN2RTuxvKMbBWgSn4GuLJmbXX9apSuj0q/jVPsTnPMGo0ZQe O/T/XV2hstsyTQ1eypqfug7mj5r4it5ohUN/scbRJxAgFYf/S88aUjOVsL/TKtWZ EzUXCez+HMsISF5h+HxN3dt8RJjaUl/tXLcdKLURnnXf9Rh4O7Fy3b/eCTfKgEhe l4HFrA9dBCCjmqIxOZ23HjcOloNpEfRfrvb8/dPqoX9Da+CB0bT3sUk+Xrknfvxw DsNMJDvV3HvfoO9g921YPhlc6q7hKGDrg/BSPywXUXy0wt4o -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:01 2024 by rpki-client on console-ams.rpki-client.org