$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/Y_y0Fu6GvIMhNn06Kh0FBkQQtzI.roa File: Y_y0Fu6GvIMhNn06Kh0FBkQQtzI.roa (raw, json) Hash identifier: i3DK4WvIH7Rd7SdYEd6Cu/619ft59EVJpPCZuHs+iCc= Subject key identifier: 63:FC:B4:16:EE:86:BC:83:21:36:7D:3A:2A:1D:05:06:44:10:B7:32 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0DB8 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Y_y0Fu6GvIMhNn06Kh0FBkQQtzI.roa Signing time: Mon 26 Aug 2024 05:10:21 +0000 ROA not before: Mon 26 Aug 2024 05:10:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 27.147.16.0/21 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3512 (0xdb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 26 05:10:21 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=63FCB416EE86BC8321367D3A2A1D05064410B732 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:bb:3d:52:3b:89:c6:05:92:a3:a0:78:81:c5: eb:86:6a:f3:cb:37:7a:4a:a0:de:de:e3:ab:26:1a: fb:c9:1e:43:0f:f3:c1:b3:69:03:39:44:a4:43:31: 3c:ae:36:f6:04:b5:3b:38:06:f0:aa:07:64:1f:4b: 28:a7:ca:70:c2:64:45:a0:83:48:63:1c:d9:85:7c: f3:6d:d2:96:64:13:bc:95:dd:b4:e7:7e:cd:e1:d3: ce:49:3a:5f:37:f8:d7:c4:5f:9a:fa:83:7a:03:ea: b7:b2:d5:df:95:cf:5a:cd:e1:4e:91:01:b7:2f:41: cf:07:9c:84:48:b4:5d:88:a8:15:e5:4c:75:6d:54: d9:fe:7c:60:4e:20:d4:03:17:1f:75:0a:29:69:52: 8b:3c:b3:71:d7:35:09:05:74:1e:9e:cc:dc:e9:9c: b7:90:df:58:d9:20:2a:fc:e5:56:e0:2a:c1:5a:8e: 85:dd:43:44:dc:45:df:ad:92:fc:10:34:f7:9a:06: 15:a3:f5:f7:ff:6e:b7:44:37:0e:fc:58:02:1e:36: 9a:f1:2f:9d:23:09:20:29:14:49:68:7b:fd:2c:fa: c8:8b:0f:a9:eb:a3:e4:61:7d:ed:d7:e2:dd:58:d1: 59:95:13:fb:2a:22:4d:97:eb:22:5a:b3:54:16:23: ec:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:FC:B4:16:EE:86:BC:83:21:36:7D:3A:2A:1D:05:06:44:10:B7:32 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Y_y0Fu6GvIMhNn06Kh0FBkQQtzI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.147.16.0/21 Signature Algorithm: sha256WithRSAEncryption 55:6e:6a:bd:64:65:f0:15:5c:37:87:9d:a7:7f:65:ba:74:9a: f1:bb:c8:99:3c:08:17:25:3a:dd:f8:3b:a9:fa:c9:b1:de:1b: b4:64:e5:4a:f5:29:70:43:37:34:a7:7d:d0:52:25:9c:61:24: 4f:a8:1d:16:7d:d8:01:fa:20:67:2e:4a:35:f2:97:a9:9b:b9: 1f:d0:50:80:43:b8:46:1a:95:50:d6:55:75:70:de:cd:a7:77: ca:57:2b:7d:dc:6b:d8:ef:22:af:ea:a6:80:8b:c3:65:b9:2e: e2:88:e1:39:bb:8a:14:a0:2d:2e:23:f7:e7:ac:bf:e5:4a:e3: a3:26:f4:97:b6:bb:7e:29:d4:69:d9:02:79:2d:89:41:57:91: 6e:e4:6a:f7:31:44:4f:94:c3:a2:e4:75:77:2c:49:36:82:ad: 83:c8:b4:8a:d1:80:fd:dc:8e:1f:e0:f0:1a:1f:d5:c5:f4:ef: 39:17:82:31:5c:31:6b:48:d3:fb:98:6c:b2:56:d9:96:1f:67: 09:e9:21:1a:21:4d:6d:1b:5a:d1:77:6b:c0:0f:8b:8b:4e:8f: b4:f0:b2:96:14:88:89:8d:22:6a:9b:8e:bc:d3:fc:d6:e9:67: 3f:0c:b8:a5:a4:a9:7c:0e:4b:c5:95:f8:47:d7:0e:da:84:ad: 09:66:84:f2 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDbgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw NTEwMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYzRkNCNDE2RUU4NkJD ODMyMTM2N0QzQTJBMUQwNTA2NDQxMEI3MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDuz1SO4nGBZKjoHiBxeuGavPLN3pKoN7e46smGvvJHkMP88Gz aQM5RKRDMTyuNvYEtTs4BvCqB2QfSyinynDCZEWgg0hjHNmFfPNt0pZkE7yV3bTn fs3h085JOl83+NfEX5r6g3oD6rey1d+Vz1rN4U6RAbcvQc8HnIRItF2IqBXlTHVt VNn+fGBOINQDFx91CilpUos8s3HXNQkFdB6ezNzpnLeQ31jZICr85VbgKsFajoXd Q0TcRd+tkvwQNPeaBhWj9ff/brdENw78WAIeNprxL50jCSApFEloe/0s+siLD6nr o+Rhfe3X4t1Y0VmVE/sqIk2X6yJas1QWI+z5AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUY/y0Fu6GvIMhNn06Kh0FBkQQtzIwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9ZX3kwRnU2R3ZJTWhObjA2S2gw RkJrUVF0ekkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MQ MA0GCSqGSIb3DQEBCwUAA4IBAQBVbmq9ZGXwFVw3h52nf2W6dJrxu8iZPAgXJTrd +Dup+smx3hu0ZOVK9SlwQzc0p33QUiWcYSRPqB0WfdgB+iBnLko18pepm7kf0FCA Q7hGGpVQ1lV1cN7Np3fKVyt93GvY7yKv6qaAi8NluS7iiOE5u4oUoC0uI/fnrL/l SuOjJvSXtrt+KdRp2QJ5LYlBV5Fu5Gr3MURPlMOi5HV3LEk2gq2DyLSK0YD93I4f 4PAaH9XF9O85F4IxXDFrSNP7mGyyVtmWH2cJ6SEaIU1tG1rRd2vAD4uLTo+08LKW FIiJjSJqm4680/zW6Wc/DLilpKl8DkvFlfhH1w7ahK0JZoTy -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:01 2024 by rpki-client on console-ams.rpki-client.org