$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/fW3XAh6fP3no_tXXphEsfRcuZhc.roa File: fW3XAh6fP3no_tXXphEsfRcuZhc.roa (raw, json) Hash identifier: sHXHtHNBXeWvn14v/xg/dpA+WbLQ855Gm4uL3Ti3Gwk= Subject key identifier: 7D:6D:D7:02:1E:9F:3F:79:E8:FE:D5:D7:A6:11:2C:7D:17:2E:66:17 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0DA4 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/fW3XAh6fP3no_tXXphEsfRcuZhc.roa Signing time: Mon 26 Aug 2024 05:10:17 +0000 ROA not before: Mon 26 Aug 2024 05:10:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 27.147.8.0/21 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3492 (0xda4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 26 05:10:17 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=7D6DD7021E9F3F79E8FED5D7A6112C7D172E6617 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:41:4c:01:34:f3:07:c8:f2:4f:e0:a9:b2:38: 8b:a6:6f:41:d5:b0:74:60:73:43:e0:ac:db:d6:17: ec:9e:de:55:c0:2a:c7:9a:9d:82:c4:c5:5f:11:75: 1d:63:00:1a:5d:34:29:b5:5c:0f:fc:d7:a9:c5:42: fa:54:21:fe:dc:9b:4b:cd:c9:98:a1:ba:9a:aa:45: 81:00:88:eb:7b:c4:bf:d3:8c:91:46:30:39:e0:23: ac:c4:6b:4e:bd:0a:35:f3:27:df:b4:1e:d6:0e:b4: 91:a4:30:e9:ae:8d:8a:27:9b:09:fe:9a:d8:28:10: ac:7f:45:1e:be:4d:5e:7c:f3:f8:d6:32:b8:f8:b0: cf:f8:41:f2:b0:31:88:a8:4c:26:66:9d:26:47:85: d4:c7:98:9e:ea:2f:32:c4:4b:9b:5d:c7:60:ee:4e: b1:39:2a:9a:68:53:60:0d:17:8f:af:c3:df:bd:cd: e6:66:58:cb:b1:6b:ed:ad:e8:91:70:1e:3b:38:a7: 6b:8b:63:fd:df:f8:4b:58:4b:15:a6:b3:27:7c:42: eb:21:f6:7a:d0:23:7f:bf:a0:80:ef:00:9a:99:4b: 51:30:22:e2:51:ac:7e:04:23:40:df:72:90:83:e4: b6:d0:97:bd:26:55:38:70:0f:ba:7e:63:14:21:2b: 34:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:6D:D7:02:1E:9F:3F:79:E8:FE:D5:D7:A6:11:2C:7D:17:2E:66:17 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/fW3XAh6fP3no_tXXphEsfRcuZhc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.147.8.0/21 Signature Algorithm: sha256WithRSAEncryption a4:0e:7a:54:4e:c5:ac:a9:2f:38:41:7a:63:84:b0:20:7f:9a: 28:42:24:e5:1c:a6:6b:8f:8c:9c:97:54:3d:3a:82:e5:0a:16: 36:e3:5c:78:e4:0b:e6:f7:17:f4:28:62:a3:f1:11:0b:e9:0a: 6d:ae:42:93:86:88:39:13:ad:e6:44:b0:06:a9:8b:a7:7a:d8: a4:b1:2a:02:ad:64:89:68:10:09:6e:69:df:04:a9:c1:80:a6: f2:0d:44:37:b1:35:8c:16:33:7f:d2:53:d2:b9:85:1d:a3:78: 3e:45:6a:71:d9:22:e6:94:73:99:d1:f5:e8:c2:0c:47:35:b5: 8b:88:b1:2f:e7:ba:e1:68:97:b1:c5:e8:50:87:b5:77:bb:8b: fe:73:b9:8e:d2:c1:2a:92:a4:ad:6e:74:25:e9:af:95:55:98: 17:9a:11:4c:09:09:d9:73:71:e3:2d:3c:b9:85:ff:21:63:9d: ef:c7:c0:20:28:cc:8c:87:9f:4e:62:66:fd:83:57:5d:83:c6: 3f:e8:af:97:a0:00:de:57:fa:29:fb:7d:9e:20:21:28:74:14: 7d:fe:b3:3f:63:39:01:82:03:54:bd:c0:9b:d7:47:2a:9a:6b: 19:e6:cb:83:39:7a:09:2b:37:f5:76:c9:67:56:a4:fd:bb:8a: 7f:d7:90:a0 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw NTEwMTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdENkRENzAyMUU5RjNG NzlFOEZFRDVEN0E2MTEyQzdEMTcyRTY2MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJQUwBNPMHyPJP4KmyOIumb0HVsHRgc0PgrNvWF+ye3lXAKsea nYLExV8RdR1jABpdNCm1XA/816nFQvpUIf7cm0vNyZihupqqRYEAiOt7xL/TjJFG MDngI6zEa069CjXzJ9+0HtYOtJGkMOmujYonmwn+mtgoEKx/RR6+TV588/jWMrj4 sM/4QfKwMYioTCZmnSZHhdTHmJ7qLzLES5tdx2DuTrE5KppoU2ANF4+vw9+9zeZm WMuxa+2t6JFwHjs4p2uLY/3f+EtYSxWmsyd8Qush9nrQI3+/oIDvAJqZS1EwIuJR rH4EI0DfcpCD5LbQl70mVThwD7p+YxQhKzQNAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUfW3XAh6fP3no/tXXphEsfRcuZhcwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9mVzNYQWg2ZlAzbm9fdFhYcGhF c2ZSY3VaaGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MI MA0GCSqGSIb3DQEBCwUAA4IBAQCkDnpUTsWsqS84QXpjhLAgf5ooQiTlHKZrj4yc l1Q9OoLlChY241x45Avm9xf0KGKj8REL6QptrkKThog5E63mRLAGqYunetiksSoC rWSJaBAJbmnfBKnBgKbyDUQ3sTWMFjN/0lPSuYUdo3g+RWpx2SLmlHOZ0fXowgxH NbWLiLEv57rhaJexxehQh7V3u4v+c7mO0sEqkqStbnQl6a+VVZgXmhFMCQnZc3Hj LTy5hf8hY53vx8AgKMyMh59OYmb9g1ddg8Y/6K+XoADeV/op+32eICEodBR9/rM/ YzkBggNUvcCb10cqmmsZ5suDOXoJKzf1dslnVqT9u4p/15Cg -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:29 2024 by rpki-client on console-ams.rpki-client.org