$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/kffo8uyBJxiAcwfapT3vmGerQnE.roa File: kffo8uyBJxiAcwfapT3vmGerQnE.roa (raw, json) Hash identifier: BNeVCQ4AbqkP/YGa8jp1ThCDYlN5F3b1fK8JFK6mpPw= Subject key identifier: 91:F7:E8:F2:EC:81:27:18:80:73:07:DA:A5:3D:EF:98:67:AB:42:71 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0DB4 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/kffo8uyBJxiAcwfapT3vmGerQnE.roa Signing time: Mon 26 Aug 2024 05:10:21 +0000 ROA not before: Mon 26 Aug 2024 05:10:21 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 61.57.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Nov 2024 07:07:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3508 (0xdb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 26 05:10:21 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=91F7E8F2EC812718807307DAA53DEF9867AB4271 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:84:72:3f:1f:e4:c9:c4:7d:0c:df:6d:ea:db: 50:be:3d:09:51:11:2f:0b:9b:99:0f:04:62:6e:79: 96:89:34:a3:07:f6:2d:77:0e:f1:04:32:00:d1:45: f6:b5:67:8c:33:af:9b:b9:34:73:25:b2:95:11:8f: 3d:d7:73:4c:e4:8c:62:6f:61:fe:dc:44:70:c5:11: 69:55:38:e2:55:f0:5e:ca:24:3d:03:a5:59:d4:1b: 6b:34:de:bd:dd:39:06:af:b8:50:73:45:66:6e:0b: e7:59:de:77:95:b0:1e:2c:4a:f0:30:35:c8:16:0b: 1f:5c:41:e4:26:10:dd:c4:29:0e:a7:f9:d4:93:5c: 4d:9d:20:0c:63:a2:dd:a7:04:a9:67:9a:27:20:25: 5f:e9:84:43:f3:2a:05:12:9d:be:36:82:9e:fe:51: 93:2b:95:d7:8d:75:72:38:42:6f:3d:c4:53:62:1d: 33:49:07:c3:53:df:f0:ce:d4:8c:29:b6:27:d1:7b: d0:e3:6f:15:d0:f7:79:c4:2d:f8:63:14:c4:bb:99: 97:a5:45:3d:50:6f:b4:dc:60:9f:29:b8:84:dc:0e: da:3b:59:95:ea:aa:94:e2:a1:ed:34:09:e9:3b:95: 34:f1:8b:63:40:90:15:82:42:29:29:30:8a:de:08: cc:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F7:E8:F2:EC:81:27:18:80:73:07:DA:A5:3D:EF:98:67:AB:42:71 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/kffo8uyBJxiAcwfapT3vmGerQnE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.152.0/21 Signature Algorithm: sha256WithRSAEncryption 2f:7e:96:a8:42:96:bf:df:10:8a:8a:f2:9e:e3:5b:84:cc:b0: aa:0b:29:30:9c:6b:77:7f:68:94:d7:11:77:4f:4d:17:11:23: ea:e9:6b:fc:b4:c4:e6:83:29:3c:06:b0:89:cb:de:6d:2f:06: d4:f8:de:91:c2:18:96:e5:64:53:e4:98:e7:31:b3:29:40:ff: 32:68:8d:22:bb:b5:80:52:1e:5b:1e:2c:c1:d0:f3:29:c3:b6: ea:4d:bd:c8:ee:09:30:09:5a:81:40:4d:a2:9c:b6:a4:d8:6a: 94:7b:62:84:7f:43:a3:3c:76:ba:96:31:86:4e:47:a3:f0:1e: 8c:58:d9:f4:37:37:ad:5e:c7:88:d0:9e:ff:68:01:16:28:08: 67:4b:df:4b:85:3e:c9:fc:47:66:ce:b0:1c:0c:db:95:97:ce: d7:b5:bc:f4:45:71:4d:bc:e3:9d:91:dd:36:13:07:38:13:e6: 6c:20:ab:c9:ad:22:c3:cf:2e:81:eb:9c:40:2c:46:26:3d:38: 7f:c4:ca:0e:a1:42:7e:ff:99:93:5b:63:07:99:6f:ac:94:50: 16:f1:94:d8:cb:2d:c5:19:ae:b0:19:4f:59:45:bb:c6:cb:bf: 34:77:d8:d3:e7:a4:5e:45:a5:bf:38:fe:34:63:7e:dd:4d:c2: 5e:39:c9:2d -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw NTEwMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkxRjdFOEYyRUM4MTI3 MTg4MDczMDdEQUE1M0RFRjk4NjdBQjQyNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDghHI/H+TJxH0M323q21C+PQlRES8Lm5kPBGJueZaJNKMH9i13 DvEEMgDRRfa1Z4wzr5u5NHMlspURjz3Xc0zkjGJvYf7cRHDFEWlVOOJV8F7KJD0D pVnUG2s03r3dOQavuFBzRWZuC+dZ3neVsB4sSvAwNcgWCx9cQeQmEN3EKQ6n+dST XE2dIAxjot2nBKlnmicgJV/phEPzKgUSnb42gp7+UZMrldeNdXI4Qm89xFNiHTNJ B8NT3/DO1IwptifRe9DjbxXQ93nELfhjFMS7mZelRT1Qb7TcYJ8puITcDto7WZXq qpTioe00Cek7lTTxi2NAkBWCQikpMIreCMyXAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUkffo8uyBJxiAcwfapT3vmGerQnEwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9rZmZvOHV5Qkp4aUFjd2ZhcFQz dm1HZXJRbkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmY MA0GCSqGSIb3DQEBCwUAA4IBAQAvfpaoQpa/3xCKivKe41uEzLCqCykwnGt3f2iU 1xF3T00XESPq6Wv8tMTmgyk8BrCJy95tLwbU+N6RwhiW5WRT5JjnMbMpQP8yaI0i u7WAUh5bHizB0PMpw7bqTb3I7gkwCVqBQE2inLak2GqUe2KEf0OjPHa6ljGGTkej 8B6MWNn0NzetXseI0J7/aAEWKAhnS99LhT7J/EdmzrAcDNuVl87Xtbz0RXFNvOOd kd02Ewc4E+ZsIKvJrSLDzy6B65xALEYmPTh/xMoOoUJ+/5mTW2MHmW+slFAW8ZTY yy3FGa6wGU9ZRbvGy780d9jT56ReRaW/OP40Y37dTcJeOckt -----END CERTIFICATE-----Generated at Thu Nov 14 05:00:49 2024 by rpki-client on console-fra.rpki-client.org