$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/lIhSfAvxGubECLdEiKllzulJbSg.roa File: lIhSfAvxGubECLdEiKllzulJbSg.roa (raw, json) Hash identifier: 2vW69gA2BPF2YNB7/c/sxRaqH3DgshVPlf4KXbugmsc= Subject key identifier: 94:88:52:7C:0B:F1:1A:E6:C4:08:B7:44:88:A9:65:CE:E9:49:6D:28 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0DCC Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/lIhSfAvxGubECLdEiKllzulJbSg.roa Signing time: Mon 26 Aug 2024 05:10:26 +0000 ROA not before: Mon 26 Aug 2024 05:10:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 124.155.168.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3532 (0xdcc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 26 05:10:26 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9488527C0BF11AE6C408B74488A965CEE9496D28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:5c:fd:11:1f:90:d9:6c:30:2e:26:99:f6:7a: fc:2e:d8:b9:d8:f7:3f:a7:61:47:6c:b3:cb:2d:e7: e0:e9:af:46:e3:9c:d4:8b:97:8c:27:5a:b3:dc:29: be:4f:5e:e9:8a:54:72:29:57:00:e0:59:90:d0:e0: 23:aa:31:db:eb:41:0f:f4:01:2c:6e:c6:ba:ed:b6: 99:eb:d2:a3:ab:bb:17:2f:20:45:2d:6f:e0:a6:9f: b3:2d:2d:2e:ef:86:84:46:13:8d:51:7b:1b:a5:9b: a0:80:20:41:80:84:4c:ae:be:be:b4:2c:47:9a:91: a5:9f:66:5f:e1:e7:5d:36:7b:94:a2:c6:0e:90:6e: c9:20:79:cd:67:ff:df:9a:e0:46:93:1e:69:4c:f4: 36:9b:9c:92:35:67:9e:f6:7e:02:81:55:7b:2d:18: 64:03:7c:7c:af:c9:8e:63:65:31:b1:ba:82:0a:53: a4:2c:da:e1:88:13:4d:45:51:1e:7d:2d:4e:63:1e: a3:d6:e2:4e:15:c3:db:6a:63:1e:a4:0e:ab:96:29: 68:f6:c2:f3:38:a0:1a:b3:86:bf:f6:e1:11:ba:a8: b3:db:0f:78:19:b9:c1:3c:fb:e5:ae:ab:a0:fc:6a: 3f:5d:65:1e:39:56:4a:63:6c:40:e2:29:17:00:0c: d6:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:88:52:7C:0B:F1:1A:E6:C4:08:B7:44:88:A9:65:CE:E9:49:6D:28 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/lIhSfAvxGubECLdEiKllzulJbSg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.155.168.0/23 Signature Algorithm: sha256WithRSAEncryption 3f:c7:ed:2e:b4:6c:32:91:b5:e7:83:50:4d:cb:1e:0c:29:ab: 3d:70:a8:a3:da:9c:92:0a:78:5b:69:7e:5e:66:56:68:d4:da: 1a:bc:96:b0:d4:a5:cf:6f:36:cd:41:b6:99:d3:62:15:44:16: cd:68:39:c4:61:33:10:a2:36:c6:d4:e3:c6:46:71:ca:2b:60: 39:79:64:e9:6f:10:fe:0f:6c:fc:ef:f7:f2:b4:15:14:93:91: f5:db:c9:f8:1e:41:63:f8:65:92:9f:50:5a:a8:3f:db:25:de: 44:1c:cf:29:08:10:0f:7c:9c:14:8f:81:a4:08:49:4c:e9:83: cc:58:ec:bd:80:40:13:d9:4c:1c:66:d1:1a:dc:9d:b7:dd:00: fa:e4:6f:2e:93:a0:5f:90:11:37:ca:1a:46:34:72:64:52:4c: c8:7f:19:3a:7c:6d:f1:24:b7:5c:ac:51:cb:41:2d:63:3a:65: 72:cb:5e:6c:3b:34:24:bd:e5:60:42:22:75:e3:5a:65:ae:36: 42:0d:bb:18:5c:93:27:2f:a3:11:59:97:6c:6f:a5:70:94:9a: ca:d8:90:66:88:de:72:a6:6d:1f:63:a5:b7:8d:99:55:58:e0: d8:79:b5:6b:de:18:82:e7:b8:cf:27:b8:9a:18:5f:8e:0c:4d: 82:41:89:31 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw NTEwMjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk0ODg1MjdDMEJGMTFB RTZDNDA4Qjc0NDg4QTk2NUNFRTk0OTZEMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDoXP0RH5DZbDAuJpn2evwu2LnY9z+nYUdss8st5+Dpr0bjnNSL l4wnWrPcKb5PXumKVHIpVwDgWZDQ4COqMdvrQQ/0ASxuxrrttpnr0qOruxcvIEUt b+Cmn7MtLS7vhoRGE41Rexulm6CAIEGAhEyuvr60LEeakaWfZl/h5102e5Sixg6Q bskgec1n/9+a4EaTHmlM9DabnJI1Z572fgKBVXstGGQDfHyvyY5jZTGxuoIKU6Qs 2uGIE01FUR59LU5jHqPW4k4Vw9tqYx6kDquWKWj2wvM4oBqzhr/24RG6qLPbD3gZ ucE8++Wuq6D8aj9dZR45VkpjbEDiKRcADNZbAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUlIhSfAvxGubECLdEiKllzulJbSgwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9sSWhTZkF2eEd1YkVDTGRFaUts bHp1bEpiU2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBfJuo MA0GCSqGSIb3DQEBCwUAA4IBAQA/x+0utGwykbXng1BNyx4MKas9cKij2pySCnhb aX5eZlZo1NoavJaw1KXPbzbNQbaZ02IVRBbNaDnEYTMQojbG1OPGRnHKK2A5eWTp bxD+D2z87/fytBUUk5H128n4HkFj+GWSn1BaqD/bJd5EHM8pCBAPfJwUj4GkCElM 6YPMWOy9gEAT2UwcZtEa3J233QD65G8uk6BfkBE3yhpGNHJkUkzIfxk6fG3xJLdc rFHLQS1jOmVyy15sOzQkveVgQiJ141plrjZCDbsYXJMnL6MRWZdsb6VwlJrK2JBm iN5ypm0fY6W3jZlVWODYebVr3hiC57jPJ7iaGF+ODE2CQYkx -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:49 2024 by rpki-client on console-fra.rpki-client.org