$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/yYbmD2B_JaBdEMWieWH2qwiUVP4.roa File: yYbmD2B_JaBdEMWieWH2qwiUVP4.roa (raw, json) Hash identifier: XBc/yN/6xcEvKMFGb2aFlq4bRDqzVdUB8cSZDaKIiOc= Subject key identifier: C9:86:E6:0F:60:7F:25:A0:5D:10:C5:A2:79:61:F6:AB:08:94:54:FE Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0DAB Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/yYbmD2B_JaBdEMWieWH2qwiUVP4.roa Signing time: Mon 26 Aug 2024 05:10:19 +0000 ROA not before: Mon 26 Aug 2024 05:10:19 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18429 IP address blocks: 124.155.170.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3499 (0xdab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 26 05:10:19 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C986E60F607F25A05D10C5A27961F6AB089454FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:eb:57:11:63:8c:5f:88:9c:79:85:56:33:f3: a5:12:51:3f:43:37:5c:f9:4f:b9:4a:07:e0:5a:84: 40:5b:fb:7a:90:2b:8d:53:01:5c:8e:9a:c4:8a:d0: 53:46:b1:2e:fc:0b:13:04:86:99:60:8f:55:a0:df: 60:58:74:67:4a:a0:f6:21:a8:1b:a1:16:bd:2e:14: 50:d9:04:ed:a3:24:3a:8a:56:c0:fe:d9:80:f4:e8: ad:24:28:b7:94:50:c5:88:74:ae:d5:8b:a6:ba:60: 50:a2:42:9d:9b:b0:3c:53:3a:f2:1a:6a:b7:a1:84: 60:40:83:53:9c:95:44:e0:27:ea:42:d7:a4:2a:6c: 8c:3d:f0:01:a3:36:48:16:ac:2e:1d:b1:ad:77:62: ca:0b:95:23:21:ab:e5:a4:ab:b6:9a:15:d4:05:bb: d8:3f:33:b4:e5:bd:0d:3b:1e:fe:57:9c:be:5b:06: 44:95:46:e7:a1:45:a2:e0:e9:2f:40:c9:75:e0:44: 19:f4:52:6b:72:e8:93:db:6d:a8:ec:ce:f8:e2:b2: 5f:db:ba:3a:3c:ed:4e:55:32:5d:7e:bd:76:67:f2: 35:15:37:cb:fe:bb:a1:62:14:58:23:0b:73:ae:21: b0:9d:5c:3c:32:ae:8d:9d:38:a8:03:fa:4b:21:7d: 59:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:86:E6:0F:60:7F:25:A0:5D:10:C5:A2:79:61:F6:AB:08:94:54:FE X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/yYbmD2B_JaBdEMWieWH2qwiUVP4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.155.170.0/23 Signature Algorithm: sha256WithRSAEncryption 37:e1:e4:be:36:8a:c6:e1:2e:cf:bb:fe:54:e4:2c:71:b3:9f: 23:a1:4d:40:65:4e:6c:5b:7b:d6:ef:b3:4a:f2:02:b9:fa:1b: 5f:09:be:71:af:a6:0d:48:53:d7:94:d1:31:8d:c4:33:0a:a5: 25:d9:6f:4b:ce:3c:30:39:05:31:f0:74:18:13:7e:12:0a:cc: 51:15:50:44:14:db:ca:bf:1d:25:de:51:0c:2c:d7:01:d5:f0: b3:94:6f:3f:64:39:5b:d2:24:0f:60:8a:43:85:a2:a2:e6:ec: c0:bf:7c:b8:89:9e:8d:32:30:de:9d:2b:3a:c2:fa:56:cb:ef: 0a:e4:41:65:cc:f8:68:91:29:f9:eb:87:d8:f7:69:cc:c0:46: 4a:f6:2b:9b:56:bb:01:13:4f:c0:e2:fe:e7:6c:87:33:39:ad: e4:bd:b3:8c:e7:81:a4:ac:3d:96:14:d5:c5:fc:e0:1d:d3:c9: 83:05:a0:78:07:e0:a4:54:4e:b1:d1:de:4d:73:55:df:6a:30: c6:98:3f:6d:2a:cb:be:04:39:cd:96:6a:8b:86:4d:41:16:7d: 3f:22:4a:3e:65:58:77:e0:5a:2c:c1:27:da:b3:d6:4b:a9:2a: 2f:62:c7:b3:dd:1e:87:45:7e:74:ae:94:5f:b1:11:4e:d1:22: 88:38:7c:84 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDaswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw NTEwMTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM5ODZFNjBGNjA3RjI1 QTA1RDEwQzVBMjc5NjFGNkFCMDg5NDU0RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDp61cRY4xfiJx5hVYz86USUT9DN1z5T7lKB+BahEBb+3qQK41T AVyOmsSK0FNGsS78CxMEhplgj1Wg32BYdGdKoPYhqBuhFr0uFFDZBO2jJDqKVsD+ 2YD06K0kKLeUUMWIdK7Vi6a6YFCiQp2bsDxTOvIaarehhGBAg1OclUTgJ+pC16Qq bIw98AGjNkgWrC4dsa13YsoLlSMhq+Wkq7aaFdQFu9g/M7TlvQ07Hv5XnL5bBkSV RuehRaLg6S9AyXXgRBn0Umty6JPbbajszvjisl/bujo87U5VMl1+vXZn8jUVN8v+ u6FiFFgjC3OuIbCdXDwyro2dOKgD+kshfVk5AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUyYbmD2B/JaBdEMWieWH2qwiUVP4wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC95WWJtRDJCX0phQmRFTVdpZVdI MnF3aVVWUDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBfJuq MA0GCSqGSIb3DQEBCwUAA4IBAQA34eS+NorG4S7Pu/5U5Cxxs58joU1AZU5sW3vW 77NK8gK5+htfCb5xr6YNSFPXlNExjcQzCqUl2W9LzjwwOQUx8HQYE34SCsxRFVBE FNvKvx0l3lEMLNcB1fCzlG8/ZDlb0iQPYIpDhaKi5uzAv3y4iZ6NMjDenSs6wvpW y+8K5EFlzPhokSn564fY92nMwEZK9iubVrsBE0/A4v7nbIczOa3kvbOM54GkrD2W FNXF/OAd08mDBaB4B+CkVE6x0d5Nc1XfajDGmD9tKsu+BDnNlmqLhk1BFn0/Iko+ ZVh34FoswSfas9ZLqSovYsez3R6HRX50rpRfsRFO0SKIOHyE -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org