$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/KXPaSXyovsX8yd6UpvSWdn2fOk4.roa File: KXPaSXyovsX8yd6UpvSWdn2fOk4.roa (raw, json) Hash identifier: LZDR/aFM3IImhb0pGrzs8cb6l9+g5MpMAh4ONUy1+H0= Subject key identifier: 29:73:DA:49:7C:A8:BE:C5:FC:C9:DE:94:A6:F4:96:76:7D:9F:3A:4E Certificate issuer: /CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Certificate serial: 0283 Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/KXPaSXyovsX8yd6UpvSWdn2fOk4.roa Signing time: Mon 26 Aug 2024 05:11:15 +0000 ROA not before: Mon 26 Aug 2024 05:11:15 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38047 IP address blocks: 103.183.78.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 643 (0x283) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Validity Not Before: Aug 26 05:11:15 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2973DA497CA8BEC5FCC9DE94A6F496767D9F3A4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:af:f6:7d:d7:74:ec:3d:5c:b2:0b:3d:bf:5d: 92:73:f0:a8:ee:45:e6:92:ab:c8:2f:60:39:a4:30: 91:57:eb:d1:7e:d9:23:56:4b:73:41:d5:f9:bb:e1: 1d:7b:34:68:e0:94:a1:0c:ff:aa:43:a2:db:d3:34: b1:cc:99:db:cd:0d:ec:f4:8e:e8:f6:db:9b:7a:0e: 32:d9:ed:5f:44:a0:10:50:f5:5b:46:1e:12:8f:18: d8:9e:b6:cc:63:d5:2e:d6:ec:92:2f:be:1a:40:7d: 56:8b:07:fe:72:b4:73:50:77:03:af:5f:4e:df:1b: 84:d4:94:85:e5:e1:fd:59:83:02:59:1f:a3:34:f8: 70:28:eb:ea:fe:d1:c5:54:b5:77:2b:31:52:99:5c: fc:2e:7a:a7:ee:f2:cb:0e:61:dd:fc:04:c8:36:97: 6d:89:b6:c2:ae:94:df:89:23:64:ed:1b:2e:8a:2b: a3:a2:b2:19:7d:b1:4f:6a:31:23:c3:31:a2:77:94: d7:fe:6d:dd:76:17:cc:07:1e:a3:21:b5:83:8d:0c: d7:93:19:52:1f:f3:cf:e6:52:9b:6b:8d:1e:ee:8d: 47:0c:9d:51:91:9e:03:05:aa:b2:c6:f3:4a:fb:17: c6:12:8c:ea:ca:53:6d:e6:be:91:54:e6:33:ae:be: 93:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:73:DA:49:7C:A8:BE:C5:FC:C9:DE:94:A6:F4:96:76:7D:9F:3A:4E X509v3 Authority Key Identifier: keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/KXPaSXyovsX8yd6UpvSWdn2fOk4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.183.78.0/24 Signature Algorithm: sha256WithRSAEncryption 67:73:77:4f:d3:c3:14:74:bb:76:a5:c1:5a:fd:a9:30:2e:4b: 00:48:3c:73:9a:3c:ac:0e:a1:66:63:d2:b1:c6:a8:25:b4:1a: e7:85:53:8d:4b:f6:f3:33:7c:da:e8:6b:4b:ae:da:a0:44:27: 8d:c0:68:d7:27:ae:3f:5c:0f:86:a0:90:41:4b:95:2a:4e:6e: e2:68:a2:60:26:49:03:57:e7:9a:3e:16:02:e6:bb:3c:a2:70: a8:75:24:4f:7d:9c:63:27:c3:b9:10:77:74:84:ae:8d:29:32: fc:c8:08:7c:d8:4e:f0:08:0f:4c:39:0b:63:ba:03:ac:92:91: bc:b0:1f:24:1b:3a:17:f5:60:c6:04:c3:2c:23:00:05:29:69: f7:4c:51:e8:31:39:07:24:21:f6:7c:1d:41:cf:62:6c:40:2f: 0e:6d:17:2e:ab:8d:2c:a4:d4:20:ab:e4:56:a6:9e:cd:4b:d3: db:b4:70:6f:bc:df:59:4b:e1:be:ac:e4:ce:a8:f7:42:c0:fa: e2:ce:86:9a:bd:23:50:2e:48:98:44:86:f5:6f:78:79:4c:31: 07:3b:fa:0b:46:cb:61:e0:99:14:95:b9:f5:4a:78:db:c8:08: 3f:64:77:9e:f5:20:c0:e4:b5:cd:ad:c5:da:36:9e:7e:8a:86: be:8b:66:50 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICAoMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJD ODQzOUZFMTlEOTlCMDM4MjcwMjA4Qzk0QjY2Q0EyMzFGRkVENTAeFw0yNDA4MjYw NTExMTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5NzNEQTQ5N0NBOEJF QzVGQ0M5REU5NEE2RjQ5Njc2N0Q5RjNBNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnr/Z913TsPVyyCz2/XZJz8KjuReaSq8gvYDmkMJFX69F+2SNW S3NB1fm74R17NGjglKEM/6pDotvTNLHMmdvNDez0juj225t6DjLZ7V9EoBBQ9VtG HhKPGNietsxj1S7W7JIvvhpAfVaLB/5ytHNQdwOvX07fG4TUlIXl4f1ZgwJZH6M0 +HAo6+r+0cVUtXcrMVKZXPwueqfu8ssOYd38BMg2l22JtsKulN+JI2TtGy6KK6Oi shl9sU9qMSPDMaJ3lNf+bd12F8wHHqMhtYONDNeTGVIf88/mUptrjR7ujUcMnVGR ngMFqrLG80r7F8YSjOrKU23mvpFU5jOuvpNpAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUKXPaSXyovsX8yd6UpvSWdn2fOk4wHwYDVR0jBBgwFoAUq8hDn+GdmbA4JwII yUtmyiMf/tUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU RUwvcThoRG4tR2RtYkE0SndJSXlVdG15aU1mX3RVLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRFTC9LWFBhU1h5b3ZzWDh5 ZDZVcHZTV2RuMmZPazQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ7dOMA0GCSqGSIb3DQEBCwUAA4IBAQBnc3dP08MUdLt2pcFa/akwLksASDxz mjysDqFmY9KxxqgltBrnhVONS/bzM3za6GtLrtqgRCeNwGjXJ64/XA+GoJBBS5Uq Tm7iaKJgJkkDV+eaPhYC5rs8onCodSRPfZxjJ8O5EHd0hK6NKTL8yAh82E7wCA9M OQtjugOskpG8sB8kGzoX9WDGBMMsIwAFKWn3TFHoMTkHJCH2fB1Bz2JsQC8ObRcu q40spNQgq+RWpp7NS9PbtHBvvN9ZS+G+rOTOqPdCwPrizoaavSNQLkiYRIb1b3h5 TDEHO/oLRsth4JkUlbn1SnjbyAg/ZHee9SDA5LXNrcXaNp5+ioa+i2ZQ -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:49 2024 by rpki-client on console-fra.rpki-client.org