$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/aDKP9M8SBEiT1BKEv3xUJs6qdi8.roa File: aDKP9M8SBEiT1BKEv3xUJs6qdi8.roa (raw, json) Hash identifier: is/cwQSY342WeCKMUZ8yu6cOKbm299qwIyYQD01dL1Q= Subject key identifier: 68:32:8F:F4:CF:12:04:48:93:D4:12:84:BF:7C:54:26:CE:AA:76:2F Certificate issuer: /CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Certificate serial: 0BD9 Authority key identifier: 75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/aDKP9M8SBEiT1BKEv3xUJs6qdi8.roa Signing time: Mon 26 Aug 2024 05:11:18 +0000 ROA not before: Mon 26 Aug 2024 05:11:18 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131143 IP address blocks: 103.126.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3033 (0xbd9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Validity Not Before: Aug 26 05:11:18 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=68328FF4CF12044893D41284BF7C5426CEAA762F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:17:d8:2b:09:f0:f7:58:59:fe:e4:31:ea:e5: f6:27:46:b2:08:81:01:45:aa:f2:95:26:4b:7e:eb: 5a:f7:bb:02:67:5e:04:57:07:3c:97:f5:62:2f:18: 0a:00:ae:5b:34:02:16:ea:f0:b9:ad:31:eb:b8:22: 45:d7:b7:92:b1:b1:68:54:8d:88:10:5c:5a:95:49: 45:a4:96:98:2c:f5:26:bf:0c:06:46:c4:c0:99:05: cb:79:8c:19:43:bc:88:d0:35:36:21:34:4c:18:18: 73:51:fe:a9:23:4d:6c:23:f4:de:11:a3:cb:d9:53: 63:a7:26:aa:5f:b1:7a:65:43:a9:a0:f8:44:1b:f8: 0f:55:62:03:f7:92:2f:74:9c:c4:97:55:2f:82:9e: 9e:24:b5:fb:2b:f9:56:ee:99:bb:09:be:34:f5:61: d4:77:e4:11:46:df:15:7a:94:6f:25:40:fa:52:5a: 84:85:f9:90:7f:c8:92:2c:2e:0a:f3:91:b3:5b:a6: 4b:f1:f4:b4:bc:2c:bb:2d:4a:bc:42:17:01:b1:10: 06:cd:b6:59:8b:2a:bc:8f:24:0e:5e:1a:59:d6:62: b3:ab:a7:5b:91:f4:cb:58:19:4d:f5:a8:21:7d:77: fa:ef:57:81:f4:b1:52:e0:4b:2c:a5:f2:f0:31:c0: d8:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:32:8F:F4:CF:12:04:48:93:D4:12:84:BF:7C:54:26:CE:AA:76:2F X509v3 Authority Key Identifier: keyid:75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/aDKP9M8SBEiT1BKEv3xUJs6qdi8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.126.164.0/22 Signature Algorithm: sha256WithRSAEncryption 19:c2:f6:09:4b:34:2b:e1:f7:52:3b:34:61:7c:64:44:99:ba: 68:a9:72:94:ef:6d:76:f3:c3:96:d5:48:8b:a5:a8:8b:b2:dc: a8:5e:43:57:c6:b9:ac:8f:5b:ef:34:4d:40:ec:cc:b8:e2:55: 3e:88:58:a5:b4:57:c7:8f:36:1a:19:77:b0:4f:c4:33:c8:cd: b1:06:44:2d:e3:be:d7:62:e9:a3:8e:a6:a7:89:90:6b:cd:d7: 24:5b:e8:2c:0e:21:9a:f9:85:30:1d:7f:ec:2a:1e:f0:f6:5c: b9:6f:93:07:13:22:a3:90:33:a6:f0:2f:81:15:c6:f7:89:bb: b8:91:5c:d9:3d:9b:2b:83:7c:c4:a9:67:a2:ea:03:cb:63:5f: 60:5d:a9:1d:2c:93:ba:27:3f:68:65:aa:a7:6b:06:23:70:56: 36:c1:16:98:b3:1e:53:37:ee:ce:3c:d9:4f:53:27:0b:e7:fd: dd:30:24:e4:7a:0a:f2:83:22:72:9c:0f:1c:e4:9c:87:f0:52: f5:b4:f8:69:65:34:dd:1f:67:f6:c7:29:21:33:c0:ba:a9:a6: a1:8b:e1:23:21:aa:db:ab:e9:21:96:a4:b9:38:d0:17:6c:c9: f0:38:bc:c3:ed:ad:e7:96:8e:8c:46:a9:1e:4e:f9:af:c2:f9: 67:1c:51:83 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICC9kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC RDkzMEM3NDVEMjNFOUVBNTg1QzA0RDZCOTlGOTVBOTYzMjJFNTAeFw0yNDA4MjYw NTExMThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY4MzI4RkY0Q0YxMjA0 NDg5M0Q0MTI4NEJGN0M1NDI2Q0VBQTc2MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWF9grCfD3WFn+5DHq5fYnRrIIgQFFqvKVJkt+61r3uwJnXgRX BzyX9WIvGAoArls0Ahbq8LmtMeu4IkXXt5KxsWhUjYgQXFqVSUWklpgs9Sa/DAZG xMCZBct5jBlDvIjQNTYhNEwYGHNR/qkjTWwj9N4Ro8vZU2OnJqpfsXplQ6mg+EQb +A9VYgP3ki90nMSXVS+Cnp4ktfsr+VbumbsJvjT1YdR35BFG3xV6lG8lQPpSWoSF +ZB/yJIsLgrzkbNbpkvx9LS8LLstSrxCFwGxEAbNtlmLKryPJA5eGlnWYrOrp1uR 9MtYGU31qCF9d/rvV4H0sVLgSyyl8vAxwNjDAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUaDKP9M8SBEiT1BKEv3xUJs6qdi8wHwYDVR0jBBgwFoAUdb2TDHRdI+nqWFwE 1rmflaljIuUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU UlVTVC9kYjJUREhSZEktbnFXRndFMXJtZmxhbGpJdVUuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL2RiMlRESFJkSS1ucVdGd0Uxcm1mbGFsakl1VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISU5BVFJVU1QvYURLUDlNOFNC RWlUMUJLRXYzeFVKczZxZGk4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAmd+pDANBgkqhkiG9w0BAQsFAAOCAQEAGcL2CUs0K+H3Ujs0YXxkRJm6 aKlylO9tdvPDltVIi6Woi7LcqF5DV8a5rI9b7zRNQOzMuOJVPohYpbRXx482Ghl3 sE/EM8jNsQZELeO+12Lpo46mp4mQa83XJFvoLA4hmvmFMB1/7Coe8PZcuW+TBxMi o5AzpvAvgRXG94m7uJFc2T2bK4N8xKlnouoDy2NfYF2pHSyTuic/aGWqp2sGI3BW NsEWmLMeUzfuzjzZT1MnC+f93TAk5HoK8oMicpwPHOSch/BS9bT4aWU03R9n9scp ITPAuqmmoYvhIyGq26vpIZakuTjQF2zJ8Di8w+2t55aOjEapHk75r8L5ZxxRgw== -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org