$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/SUZLhumnWTaDTc86ysqYy3e1J9g.roa File: SUZLhumnWTaDTc86ysqYy3e1J9g.roa (raw, json) Hash identifier: QGDHhT7kgDqhR6FAW7iOburt+9vLd0EAF9E5GWtlKQc= Subject key identifier: 49:46:4B:86:E9:A7:59:36:83:4D:CF:3A:CA:CA:98:CB:77:B5:27:D8 Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Certificate serial: 0BF7 Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/SUZLhumnWTaDTc86ysqYy3e1J9g.roa Signing time: Mon 26 Aug 2024 05:11:27 +0000 ROA not before: Mon 26 Aug 2024 05:11:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 14618 IP address blocks: 103.119.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Oct 2024 23:47:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3063 (0xbf7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Validity Not Before: Aug 26 05:11:27 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=49464B86E9A75936834DCF3ACACA98CB77B527D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:a6:ce:e7:dc:17:db:54:54:38:50:6d:c4:94: f5:ab:a7:bb:7e:ad:d8:09:c5:c2:53:2c:85:80:af: c3:e3:4d:ee:bb:b1:6a:41:e9:81:d8:6b:f4:a2:0c: 8c:d1:6a:05:ea:96:40:b2:f8:52:43:fd:16:4d:c5: 17:7c:6a:74:89:5c:6e:38:0a:d6:4d:f8:82:29:79: 0c:ce:cb:eb:0c:f4:8e:03:84:9c:3b:72:18:17:c1: fa:9a:09:39:ff:37:9d:17:22:59:78:2c:54:3b:8c: 53:f6:60:a0:e1:64:7d:7c:de:67:d4:34:c4:8e:d3: ee:e5:80:c4:eb:05:d9:57:dc:3e:7b:82:61:58:bf: 00:dd:de:83:29:91:65:5e:be:c9:8b:42:9d:e5:77: fa:37:76:70:77:8a:e5:52:9b:50:63:3d:a0:d4:5f: 63:20:98:78:9e:eb:24:42:c6:12:ce:2b:0b:89:ca: bb:5a:6b:53:5c:13:9a:1c:2d:5f:8c:fe:e9:30:19: a0:95:ae:b9:dc:ad:35:93:8e:2c:5f:a7:c5:6c:ac: bf:85:aa:69:a5:88:35:62:e4:b5:82:05:c7:52:6d: 26:68:8d:28:e7:b5:b2:15:39:62:c1:90:c1:bb:fa: 38:8c:ca:75:1e:87:49:59:3e:25:e6:5a:e8:14:ef: 08:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:46:4B:86:E9:A7:59:36:83:4D:CF:3A:CA:CA:98:CB:77:B5:27:D8 X509v3 Authority Key Identifier: keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/SUZLhumnWTaDTc86ysqYy3e1J9g.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.213.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:a9:c1:93:ef:9f:29:e1:b0:66:2c:49:24:23:28:e6:f1:7e: 67:f6:19:5d:17:83:aa:bb:0b:b0:5c:3a:df:44:e1:6d:cb:63: 5e:03:1d:b9:2c:f4:fc:a6:44:c0:3c:7e:d8:65:73:1b:40:fc: fc:c2:72:ba:fc:da:f0:6d:01:ab:f1:bd:66:01:ac:ed:a2:d2: d7:28:e9:26:fb:90:7f:f9:5c:18:22:99:4d:f1:2c:75:f8:0e: 9d:4f:4c:99:52:24:73:d1:fb:2b:29:66:43:cb:5b:40:ef:22: 98:b9:ac:10:47:36:42:51:2c:99:5b:24:2f:e3:72:75:a0:14: 77:98:1e:83:29:f7:c1:da:87:23:28:dc:8e:ca:cc:64:30:26: 29:9b:84:43:3c:4b:20:cb:bd:6f:19:10:bf:d1:f0:89:ff:d2: 29:1e:49:14:56:71:b1:67:74:f9:35:de:f0:87:89:75:2a:19: 89:99:aa:67:bf:a3:10:58:26:08:88:ce:3e:c0:dd:6b:46:30: f7:e9:f0:5d:25:f3:ad:26:d9:40:3d:fa:72:e2:70:5a:f4:0a: c1:ac:76:64:d7:49:58:08:ca:86:12:83:47:28:89:58:d9:70: 3d:c2:92:e3:5b:7d:10:05:3b:0a:45:73:b2:ac:23:fc:0c:e5: 4e:cc:ce:51 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICC/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNDA4MjYw NTExMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ5NDY0Qjg2RTlBNzU5 MzY4MzREQ0YzQUNBQ0E5OENCNzdCNTI3RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9ps7n3BfbVFQ4UG3ElPWrp7t+rdgJxcJTLIWAr8PjTe67sWpB 6YHYa/SiDIzRagXqlkCy+FJD/RZNxRd8anSJXG44CtZN+IIpeQzOy+sM9I4DhJw7 chgXwfqaCTn/N50XIll4LFQ7jFP2YKDhZH183mfUNMSO0+7lgMTrBdlX3D57gmFY vwDd3oMpkWVevsmLQp3ld/o3dnB3iuVSm1BjPaDUX2MgmHie6yRCxhLOKwuJyrta a1NcE5ocLV+M/ukwGaCVrrncrTWTjixfp8VsrL+FqmmliDVi5LWCBcdSbSZojSjn tbIVOWLBkMG7+jiMynUeh0lZPiXmWugU7whnAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUSUZLhumnWTaDTc86ysqYy3e1J9gwHwYDVR0jBBgwFoAUXNEK1bakd108UE1m EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvU1VaTGh1bW5XVGFEVGM4 NnlzcVl5M2UxSjlnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGd31TANBgkqhkiG9w0BAQsFAAOCAQEAXqnBk++fKeGwZixJJCMo5vF+Z/YZXReD qrsLsFw630ThbctjXgMduSz0/KZEwDx+2GVzG0D8/MJyuvza8G0Bq/G9ZgGs7aLS 1yjpJvuQf/lcGCKZTfEsdfgOnU9MmVIkc9H7KylmQ8tbQO8imLmsEEc2QlEsmVsk L+NydaAUd5gegyn3wdqHIyjcjsrMZDAmKZuEQzxLIMu9bxkQv9Hwif/SKR5JFFZx sWd0+TXe8IeJdSoZiZmqZ7+jEFgmCIjOPsDda0Yw9+nwXSXzrSbZQD36cuJwWvQK wax2ZNdJWAjKhhKDRyiJWNlwPcKS41t9EAU7CkVzsqwj/AzlTszOUQ== -----END CERTIFICATE-----Generated at Tue Oct 22 19:06:26 2024 by rpki-client on console-fra.rpki-client.org