$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/lBtnwfjZsqP1aqp96ElREiTUXCs.roa File: lBtnwfjZsqP1aqp96ElREiTUXCs.roa (raw, json) Hash identifier: Zv/1M9HhIvF2HEUHZFbQj1ROQiH1qJOxAbRH6jA/wiY= Subject key identifier: 94:1B:67:C1:F8:D9:B2:A3:F5:6A:AA:7D:E8:49:51:12:24:D4:5C:2B Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Certificate serial: 0BF9 Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/lBtnwfjZsqP1aqp96ElREiTUXCs.roa Signing time: Mon 26 Aug 2024 05:11:28 +0000 ROA not before: Mon 26 Aug 2024 05:11:28 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 133747 IP address blocks: 103.119.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3065 (0xbf9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Validity Not Before: Aug 26 05:11:28 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=941B67C1F8D9B2A3F56AAA7DE849511224D45C2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:89:e0:e2:8b:85:d1:44:c4:4f:d7:c8:01:c2: 58:0f:6f:ce:d0:c1:72:15:89:4c:28:c3:6c:9c:e9: 88:bb:87:24:45:d8:f0:24:30:b7:ad:0c:71:e5:ae: 20:29:c6:4b:9d:f1:f0:16:b0:6e:cc:14:ee:c7:9a: 5b:b1:6e:9f:76:e2:35:bd:32:32:1a:d4:c3:10:56: 7f:42:2c:49:c5:62:dd:6f:a4:53:d2:d6:19:40:20: 96:53:c0:3e:0c:28:68:50:97:d5:4c:1e:f1:e5:3b: 6d:f0:bd:9b:f0:ab:bf:6d:3e:d3:2c:10:81:5c:b3: 75:e9:72:39:36:3a:97:51:68:39:4f:82:19:5a:cb: f2:44:9f:6a:24:2a:78:43:16:3b:7e:60:89:b2:0c: 4d:b7:0b:ab:f2:b7:ea:e9:df:a8:05:04:ee:c1:58: 31:cb:ed:b6:e8:d3:96:47:8e:97:d8:f9:ce:20:35: de:b6:17:64:9a:47:81:8c:94:13:61:8e:de:61:17: 2b:af:02:ea:4e:7e:b5:32:58:de:95:72:2f:29:82: 1e:ca:82:3c:55:74:19:55:e4:46:1d:03:01:d6:0b: 21:0a:4f:17:4f:f2:57:27:e8:01:76:18:4e:e6:56: ec:f0:d7:5c:9e:58:93:c4:c9:e7:75:5a:c9:df:9b: 79:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:1B:67:C1:F8:D9:B2:A3:F5:6A:AA:7D:E8:49:51:12:24:D4:5C:2B X509v3 Authority Key Identifier: keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/lBtnwfjZsqP1aqp96ElREiTUXCs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.212.0/22 Signature Algorithm: sha256WithRSAEncryption 91:0a:d3:86:1a:a0:53:83:a1:b3:04:28:b2:5c:c8:75:dc:6e: 71:03:04:1b:90:fa:93:1e:b9:b0:55:04:ef:71:08:f9:83:e9: 62:a1:45:4a:27:14:51:b1:ae:e8:8a:75:2d:66:10:48:bb:fd: 42:57:dc:fb:36:5c:10:9f:88:ba:aa:a9:07:32:fa:2c:58:51: 07:12:11:b2:c3:84:8d:81:f3:42:f5:87:25:6c:12:7c:76:b8: 60:8e:b9:44:99:9f:31:53:dd:6c:02:3f:f1:16:1a:cf:80:f6: d7:86:4c:fe:2a:71:6c:b4:06:d2:9f:33:9c:32:f3:0e:84:d9: 29:60:0a:ba:c5:53:c5:60:92:fe:35:c7:0e:ec:54:80:76:94: 8f:b7:95:d1:de:96:c0:cd:ec:ed:80:64:ed:b7:6a:91:ef:05: cc:8c:f5:df:8b:c3:c0:10:18:47:36:9b:6b:8c:69:ae:68:33: 40:3b:ab:3f:c7:26:7a:5f:79:b7:a1:b7:d2:d2:35:77:4b:b1: 69:41:ea:87:b9:06:87:ba:83:29:f3:f4:2b:bd:aa:16:99:fb: f7:a4:e2:b4:de:48:69:4b:0b:b2:24:2e:a7:54:f2:c2:21:9e: 2e:11:3d:09:eb:f7:47:3f:c7:be:aa:39:f7:ef:5f:88:c6:75: a3:34:17:42 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICC/kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNDA4MjYw NTExMjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk0MUI2N0MxRjhEOUIy QTNGNTZBQUE3REU4NDk1MTEyMjRENDVDMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDoieDii4XRRMRP18gBwlgPb87QwXIViUwow2yc6Yi7hyRF2PAk MLetDHHlriApxkud8fAWsG7MFO7Hmluxbp924jW9MjIa1MMQVn9CLEnFYt1vpFPS 1hlAIJZTwD4MKGhQl9VMHvHlO23wvZvwq79tPtMsEIFcs3Xpcjk2OpdRaDlPghla y/JEn2okKnhDFjt+YImyDE23C6vyt+rp36gFBO7BWDHL7bbo05ZHjpfY+c4gNd62 F2SaR4GMlBNhjt5hFyuvAupOfrUyWN6Vci8pgh7KgjxVdBlV5EYdAwHWCyEKTxdP 8lcn6AF2GE7mVuzw11yeWJPEyed1Wsnfm3nlAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUlBtnwfjZsqP1aqp96ElREiTUXCswHwYDVR0jBBgwFoAUXNEK1bakd108UE1m EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvbEJ0bndmalpzcVAxYXFw OTZFbFJFaVRVWENzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME Amd31DANBgkqhkiG9w0BAQsFAAOCAQEAkQrThhqgU4OhswQoslzIddxucQMEG5D6 kx65sFUE73EI+YPpYqFFSicUUbGu6Ip1LWYQSLv9Qlfc+zZcEJ+IuqqpBzL6LFhR BxIRssOEjYHzQvWHJWwSfHa4YI65RJmfMVPdbAI/8RYaz4D214ZM/ipxbLQG0p8z nDLzDoTZKWAKusVTxWCS/jXHDuxUgHaUj7eV0d6WwM3s7YBk7bdqke8FzIz134vD wBAYRzaba4xprmgzQDurP8cmel95t6G30tI1d0uxaUHqh7kGh7qDKfP0K72qFpn7 96TitN5IaUsLsiQup1TywiGeLhE9Cev3Rz/Hvqo59+9fiMZ1ozQXQg== -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:03 2024 by rpki-client on console-ams.rpki-client.org