$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/COCODIGIT/CfX3PMKe9Q2t6W6h3L-UcrVMAQ0.roa File: CfX3PMKe9Q2t6W6h3L-UcrVMAQ0.roa (raw, json) Hash identifier: IQbAQFqnUlsgKoRIIPcRHNtspop6u7qXUfIfUKaoz1c= Subject key identifier: 09:F5:F7:3C:C2:9E:F5:0D:AD:E9:6E:A1:DC:BF:94:72:B5:4C:01:0D Certificate issuer: /CN=ABD4DDB4BF932C5006B704B9828410174AC412AD Certificate serial: D4 Authority key identifier: AB:D4:DD:B4:BF:93:2C:50:06:B7:04:B9:82:84:10:17:4A:C4:12:AD Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q9TdtL-TLFAGtwS5goQQF0rEEq0.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/COCODIGIT/CfX3PMKe9Q2t6W6h3L-UcrVMAQ0.roa Signing time: Tue 08 Oct 2024 15:04:51 +0000 ROA not before: Tue 08 Oct 2024 15:04:51 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 150766 IP address blocks: 36.50.228.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/COCODIGIT/q9TdtL-TLFAGtwS5goQQF0rEEq0.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/COCODIGIT/q9TdtL-TLFAGtwS5goQQF0rEEq0.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/q9TdtL-TLFAGtwS5goQQF0rEEq0.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABD4DDB4BF932C5006B704B9828410174AC412AD Validity Not Before: Oct 8 15:04:51 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=09F5F73CC29EF50DADE96EA1DCBF9472B54C010D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:44:d4:b6:08:32:16:33:6a:fd:ba:ae:8c:9a: da:90:c1:e8:24:70:cd:e4:cf:89:7e:a8:ec:a3:4d: f8:9e:b4:9b:db:81:d6:e7:50:8a:72:c9:f7:ec:84: f9:b6:20:b4:e7:ac:2f:28:fa:4a:aa:2b:24:53:cd: fe:31:7e:9d:bc:5a:e6:3a:b8:30:4f:f2:61:0d:1d: 3c:4f:e7:54:07:a2:77:7b:41:85:ed:43:74:91:59: 24:ba:52:0b:1a:29:58:9b:12:49:92:11:8f:b8:f1: 72:ed:7c:50:43:a1:fc:06:15:56:92:8b:7a:6f:c0: e7:9e:ed:15:31:c2:f9:bf:c0:81:ad:16:78:4b:39: 31:f6:c5:a3:e4:8e:be:4a:14:e6:93:f4:6e:d4:e3: ad:ee:ef:02:cd:e3:59:71:55:17:f3:e9:01:68:f6: 4a:32:4e:db:79:97:e2:e7:c8:39:63:2f:36:38:62: cd:b7:bd:94:39:8a:f8:6a:f4:6f:8d:95:7c:ad:bf: 5b:67:1f:65:33:b4:d4:87:97:6f:6b:4a:cf:c4:60: 0e:a4:36:b0:8c:12:c5:34:59:7d:6e:16:95:dc:4e: ca:fc:13:29:f7:69:75:b0:56:99:33:1f:3e:ee:2f: 3a:1c:79:7e:8a:f2:ff:68:cf:15:a5:20:19:67:45: 63:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:F5:F7:3C:C2:9E:F5:0D:AD:E9:6E:A1:DC:BF:94:72:B5:4C:01:0D X509v3 Authority Key Identifier: keyid:AB:D4:DD:B4:BF:93:2C:50:06:B7:04:B9:82:84:10:17:4A:C4:12:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/COCODIGIT/q9TdtL-TLFAGtwS5goQQF0rEEq0.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q9TdtL-TLFAGtwS5goQQF0rEEq0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/COCODIGIT/CfX3PMKe9Q2t6W6h3L-UcrVMAQ0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 36.50.228.0/24 Signature Algorithm: sha256WithRSAEncryption 86:2d:4b:2b:59:23:be:bf:bd:19:df:84:e0:52:d3:0c:a3:1e: 49:ee:16:1f:28:b3:19:26:93:c0:c8:cb:8d:bb:08:48:6f:31: 76:dd:1f:52:10:5c:cd:55:82:d1:65:e4:66:33:a0:4c:73:39: 32:82:8a:6a:cb:48:5e:f3:78:2f:eb:d3:57:6c:94:f6:1b:d9: 12:ed:31:b6:58:83:d4:fa:a0:ff:dc:c5:1b:e7:9d:13:29:6b: 57:12:b8:aa:ee:27:d3:17:37:1c:03:8b:5c:48:18:b8:3c:5b: a3:6f:90:e2:c7:5f:92:a0:00:3d:09:48:55:62:1f:b5:81:bd: de:da:12:62:0c:f8:0b:b0:45:a5:78:9f:99:24:fc:c9:47:28: 08:59:00:af:3d:4a:2a:af:c8:87:26:66:bd:fe:5a:6d:72:b1: 21:32:76:6b:b9:91:a9:18:d8:5b:32:82:d1:ef:c1:6a:62:da: 91:d9:79:51:81:8b:33:93:61:57:d2:87:a5:57:4b:b3:3e:d9: d3:91:23:7c:f1:9e:6c:b2:55:fe:5e:87:75:7e:15:74:b0:1c: 35:e1:e3:89:36:2c:a7:5f:13:87:10:c9:1d:aa:1e:17:95:1e: c7:0b:19:4d:3b:f3:94:db:20:ea:03:6b:3d:d7:bd:f3:b2:c7: 3e:f6:9c:03 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICANQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJE NEREQjRCRjkzMkM1MDA2QjcwNEI5ODI4NDEwMTc0QUM0MTJBRDAeFw0yNDEwMDgx NTA0NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA5RjVGNzNDQzI5RUY1 MERBREU5NkVBMURDQkY5NDcyQjU0QzAxMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIRNS2CDIWM2r9uq6MmtqQwegkcM3kz4l+qOyjTfietJvbgdbn UIpyyffshPm2ILTnrC8o+kqqKyRTzf4xfp28WuY6uDBP8mENHTxP51QHond7QYXt Q3SRWSS6UgsaKVibEkmSEY+48XLtfFBDofwGFVaSi3pvwOee7RUxwvm/wIGtFnhL OTH2xaPkjr5KFOaT9G7U463u7wLN41lxVRfz6QFo9koyTtt5l+LnyDljLzY4Ys23 vZQ5ivhq9G+NlXytv1tnH2UztNSHl29rSs/EYA6kNrCMEsU0WX1uFpXcTsr8Eyn3 aXWwVpkzHz7uLzoceX6K8v9ozxWlIBlnRWPfAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUCfX3PMKe9Q2t6W6h3L+UcrVMAQ0wHwYDVR0jBBgwFoAUq9TdtL+TLFAGtwS5 goQQF0rEEq0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ09DT0RJ R0lUL3E5VGR0TC1UTEZBR3R3UzVnb1FRRjByRUVxMC5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvcTlUZHRMLVRMRkFHdHdTNWdvUVFGMHJFRXEwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ09DT0RJR0lUL0NmWDNQTUtlOVEy dDZXNmgzTC1VY3JWTUFRMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAkMuQwDQYJKoZIhvcNAQELBQADggEBAIYtSytZI76/vRnfhOBS0wyjHknu Fh8osxkmk8DIy427CEhvMXbdH1IQXM1VgtFl5GYzoExzOTKCimrLSF7zeC/r01ds lPYb2RLtMbZYg9T6oP/cxRvnnRMpa1cSuKruJ9MXNxwDi1xIGLg8W6NvkOLHX5Kg AD0JSFViH7WBvd7aEmIM+AuwRaV4n5kk/MlHKAhZAK89SiqvyIcmZr3+Wm1ysSEy dmu5kakY2FsygtHvwWpi2pHZeVGBizOTYVfSh6VXS7M+2dORI3zxnmyyVf5eh3V+ FXSwHDXh44k2LKdfE4cQyR2qHheVHscLGU0785TbIOoDaz3XvfOyxz72nAM= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:49 2024 by rpki-client on console-fra.rpki-client.org