$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/jW3JGt2z3tl6B4iv-uHtf0CfNq0.roa File: jW3JGt2z3tl6B4iv-uHtf0CfNq0.roa (raw, json) Hash identifier: BYbi+H6p1VOyrrU2nW6qrTQ9+6my7oPU6kov4PApyII= Subject key identifier: 8D:6D:C9:1A:DD:B3:DE:D9:7A:07:88:AF:FA:E1:ED:7F:40:9F:36:AD Certificate issuer: /CN=6FDEA34707152290C1D2606FFBFC69B927D40A5B Certificate serial: 0C57 Authority key identifier: 6F:DE:A3:47:07:15:22:90:C1:D2:60:6F:FB:FC:69:B9:27:D4:0A:5B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/b96jRwcVIpDB0mBv-_xpuSfUCls.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/jW3JGt2z3tl6B4iv-uHtf0CfNq0.roa Signing time: Mon 26 Aug 2024 05:12:05 +0000 ROA not before: Mon 26 Aug 2024 05:12:05 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 61.57.208.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/b96jRwcVIpDB0mBv-_xpuSfUCls.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/b96jRwcVIpDB0mBv-_xpuSfUCls.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/b96jRwcVIpDB0mBv-_xpuSfUCls.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3159 (0xc57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6FDEA34707152290C1D2606FFBFC69B927D40A5B Validity Not Before: Aug 26 05:12:05 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8D6DC91ADDB3DED97A0788AFFAE1ED7F409F36AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:bd:95:03:09:dd:3e:77:96:19:f0:f3:6c:83: 98:7b:e1:74:52:c5:d9:d6:8b:70:a0:16:e2:eb:d6: d6:53:12:8f:8d:98:32:18:d7:79:e6:3f:4c:4c:f2: 74:0a:6f:4a:dc:12:e2:07:45:b1:23:b2:31:74:28: c8:6b:6b:e6:62:15:8b:fa:f3:25:e2:e3:3a:13:72: f9:26:61:4f:55:af:79:a3:a1:0a:9f:7f:01:02:e3: 3d:1b:ab:8f:09:03:43:39:db:82:54:2f:f0:b7:07: 69:e8:78:1d:e6:75:9b:93:7f:9c:d2:50:da:b4:9e: ea:ee:18:95:f1:21:2d:94:01:63:af:c3:73:b6:f7: 1c:91:c1:11:d6:47:10:6c:eb:55:86:7b:42:f6:81: f6:2d:66:61:4e:13:82:27:a7:3a:08:12:b2:0e:78: c8:e6:ca:a5:d9:d4:1e:c4:47:11:f0:2c:e2:4d:6b: 7c:ad:8e:b6:f1:4e:fa:72:a7:20:4c:31:de:bf:78: 0c:5a:4b:0a:71:95:1a:f6:50:38:02:b8:4b:3a:e2: dd:3b:89:40:ca:b4:4c:f8:f5:20:c4:a9:6a:74:d4: fc:ea:64:d7:03:d7:6a:19:5a:28:26:91:95:b1:78: 4d:17:44:71:71:35:26:01:5d:81:fc:b9:88:8d:9b: 55:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:6D:C9:1A:DD:B3:DE:D9:7A:07:88:AF:FA:E1:ED:7F:40:9F:36:AD X509v3 Authority Key Identifier: keyid:6F:DE:A3:47:07:15:22:90:C1:D2:60:6F:FB:FC:69:B9:27:D4:0A:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/b96jRwcVIpDB0mBv-_xpuSfUCls.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/b96jRwcVIpDB0mBv-_xpuSfUCls.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCCATV/jW3JGt2z3tl6B4iv-uHtf0CfNq0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.208.0/20 Signature Algorithm: sha256WithRSAEncryption 3f:e9:8b:3d:9c:4c:31:42:9f:f8:32:24:d8:a0:03:a9:9c:ea: 91:ff:81:f0:55:f3:91:6e:9d:a7:65:7b:b4:14:8c:20:ed:5c: 9c:34:84:e7:14:0f:71:0b:3e:d9:ba:c2:f8:3d:a0:1d:ac:6d: 0f:29:3c:65:62:78:74:da:23:2f:fa:9d:dc:de:bf:78:62:06: 4c:35:4c:ed:70:43:4b:1d:fa:b7:49:de:01:fe:f9:28:23:b4: 6b:37:23:0f:e3:23:ef:64:57:12:90:da:40:f3:4e:02:38:f6: 1b:6d:17:2d:38:12:24:95:15:0a:8b:b9:4e:c2:6b:cb:c4:a6: 83:43:22:3a:27:b1:06:2e:74:a5:91:cb:bc:08:f0:a5:05:3c: c7:8e:06:34:79:20:f6:4f:f5:fe:b2:68:4f:b6:a9:11:22:8d: ec:d1:81:38:5e:17:45:b5:73:b1:74:52:15:a1:e4:7e:3b:e2: 06:dc:c6:9b:50:bf:9d:a1:7a:6f:db:0f:cf:9e:e1:23:ce:23: 45:73:5d:72:f7:d2:cf:80:49:cd:71:f5:2f:6a:03:f5:b4:2f: 03:41:ec:82:0e:b8:8a:51:31:67:99:ad:38:99:86:36:1e:fe: 43:9b:22:5a:ab:1b:9e:d0:da:af:58:59:c6:01:f9:f5:17:e8: f6:c6:1d:49 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkZE RUEzNDcwNzE1MjI5MEMxRDI2MDZGRkJGQzY5QjkyN0Q0MEE1QjAeFw0yNDA4MjYw NTEyMDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhENkRDOTFBRERCM0RF RDk3QTA3ODhBRkZBRTFFRDdGNDA5RjM2QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGvZUDCd0+d5YZ8PNsg5h74XRSxdnWi3CgFuLr1tZTEo+NmDIY 13nmP0xM8nQKb0rcEuIHRbEjsjF0KMhra+ZiFYv68yXi4zoTcvkmYU9Vr3mjoQqf fwEC4z0bq48JA0M524JUL/C3B2noeB3mdZuTf5zSUNq0nuruGJXxIS2UAWOvw3O2 9xyRwRHWRxBs61WGe0L2gfYtZmFOE4InpzoIErIOeMjmyqXZ1B7ERxHwLOJNa3yt jrbxTvpypyBMMd6/eAxaSwpxlRr2UDgCuEs64t07iUDKtEz49SDEqWp01PzqZNcD 12oZWigmkZWxeE0XRHFxNSYBXYH8uYiNm1VlAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUjW3JGt2z3tl6B4iv+uHtf0CfNq0wHwYDVR0jBBgwFoAUb96jRwcVIpDB0mBv +/xpuSfUClswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1lDQ0FU Vi9iOTZqUndjVklwREIwbUJ2LV94cHVTZlVDbHMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL2I5NmpSd2NWSXBEQjBtQnYtX3hwdVNmVUNscy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NZQ0NBVFYvalczSkd0MnozdGw2QjRp di11SHRmMENmTnEwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BD050DANBgkqhkiG9w0BAQsFAAOCAQEAP+mLPZxMMUKf+DIk2KADqZzqkf+B8FXz kW6dp2V7tBSMIO1cnDSE5xQPcQs+2brC+D2gHaxtDyk8ZWJ4dNojL/qd3N6/eGIG TDVM7XBDSx36t0neAf75KCO0azcjD+Mj72RXEpDaQPNOAjj2G20XLTgSJJUVCou5 TsJry8Smg0MiOiexBi50pZHLvAjwpQU8x44GNHkg9k/1/rJoT7apESKN7NGBOF4X RbVzsXRSFaHkfjviBtzGm1C/naF6b9sPz57hI84jRXNdcvfSz4BJzXH1L2oD9bQv A0Hsgg64ilExZ5mtOJmGNh7+Q5siWqsbntDar1hZxgH59Rfo9sYdSQ== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:49 2024 by rpki-client on console-fra.rpki-client.org