$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EASPNET/nXyImVDTqqwXLiDHdFQn1-vs_gw.roa File: nXyImVDTqqwXLiDHdFQn1-vs_gw.roa (raw, json) Hash identifier: TeD7R5pvsI+JRbMUwaN2IWjKvk84D17ubxWgMZ/Ngz0= Subject key identifier: 9D:7C:88:99:50:D3:AA:AC:17:2E:20:C7:74:54:27:D7:EB:EC:FE:0C Certificate issuer: /CN=552B16164C361040D88F32D36509448CF3BB9D25 Certificate serial: 0C31 Authority key identifier: 55:2B:16:16:4C:36:10:40:D8:8F:32:D3:65:09:44:8C:F3:BB:9D:25 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/nXyImVDTqqwXLiDHdFQn1-vs_gw.roa Signing time: Mon 26 Aug 2024 05:12:59 +0000 ROA not before: Mon 26 Aug 2024 05:12:59 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 10135 IP address blocks: 202.168.192.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3121 (0xc31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=552B16164C361040D88F32D36509448CF3BB9D25 Validity Not Before: Aug 26 05:12:59 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9D7C889950D3AAAC172E20C7745427D7EBECFE0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:a0:34:7a:ee:7a:36:7c:fa:df:99:62:df:bf: 90:c8:66:97:e4:0c:c5:08:9f:17:8a:2b:3c:5f:97: 89:ae:ce:39:10:d8:c2:d6:03:7c:e9:c1:0e:f1:0c: 67:06:91:c0:2e:63:d2:23:93:0b:2f:04:f9:a3:68: da:14:c3:e3:61:4f:0d:7f:92:d0:b9:2a:89:57:28: dc:13:60:b7:18:f5:ce:05:1a:c7:ca:38:5e:f3:5e: 72:6e:e1:86:dd:23:a3:db:16:a0:2d:a1:58:ae:c0: ba:20:d5:80:cb:fc:60:b6:0b:32:21:67:5f:a6:f8: df:4d:5b:ec:4a:64:12:ed:2d:30:40:4e:ce:9d:b9: aa:22:2a:97:e3:7a:b5:69:26:db:26:68:7a:be:c5: ef:3f:3a:0f:f6:aa:65:44:f1:20:01:a6:ce:1d:9a: 27:5a:9b:39:9f:86:93:75:13:7c:d3:ee:ca:d1:14: af:d2:57:75:8a:54:91:c5:bc:c6:4e:78:fc:8a:8b: a6:93:00:b3:7d:fa:b5:5b:7a:cb:6e:30:25:51:95: 09:a6:bd:43:c2:3a:4e:38:c2:cc:b7:9c:ff:f2:11: f1:4d:2b:13:36:71:93:69:f2:38:3a:7b:43:32:9a: 61:ae:13:67:cd:0e:c5:a3:43:12:b1:06:df:01:81: 74:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:7C:88:99:50:D3:AA:AC:17:2E:20:C7:74:54:27:D7:EB:EC:FE:0C X509v3 Authority Key Identifier: keyid:55:2B:16:16:4C:36:10:40:D8:8F:32:D3:65:09:44:8C:F3:BB:9D:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/nXyImVDTqqwXLiDHdFQn1-vs_gw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.168.192.0/20 Signature Algorithm: sha256WithRSAEncryption 66:c4:e5:d9:b3:5f:e2:f6:7e:e6:56:48:b0:72:0b:34:39:e9: a2:54:d0:72:d4:43:24:47:51:ac:66:8b:72:19:41:34:28:80: 37:ef:8a:ba:9b:7c:8f:8c:09:8f:dd:f3:14:12:7a:92:88:23: eb:eb:88:5f:ff:e9:a5:37:9d:36:0e:4e:d3:53:75:cf:91:3c: 98:18:34:c1:27:21:63:2a:9f:cf:ee:1f:cf:d9:c8:2a:58:5c: 40:27:be:ec:40:98:8c:0c:94:2c:61:cb:d3:10:25:ba:41:5b: ad:5e:17:98:a0:84:3b:5e:86:fe:77:64:7d:55:d3:c6:9c:85: 1a:67:14:d3:7e:b0:b5:53:49:a9:9a:00:67:b5:d4:64:a7:d1: 21:4c:2d:75:3f:13:4d:20:2d:a6:1b:dd:ec:f9:e0:8c:bb:72: 72:a7:22:fe:78:84:6b:8f:69:de:a1:2d:ba:80:72:5a:1d:29: ca:1c:63:6e:1e:2d:88:e8:ad:93:69:f2:fb:28:ba:28:f9:9f: f4:d6:bb:9a:0e:eb:e2:74:69:76:e4:46:d3:e4:1a:60:2c:f7: 02:6f:18:3d:7c:d3:02:6b:f8:b3:a2:c2:fa:1a:b4:c7:72:a5: 3d:d3:e7:84:26:51:3f:e8:00:41:c4:ec:e8:b3:35:d6:69:e2: 4b:10:03:0b -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTUy QjE2MTY0QzM2MTA0MEQ4OEYzMkQzNjUwOTQ0OENGM0JCOUQyNTAeFw0yNDA4MjYw NTEyNTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlEN0M4ODk5NTBEM0FB QUMxNzJFMjBDNzc0NTQyN0Q3RUJFQ0ZFMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvoDR67no2fPrfmWLfv5DIZpfkDMUInxeKKzxfl4muzjkQ2MLW A3zpwQ7xDGcGkcAuY9IjkwsvBPmjaNoUw+NhTw1/ktC5KolXKNwTYLcY9c4FGsfK OF7zXnJu4YbdI6PbFqAtoViuwLog1YDL/GC2CzIhZ1+m+N9NW+xKZBLtLTBATs6d uaoiKpfjerVpJtsmaHq+xe8/Og/2qmVE8SABps4dmidamzmfhpN1E3zT7srRFK/S V3WKVJHFvMZOePyKi6aTALN9+rVbestuMCVRlQmmvUPCOk44wsy3nP/yEfFNKxM2 cZNp8jg6e0MymmGuE2fNDsWjQxKxBt8BgXTrAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUnXyImVDTqqwXLiDHdFQn1+vs/gwwHwYDVR0jBBgwFoAUVSsWFkw2EEDYjzLT ZQlEjPO7nSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRUFTUE5F VC9WU3NXRmt3MkVFRFlqekxUWlFsRWpQTzduU1UuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1ZTc1dGa3cyRUVEWWp6TFRaUWxFalBPN25TVS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0VBU1BORVQvblh5SW1WRFRxcXdYTGlE SGRGUW4xLXZzX2d3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BMqowDANBgkqhkiG9w0BAQsFAAOCAQEAZsTl2bNf4vZ+5lZIsHILNDnpolTQctRD JEdRrGaLchlBNCiAN++Kupt8j4wJj93zFBJ6kogj6+uIX//ppTedNg5O01N1z5E8 mBg0wSchYyqfz+4fz9nIKlhcQCe+7ECYjAyULGHL0xAlukFbrV4XmKCEO16G/ndk fVXTxpyFGmcU036wtVNJqZoAZ7XUZKfRIUwtdT8TTSAtphvd7PngjLtycqci/niE a49p3qEtuoByWh0pyhxjbh4tiOitk2ny+yi6KPmf9Na7mg7r4nRpduRG0+QaYCz3 Am8YPXzTAmv4s6LC+hq0x3KlPdPnhCZRP+gAQcTs6LM11mniSxADCw== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:49 2024 by rpki-client on console-fra.rpki-client.org