$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/_pGjQECHi0DyoRl3z5SqUwdb9fg.roa File: _pGjQECHi0DyoRl3z5SqUwdb9fg.roa (raw, json) Hash identifier: jfsw7nG8kKYp1Ojb06yAau7LCEuMhuBR452a2LrfvJE= Subject key identifier: FE:91:A3:40:40:87:8B:40:F2:A1:19:77:CF:94:AA:53:07:5B:F5:F8 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 0FF4 Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/_pGjQECHi0DyoRl3z5SqUwdb9fg.roa Signing time: Mon 26 Aug 2024 05:13:14 +0000 ROA not before: Mon 26 Aug 2024 05:13:14 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17809 IP address blocks: 203.217.96.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4084 (0xff4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Aug 26 05:13:14 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=FE91A34040878B40F2A11977CF94AA53075BF5F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:1a:99:1f:81:e3:4d:5a:79:b6:d0:03:27:0d: 5a:2c:56:8d:78:b4:7f:29:da:be:7e:fd:bc:db:f5: 00:e6:6f:20:4b:33:1c:92:e8:d5:e5:97:f4:bc:bc: 14:e9:7d:a4:7e:1c:73:53:52:ea:04:90:ce:b0:5c: 5f:2d:43:2b:05:c1:b6:8f:13:51:c7:0c:17:70:be: 0c:87:3d:25:56:42:d0:6a:72:db:ca:6a:5e:63:61: 5c:58:07:44:74:a3:75:1d:1f:b4:12:83:5f:84:9e: 01:35:c8:5d:f8:7e:80:c0:6b:83:de:c5:4d:18:29: de:67:90:1d:d4:f8:3f:d6:de:9c:5f:fd:53:a6:35: d6:02:c0:97:ff:43:fd:13:62:c2:7d:13:b2:cd:51: b8:8b:67:30:06:74:7e:d1:6b:20:da:c8:05:f9:77: ef:37:0c:8c:7f:53:5a:e4:ec:3d:22:78:ca:c6:23: 11:c6:16:66:c4:90:d9:15:f1:e1:ab:4b:d6:91:66: 16:76:7b:90:d1:cf:73:19:3d:5c:42:90:50:1c:19: 8c:6b:c5:e7:e8:d5:4b:40:ca:57:01:0b:cf:15:4d: c0:e0:78:52:be:c8:3e:2c:9b:e5:d4:7c:42:d2:17: fd:22:5e:77:b0:37:ab:fb:bc:51:02:87:93:ec:8c: 51:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:91:A3:40:40:87:8B:40:F2:A1:19:77:CF:94:AA:53:07:5B:F5:F8 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/_pGjQECHi0DyoRl3z5SqUwdb9fg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.217.96.0/19 Signature Algorithm: sha256WithRSAEncryption 07:d8:d2:ca:cf:e7:db:ee:cb:f3:84:64:a4:aa:d6:55:45:c0: c9:b3:c5:2b:93:e8:9b:1b:41:f0:ff:32:16:7c:0f:e3:93:d9: 8d:07:4a:91:85:78:58:04:bb:6a:f4:df:91:d2:d0:a8:e2:76: 75:20:9d:69:73:5b:b0:15:f7:1d:91:2f:e5:39:28:b1:c3:f2: f3:26:a1:34:af:a7:5a:d1:03:10:4c:a7:fa:f4:0b:ef:9d:8a: c0:f6:d8:93:34:06:af:46:bd:34:a8:4f:ff:19:bf:7d:b6:6f: 0e:cd:c6:cf:b1:60:bb:f3:2d:82:6a:fb:75:86:05:2e:a4:12: 0b:48:96:f8:24:55:3a:8c:6f:e2:dd:15:0c:60:bf:69:14:7e: 73:cb:53:aa:43:74:e8:99:e1:53:19:dc:0a:50:eb:a0:bf:d5: 1c:e0:a3:ab:de:88:6e:bc:20:0d:b3:1c:84:a4:d5:47:36:b6: 3b:d8:e1:f4:b6:51:f7:ec:fe:40:fd:88:cd:aa:97:ee:8d:bf: 82:8b:d8:d2:5d:30:39:77:8a:91:7f:84:06:0b:e3:3c:41:d8: 69:80:b4:aa:c6:eb:05:0a:de:76:30:79:c6:c8:17:89:bf:65: 41:8e:4b:b7:0d:4b:8b:86:27:55:3f:c0:43:51:68:ca:1a:fc: 36:f6:1c:02 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICD/QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNDA4MjYw NTEzMTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZFOTFBMzQwNDA4NzhC NDBGMkExMTk3N0NGOTRBQTUzMDc1QkY1RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6GpkfgeNNWnm20AMnDVosVo14tH8p2r5+/bzb9QDmbyBLMxyS 6NXll/S8vBTpfaR+HHNTUuoEkM6wXF8tQysFwbaPE1HHDBdwvgyHPSVWQtBqctvK al5jYVxYB0R0o3UdH7QSg1+EngE1yF34foDAa4PexU0YKd5nkB3U+D/W3pxf/VOm NdYCwJf/Q/0TYsJ9E7LNUbiLZzAGdH7RayDayAX5d+83DIx/U1rk7D0ieMrGIxHG FmbEkNkV8eGrS9aRZhZ2e5DRz3MZPVxCkFAcGYxrxefo1UtAylcBC88VTcDgeFK+ yD4sm+XUfELSF/0iXnewN6v7vFECh5PsjFEjAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU/pGjQECHi0DyoRl3z5SqUwdb9fgwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvX3BHalFFQ0hpMER5b1JsM3o1U3FV d2RiOWZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcvZYDAN BgkqhkiG9w0BAQsFAAOCAQEAB9jSys/n2+7L84RkpKrWVUXAybPFK5PomxtB8P8y FnwP45PZjQdKkYV4WAS7avTfkdLQqOJ2dSCdaXNbsBX3HZEv5TkoscPy8yahNK+n WtEDEEyn+vQL752KwPbYkzQGr0a9NKhP/xm/fbZvDs3Gz7Fgu/Mtgmr7dYYFLqQS C0iW+CRVOoxv4t0VDGC/aRR+c8tTqkN06JnhUxncClDroL/VHOCjq96IbrwgDbMc hKTVRza2O9jh9LZR9+z+QP2IzaqX7o2/govY0l0wOXeKkX+EBgvjPEHYaYC0qsbr BQredjB5xsgXib9lQY5Ltw1Li4YnVT/AQ1Foyhr8NvYcAg== -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:36 2024 by rpki-client on console-fra.rpki-client.org