$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/nRITi49hdnsaJITfKjPynQRQoeA.roa File: nRITi49hdnsaJITfKjPynQRQoeA.roa (raw, json) Hash identifier: P0+5lnh9MRSfBfHV9eRG/W5cDGDnWZ1JBLvAgaapEhY= Subject key identifier: 9D:12:13:8B:8F:61:76:7B:1A:24:84:DF:2A:33:F2:9D:04:50:A1:E0 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 102A Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/nRITi49hdnsaJITfKjPynQRQoeA.roa Signing time: Mon 26 Aug 2024 05:13:26 +0000 ROA not before: Mon 26 Aug 2024 05:13:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17809 IP address blocks: 203.222.20.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Sep 2024 05:19:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4138 (0x102a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Aug 26 05:13:26 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9D12138B8F61767B1A2484DF2A33F29D0450A1E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b9:a5:71:de:d4:9b:52:3d:98:02:b4:41:ad: de:4f:8c:54:2f:d9:d9:b6:5e:8f:8e:14:d3:c0:af: f2:a2:53:5d:a1:69:12:7f:ef:dc:8d:67:82:9c:91: 61:d7:18:29:3d:e9:d0:7e:ee:1a:06:84:dc:03:69: fe:60:96:7e:25:a0:29:05:2d:b7:17:81:43:c3:36: 3a:67:e4:02:22:ea:b1:e5:fe:5e:e5:c4:72:ef:83: 4e:ae:18:ae:71:e4:b4:ba:14:33:0e:6a:56:80:d1: 08:53:f5:6a:21:f8:63:16:dd:c8:4a:0d:f0:1a:4e: 1d:56:8d:f2:4d:90:a5:cf:68:59:04:3d:19:4e:72: a7:95:16:d6:9a:78:a5:22:f7:71:7c:ca:91:06:95: 68:b4:b3:47:0f:a7:da:c3:6c:f1:6b:4e:3a:dd:ee: 8b:27:88:7e:ac:4e:03:61:58:a5:a6:01:78:46:42: 32:c1:c9:39:b7:67:55:f6:79:36:3b:a7:ba:4d:15: 59:1e:4d:06:e9:5f:8b:8c:b3:09:71:a2:a2:99:50: 73:db:34:ac:e7:a2:e1:05:8f:a0:60:d3:01:42:d4: 17:83:71:56:a0:04:70:a0:95:76:4d:ff:0c:60:9b: a3:fd:19:a4:1a:97:40:0b:43:18:0b:f7:a2:11:38: be:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:12:13:8B:8F:61:76:7B:1A:24:84:DF:2A:33:F2:9D:04:50:A1:E0 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/nRITi49hdnsaJITfKjPynQRQoeA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.222.20.0/22 Signature Algorithm: sha256WithRSAEncryption 72:92:f7:f5:8f:13:9d:05:27:bc:b5:9c:6e:5f:0a:34:75:e2: fc:80:56:20:c1:f7:60:74:da:03:51:58:cd:1a:3e:09:2f:45: dc:81:da:85:d0:c1:08:13:ec:a5:5a:86:87:e2:40:b1:1b:b5: 75:64:b4:05:50:22:f2:5e:5b:25:43:cf:c8:57:1f:94:ef:d3: 98:18:d4:51:0f:06:86:32:b4:2f:96:60:fe:14:07:d0:e1:b2: 4e:4d:e9:6a:db:e4:d1:b2:54:10:9c:27:f4:2c:d4:fd:16:4c: 0f:27:a0:a8:ea:09:e7:6c:e5:21:1a:28:55:26:65:25:b0:d1: 75:b9:f8:cf:65:ee:b2:99:3c:ce:0c:cd:41:e0:b6:86:e4:79: 8d:33:eb:eb:9c:fb:0e:d3:da:ba:e5:1b:79:11:3d:b3:4d:8a: 86:5c:16:22:4f:8e:18:c1:38:4f:09:5e:88:96:49:88:20:05: 76:6d:45:48:14:6d:bd:61:b1:ec:fe:65:5d:49:67:4b:42:3a: ca:e1:ce:6f:c3:9c:5f:b2:6a:fa:a1:ca:61:69:8f:39:ef:2c: 02:14:b6:9b:91:eb:e6:6c:ee:32:7c:a9:13:f0:a3:83:ec:24: b7:bc:6e:49:f0:fb:eb:e0:29:96:d2:83:39:e7:47:20:ff:01: d1:cc:ce:13 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICECowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNDA4MjYw NTEzMjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlEMTIxMzhCOEY2MTc2 N0IxQTI0ODRERjJBMzNGMjlEMDQ1MEExRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8uaVx3tSbUj2YArRBrd5PjFQv2dm2Xo+OFNPAr/KiU12haRJ/ 79yNZ4KckWHXGCk96dB+7hoGhNwDaf5gln4loCkFLbcXgUPDNjpn5AIi6rHl/l7l xHLvg06uGK5x5LS6FDMOalaA0QhT9Woh+GMW3chKDfAaTh1WjfJNkKXPaFkEPRlO cqeVFtaaeKUi93F8ypEGlWi0s0cPp9rDbPFrTjrd7osniH6sTgNhWKWmAXhGQjLB yTm3Z1X2eTY7p7pNFVkeTQbpX4uMswlxoqKZUHPbNKznouEFj6Bg0wFC1BeDcVag BHCglXZN/wxgm6P9GaQal0ALQxgL96IROL5xAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUnRITi49hdnsaJITfKjPynQRQoeAwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvblJJVGk0OWhkbnNhSklUZktqUHlu UVJRb2VBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveFDAN BgkqhkiG9w0BAQsFAAOCAQEAcpL39Y8TnQUnvLWcbl8KNHXi/IBWIMH3YHTaA1FY zRo+CS9F3IHahdDBCBPspVqGh+JAsRu1dWS0BVAi8l5bJUPPyFcflO/TmBjUUQ8G hjK0L5Zg/hQH0OGyTk3patvk0bJUEJwn9CzU/RZMDyegqOoJ52zlIRooVSZlJbDR dbn4z2Xuspk8zgzNQeC2huR5jTPr65z7DtPauuUbeRE9s02KhlwWIk+OGME4Twle iJZJiCAFdm1FSBRtvWGx7P5lXUlnS0I6yuHOb8OcX7Jq+qHKYWmPOe8sAhS2m5Hr 5mzuMnypE/Cjg+wkt7xuSfD76+ApltKDOedHIP8B0czOEw== -----END CERTIFICATE-----Generated at Sat Sep 21 00:29:40 2024 by rpki-client on console-fra.rpki-client.org