$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/L9LcHuTZQMdb3GVDJ_wEeyoOSPw.roa File: L9LcHuTZQMdb3GVDJ_wEeyoOSPw.roa (raw, json) Hash identifier: ctHrR4JnhRPXTeeJ6aG9wPlucMVXJr2FX/TOE2IO2Hs= Subject key identifier: 2F:D2:DC:1E:E4:D9:40:C7:5B:DC:65:43:27:FC:04:7B:2A:0E:48:FC Certificate issuer: /CN=3BF441B57C86BD9D193451A005D26CE1A3C6DEE7 Certificate serial: 0234 Authority key identifier: 3B:F4:41:B5:7C:86:BD:9D:19:34:51:A0:05:D2:6C:E1:A3:C6:DE:E7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/L9LcHuTZQMdb3GVDJ_wEeyoOSPw.roa Signing time: Mon 26 Aug 2024 05:13:41 +0000 ROA not before: Mon 26 Aug 2024 05:13:41 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18041 IP address blocks: 103.160.180.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 564 (0x234) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BF441B57C86BD9D193451A005D26CE1A3C6DEE7 Validity Not Before: Aug 26 05:13:41 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2FD2DC1EE4D940C75BDC654327FC047B2A0E48FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e8:4f:f4:82:13:82:3f:47:7a:12:c7:77:e8: 15:6a:30:0e:46:59:15:73:b0:89:97:4e:5d:78:f3: 48:89:f3:46:f9:e7:cf:3a:4d:34:58:28:c7:6d:e2: ee:5b:9d:72:c3:f8:a8:d8:91:94:e9:5a:97:e8:17: 1e:69:7d:f4:2f:9b:e0:98:18:ea:c8:00:fc:75:5a: bb:70:89:f8:70:2d:40:da:6f:ab:5f:4e:f8:34:bf: 05:92:49:88:c2:0e:5d:24:c5:d3:0c:03:01:c9:cd: df:80:f4:72:d4:b7:03:07:76:f2:4a:8c:13:bb:df: 94:e8:3d:11:3a:9a:a0:01:55:5c:3d:1e:25:e1:39: 50:c6:6c:0d:d6:44:2b:74:6c:93:2e:52:05:29:3a: 2e:10:f8:80:2f:db:91:0f:25:30:44:df:7f:e8:3b: dd:77:40:6e:51:a6:c2:df:2b:9f:2d:9c:47:83:75: 26:c9:e0:dd:ae:de:ae:17:b9:fa:b4:46:39:93:de: f2:3d:4d:dc:54:20:a8:c1:dd:47:4d:93:e3:c9:69: 20:14:ea:65:e9:01:e2:33:15:bb:5c:f9:ff:29:7c: 13:16:43:f6:4f:67:e1:e7:cf:eb:04:77:96:17:ab: ad:4c:f6:bf:65:4f:89:bc:a7:14:c9:62:cf:ff:f5: 32:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:D2:DC:1E:E4:D9:40:C7:5B:DC:65:43:27:FC:04:7B:2A:0E:48:FC X509v3 Authority Key Identifier: keyid:3B:F4:41:B5:7C:86:BD:9D:19:34:51:A0:05:D2:6C:E1:A3:C6:DE:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/L9LcHuTZQMdb3GVDJ_wEeyoOSPw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.160.180.0/23 Signature Algorithm: sha256WithRSAEncryption 16:f7:d8:b7:2c:52:74:4b:41:e8:78:d9:27:3e:1e:73:11:f3: d3:14:68:c7:f0:8d:f1:be:9b:f6:36:12:3e:2a:fa:43:28:62: 6a:70:98:b5:85:d5:66:c5:97:d3:75:1f:97:cc:63:36:77:74: bd:c0:a7:8e:7b:01:db:f1:7a:3a:76:fa:58:6f:c6:9e:17:48: 75:b1:ea:ed:86:b0:40:4c:b8:29:94:fd:44:e1:fc:ac:07:e6: 34:f5:28:f3:0c:33:f0:24:a7:b0:98:98:2c:aa:26:4c:4e:fa: 9f:54:42:2f:d2:dd:29:ab:44:0a:b6:d2:d5:cc:75:b0:db:00: 02:31:9e:1d:29:b5:39:d1:a4:93:93:79:54:11:54:6f:65:62: c3:08:6a:12:d3:8a:82:c0:ca:26:5f:e8:a9:b3:62:3f:30:0a: 58:f7:1b:62:2c:b2:5f:e0:8c:a0:93:a4:b5:92:cc:82:96:e4: 5d:a7:91:0b:2a:00:94:5a:88:c0:3d:e5:02:9e:a2:cf:1a:23: 6e:17:3e:60:47:ba:8c:64:0a:0b:88:18:c6:62:f5:c8:8c:2e: 8f:57:c9:4f:2a:7e:45:3a:fa:5e:59:70:50:76:f3:9e:f2:d4: 77:55:4f:c1:6a:d5:92:7a:35:9b:a2:8f:c5:dd:02:3f:8d:3e: 9a:6b:14:e8 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICAjQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JG NDQxQjU3Qzg2QkQ5RDE5MzQ1MUEwMDVEMjZDRTFBM0M2REVFNzAeFw0yNDA4MjYw NTEzNDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJGRDJEQzFFRTREOTQw Qzc1QkRDNjU0MzI3RkMwNDdCMkEwRTQ4RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCq6E/0ghOCP0d6Esd36BVqMA5GWRVzsImXTl1480iJ80b55886 TTRYKMdt4u5bnXLD+KjYkZTpWpfoFx5pffQvm+CYGOrIAPx1WrtwifhwLUDab6tf Tvg0vwWSSYjCDl0kxdMMAwHJzd+A9HLUtwMHdvJKjBO735ToPRE6mqABVVw9HiXh OVDGbA3WRCt0bJMuUgUpOi4Q+IAv25EPJTBE33/oO913QG5RpsLfK58tnEeDdSbJ 4N2u3q4Xufq0RjmT3vI9TdxUIKjB3UdNk+PJaSAU6mXpAeIzFbtc+f8pfBMWQ/ZP Z+Hnz+sEd5YXq61M9r9lT4m8pxTJYs//9TIDAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUL9LcHuTZQMdb3GVDJ/wEeyoOSPwwHwYDVR0jBBgwFoAUO/RBtXyGvZ0ZNFGg BdJs4aPG3ucwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRVJBWUlO Rk8vT19SQnRYeUd2WjBaTkZHZ0JkSnM0YVBHM3VjLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9PX1JCdFh5R3ZaMFpORkdnQmRKczRhUEczdWMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FUkFZSU5GTy9MOUxjSHVUWlFNZGIz R1ZESl93RWV5b09TUHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6C0MA0GCSqGSIb3DQEBCwUAA4IBAQAW99i3LFJ0S0HoeNknPh5zEfPTFGjH 8I3xvpv2NhI+KvpDKGJqcJi1hdVmxZfTdR+XzGM2d3S9wKeOewHb8Xo6dvpYb8ae F0h1serthrBATLgplP1E4fysB+Y09SjzDDPwJKewmJgsqiZMTvqfVEIv0t0pq0QK ttLVzHWw2wACMZ4dKbU50aSTk3lUEVRvZWLDCGoS04qCwMomX+ips2I/MApY9xti LLJf4Iygk6S1ksyCluRdp5ELKgCUWojAPeUCnqLPGiNuFz5gR7qMZAoLiBjGYvXI jC6PV8lPKn5FOvpeWXBQdvOe8tR3VU/BatWSejWboo/F3QI/jT6aaxTo -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:04 2024 by rpki-client on console-ams.rpki-client.org