$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/CUBZzQq743wxt6N7hxKxOljw3kM.roa File: CUBZzQq743wxt6N7hxKxOljw3kM.roa (raw, json) Hash identifier: DNgZTGjhoME0GjHKxMIOfSBj3LO9RFoIrBbpG5FW4j0= Subject key identifier: 09:40:59:CD:0A:BB:E3:7C:31:B7:A3:7B:87:12:B1:3A:58:F0:DE:43 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 102E Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/CUBZzQq743wxt6N7hxKxOljw3kM.roa Signing time: Mon 26 Aug 2024 05:16:09 +0000 ROA not before: Mon 26 Aug 2024 05:16:09 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 210.201.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4142 (0x102e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:09 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=094059CD0ABBE37C31B7A37B8712B13A58F0DE43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:a9:8c:85:d0:1d:50:c4:b5:12:d7:bf:23:97: f6:65:f4:10:5a:70:3f:3b:ff:79:1f:0d:d5:e9:f5: c8:58:db:be:5d:6f:a9:77:b7:e1:84:89:85:a6:98: cf:39:63:64:d9:f2:38:6f:b3:f2:e6:b1:42:37:56: 9e:19:73:87:04:07:c1:da:f8:22:ba:3f:93:e1:97: e4:8c:07:aa:c5:bc:e0:c9:ad:84:21:72:44:34:6b: 26:1d:48:b9:6d:d4:08:14:ad:14:f1:44:1f:6e:f2: ea:9d:ca:27:b1:b7:fb:02:05:00:fe:e7:70:e6:ef: ad:86:72:12:d2:ea:a7:9a:7d:c5:75:99:df:c2:79: 93:5d:ed:d8:4d:a0:2f:38:6a:23:6d:bc:36:6d:48: c1:8e:b3:af:f7:54:4c:fd:e9:0b:3a:e2:25:09:d7: 1f:99:73:e3:18:d2:db:2e:cf:a3:3a:05:80:9d:ab: 61:a1:68:a5:f6:fc:a7:aa:8b:c4:41:41:59:14:5a: 9d:21:71:ce:ec:ea:0a:5d:4e:5f:09:6c:2d:0b:eb: cc:8e:84:60:68:4b:f1:11:da:73:01:65:18:d0:17: 84:ff:0c:01:76:ab:78:9d:e5:d3:c5:10:b5:89:30: 8b:53:d2:f6:31:fe:82:8a:22:73:ca:98:7c:89:2f: 9a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:40:59:CD:0A:BB:E3:7C:31:B7:A3:7B:87:12:B1:3A:58:F0:DE:43 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/CUBZzQq743wxt6N7hxKxOljw3kM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.201.32.0/22 Signature Algorithm: sha256WithRSAEncryption aa:bb:db:41:25:b8:e6:83:7c:09:d0:92:51:bc:61:b2:7a:10: 83:e3:87:f8:ef:c4:72:84:c0:8c:e5:be:65:a7:70:aa:a4:47: de:c1:ed:86:6b:40:33:20:fe:a3:1a:51:68:1e:98:99:1b:f8: 74:1b:01:c1:5b:cc:f0:18:7a:97:b7:bb:49:bf:17:e2:30:be: 47:e4:e6:ed:24:7d:c7:78:e5:7d:ad:54:d7:44:a4:2b:e5:40: e6:2b:a7:a4:f3:c2:a1:31:0c:d4:c5:b4:42:54:26:51:40:b0: 4f:41:7a:d4:01:d3:54:50:ae:e7:8c:2c:68:57:18:d9:79:17: 5e:fc:2d:28:c1:47:78:e4:41:25:ac:6e:a0:8e:b4:67:a8:98: 19:fd:3e:08:a6:48:a1:6c:58:69:83:64:f6:80:c6:a8:7b:18: e1:b1:00:ed:b8:54:b7:21:e6:b5:22:bc:69:9d:90:28:5f:a1: a0:5b:b8:ee:55:af:b6:55:fa:44:09:be:0d:4d:d5:c2:c1:08: 9b:01:37:a3:03:af:9e:fb:2d:c2:83:fb:b1:05:70:ce:bd:65: 77:5a:3e:84:b6:6a:0a:02:8c:b7:b7:4e:91:1e:cc:37:45:6a: 47:fb:2b:2c:fe:a8:07:d7:e3:e2:c8:9d:0b:f6:24:90:c9:f4: fe:66:ec:68 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2MDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA5NDA1OUNEMEFCQkUz N0MzMUI3QTM3Qjg3MTJCMTNBNThGMERFNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoqYyF0B1QxLUS178jl/Zl9BBacD87/3kfDdXp9chY275db6l3 t+GEiYWmmM85Y2TZ8jhvs/LmsUI3Vp4Zc4cEB8Ha+CK6P5Phl+SMB6rFvODJrYQh ckQ0ayYdSLlt1AgUrRTxRB9u8uqdyiext/sCBQD+53Dm762GchLS6qeafcV1md/C eZNd7dhNoC84aiNtvDZtSMGOs6/3VEz96Qs64iUJ1x+Zc+MY0tsuz6M6BYCdq2Gh aKX2/Keqi8RBQVkUWp0hcc7s6gpdTl8JbC0L68yOhGBoS/ER2nMBZRjQF4T/DAF2 q3id5dPFELWJMItT0vYx/oKKInPKmHyJL5o/AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUCUBZzQq743wxt6N7hxKxOljw3kMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0NVQlp6UXE3NDN3eHQ2TjdoeEt4T2xq dzNrTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSySAwDQYJ KoZIhvcNAQELBQADggEBAKq720EluOaDfAnQklG8YbJ6EIPjh/jvxHKEwIzlvmWn cKqkR97B7YZrQDMg/qMaUWgemJkb+HQbAcFbzPAYepe3u0m/F+Iwvkfk5u0kfcd4 5X2tVNdEpCvlQOYrp6TzwqExDNTFtEJUJlFAsE9BetQB01RQrueMLGhXGNl5F178 LSjBR3jkQSWsbqCOtGeomBn9PgimSKFsWGmDZPaAxqh7GOGxAO24VLch5rUivGmd kChfoaBbuO5Vr7ZV+kQJvg1N1cLBCJsBN6MDr577LcKD+7EFcM69ZXdaPoS2agoC jLe3TpEezDdFakf7Kyz+qAfX4+LInQv2JJDJ9P5m7Gg= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:31 2024 by rpki-client on console-ams.rpki-client.org