$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/NSuIMnnHg4cGcjG2IsgEs8E8vhU.roa File: NSuIMnnHg4cGcjG2IsgEs8E8vhU.roa (raw, json) Hash identifier: xKRNyOH23BEjCsSYysCmP2GFobh7P0Vlm7U+9UYijLY= Subject key identifier: 35:2B:88:32:79:C7:83:87:06:72:31:B6:22:C8:04:B3:C1:3C:BE:15 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 10B8 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/NSuIMnnHg4cGcjG2IsgEs8E8vhU.roa Signing time: Mon 26 Aug 2024 05:16:43 +0000 ROA not before: Mon 26 Aug 2024 05:16:43 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18419 IP address blocks: 218.35.0.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4280 (0x10b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:43 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=352B883279C78387067231B622C804B3C13CBE15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:b2:b5:e1:3e:00:f5:d7:60:01:f6:fe:4b:6f: a5:8f:0c:8f:88:73:4c:67:c5:9a:c9:a9:c0:a5:6f: 34:2c:f5:ee:e8:d3:2b:bf:cb:37:db:7d:e6:a1:35: a4:3a:ac:b3:48:41:51:61:ef:5b:2b:8c:6a:60:b4: 26:5e:3b:e9:88:ad:f7:88:1e:9f:fc:a8:c3:26:b0: 92:f8:a0:3d:77:f3:8e:be:60:71:1e:1e:3a:e4:3e: c4:d2:9c:f5:1b:7d:5b:83:b0:86:85:e5:16:27:da: 07:24:d7:b2:01:16:94:a1:6e:89:c7:ff:0c:bb:34: 0d:24:cb:29:38:3b:c1:c5:77:ee:f3:ce:1e:98:03: 8d:b6:50:71:30:33:33:58:b4:11:d3:04:9a:0e:45: 3b:6f:4c:9a:a4:f5:94:f2:b0:2a:73:66:79:b5:74: aa:65:7a:20:e8:c6:c7:11:c2:3c:61:6a:63:80:09: 67:39:2c:f1:fb:39:fd:04:4a:ee:bb:a8:c3:58:8d: 66:d0:2d:07:b5:f5:fc:9e:d1:d0:66:71:39:04:91: 35:c0:5f:81:a0:ad:fc:1a:71:14:f0:f2:e1:65:37: 04:07:fc:bc:ab:a2:34:c3:fc:99:55:55:fe:f6:38: f3:34:1c:17:e4:ff:5c:45:18:44:88:83:00:91:d6: 33:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:2B:88:32:79:C7:83:87:06:72:31:B6:22:C8:04:B3:C1:3C:BE:15 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/NSuIMnnHg4cGcjG2IsgEs8E8vhU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.35.0.0/21 Signature Algorithm: sha256WithRSAEncryption 01:5a:e3:ac:69:9c:ff:87:8b:3f:9b:a5:b7:ef:9f:10:f7:8f: c8:00:d2:be:31:37:b1:f2:10:ba:af:71:9b:eb:ef:02:55:75: d3:65:cc:a8:08:54:e8:d7:f1:2f:38:5f:0e:e9:ce:57:f5:43: 43:b1:6d:7c:a2:e3:ac:38:59:db:d0:b1:96:77:ea:bd:0a:9f: 34:67:c4:11:df:b1:c4:2f:03:a6:f1:01:94:2d:be:a4:c8:d7: 94:97:c4:f8:18:8a:29:40:13:fc:8c:3e:9f:96:11:2f:4b:bd: 23:04:4e:6c:b7:ca:5a:53:90:e5:0e:92:62:0f:65:48:4e:64: db:50:a7:bd:fe:2f:7e:e6:4c:14:40:2b:de:11:f3:46:1f:fe: ed:c3:36:49:8a:9e:ca:ec:2e:82:6f:01:f0:aa:d1:e9:62:10: 81:98:21:66:21:dc:de:dc:71:92:66:9d:2e:17:25:3b:18:14: f1:5f:a5:b8:06:a2:68:34:54:0c:0b:c3:25:59:69:92:21:18: 26:04:26:10:c3:da:af:40:33:79:e2:8e:52:dc:9b:44:d1:7e: f4:16:21:69:b3:26:e0:dd:c8:89:7a:1c:0e:a9:2d:95:f6:e7: 0b:99:29:3a:37:8f:5b:a9:cb:d4:1f:da:2d:05:9a:e3:1a:92: 59:a9:b6:51 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICELgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM1MkI4ODMyNzlDNzgz ODcwNjcyMzFCNjIyQzgwNEIzQzEzQ0JFMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhsrXhPgD112AB9v5Lb6WPDI+Ic0xnxZrJqcClbzQs9e7o0yu/ yzfbfeahNaQ6rLNIQVFh71srjGpgtCZeO+mIrfeIHp/8qMMmsJL4oD13846+YHEe HjrkPsTSnPUbfVuDsIaF5RYn2gck17IBFpShbonH/wy7NA0kyyk4O8HFd+7zzh6Y A422UHEwMzNYtBHTBJoORTtvTJqk9ZTysCpzZnm1dKpleiDoxscRwjxhamOACWc5 LPH7Of0ESu67qMNYjWbQLQe19fye0dBmcTkEkTXAX4GgrfwacRTw8uFlNwQH/Lyr ojTD/JlVVf72OPM0HBfk/1xFGESIgwCR1jMRAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUNSuIMnnHg4cGcjG2IsgEs8E8vhUwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL05TdUlNbm5IZzRjR2NqRzJJc2dFczhF OHZoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPaIwAwDQYJ KoZIhvcNAQELBQADggEBAAFa46xpnP+Hiz+bpbfvnxD3j8gA0r4xN7HyELqvcZvr 7wJVddNlzKgIVOjX8S84Xw7pzlf1Q0OxbXyi46w4WdvQsZZ36r0KnzRnxBHfscQv A6bxAZQtvqTI15SXxPgYiilAE/yMPp+WES9LvSMETmy3ylpTkOUOkmIPZUhOZNtQ p73+L37mTBRAK94R80Yf/u3DNkmKnsrsLoJvAfCq0eliEIGYIWYh3N7ccZJmnS4X JTsYFPFfpbgGomg0VAwLwyVZaZIhGCYEJhDD2q9AM3nijlLcm0TRfvQWIWmzJuDd yIl6HA6pLZX25wuZKTo3j1upy9Qf2i0FmuMaklmptlE= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:50 2024 by rpki-client on console-fra.rpki-client.org