$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/QNgPybRdcBuFzxtSrY9Wh9IbAQw.roa File: QNgPybRdcBuFzxtSrY9Wh9IbAQw.roa (raw, json) Hash identifier: +lYTq3WFviFLv9j9pOELH0jgvJf8kH/ZmBHJQV7MF6Y= Subject key identifier: 40:D8:0F:C9:B4:5D:70:1B:85:CF:1B:52:AD:8F:56:87:D2:1B:01:0C Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 10D6 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/QNgPybRdcBuFzxtSrY9Wh9IbAQw.roa Signing time: Mon 26 Aug 2024 05:16:50 +0000 ROA not before: Mon 26 Aug 2024 05:16:50 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 223.23.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4310 (0x10d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:50 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=40D80FC9B45D701B85CF1B52AD8F5687D21B010C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:11:13:c5:e8:1a:ea:fd:7c:d9:a9:c3:4c:08: ab:00:98:38:b6:cd:2e:8c:d9:d7:8a:e4:82:7b:34: 85:8e:64:17:40:d7:f5:9c:64:1c:1b:da:cc:12:e2: 0c:46:f5:95:98:54:58:c5:4d:11:69:2d:e0:aa:5c: 76:90:8b:3b:10:d8:d9:b3:40:0d:95:0f:18:c2:4b: e5:db:9b:da:43:3b:04:04:1c:a9:22:bb:06:39:39: 03:db:de:b6:09:f2:0e:c6:79:59:bb:b8:1b:cb:ad: 63:78:3f:36:24:6a:9d:95:a4:af:d8:ad:10:ee:4c: d1:1b:3a:c7:cd:25:89:5d:e5:fb:e0:e6:00:68:27: f8:a5:30:9d:1d:56:1d:8d:28:b4:bb:54:12:69:f6: e0:41:fa:a8:e1:f3:54:1f:e2:35:ee:86:d4:7e:7a: c7:ed:58:5f:04:e6:24:14:75:5f:c6:13:58:9d:1f: 86:5c:22:54:93:cb:ef:b4:7f:ba:2f:9a:a8:e1:76: d0:8f:e9:b5:33:00:5c:c9:dc:26:6c:a8:95:90:41: d4:c1:14:a5:bf:d6:fe:3e:bc:8d:37:48:ad:84:a2: 38:6e:81:2a:37:12:b9:b3:e4:40:54:bb:97:f9:69: 7c:56:0c:a9:16:97:8d:cc:b2:34:04:ea:9b:90:31: 13:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:D8:0F:C9:B4:5D:70:1B:85:CF:1B:52:AD:8F:56:87:D2:1B:01:0C X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/QNgPybRdcBuFzxtSrY9Wh9IbAQw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.23.63.0/24 Signature Algorithm: sha256WithRSAEncryption 88:6a:46:24:2a:a1:64:f3:e7:8e:21:d0:59:5a:05:93:bc:9b: 23:38:78:d2:21:a9:b4:3b:dd:c4:f0:6d:63:c8:d6:4e:ff:48: c1:cd:51:b3:26:79:01:c2:0a:ae:b6:17:a2:6e:4d:62:bc:c8: 7f:7c:9e:a6:92:66:3b:31:87:8b:a2:75:91:72:fb:13:1d:73: 15:97:bf:c0:54:0e:ef:99:d7:59:f2:af:85:28:1e:48:18:2a: fa:77:bc:85:57:f8:5c:17:ee:73:1c:e7:0e:05:7a:57:9e:2d: f7:d6:a1:20:04:5a:5a:c0:88:fc:cc:12:8a:09:3e:e5:7d:c5: 3d:06:b0:1b:31:a5:ab:65:6f:bf:fa:d7:a1:ac:cd:18:3a:ee: 6b:e2:ba:c2:b6:1f:38:51:ba:a4:66:f2:4e:ba:95:f9:d7:88: d5:68:df:20:f5:d2:7d:a9:51:7a:48:f0:2f:5a:37:06:18:36: 1b:ad:0b:e5:ed:c8:3e:c0:85:23:7c:ba:a8:fc:4f:5d:db:49: 37:24:56:5d:8f:35:69:2d:94:d1:c7:e5:e4:42:77:24:2a:05: d0:18:50:30:93:88:a6:26:ec:07:d8:9a:1d:9f:bf:d1:a3:84: 66:7b:2e:00:f0:2c:22:37:8e:95:88:c2:f6:33:fe:59:a3:c9: 95:49:b2:d4 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICENYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQwRDgwRkM5QjQ1RDcw MUI4NUNGMUI1MkFEOEY1Njg3RDIxQjAxMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0ERPF6Brq/XzZqcNMCKsAmDi2zS6M2deK5IJ7NIWOZBdA1/Wc ZBwb2swS4gxG9ZWYVFjFTRFpLeCqXHaQizsQ2NmzQA2VDxjCS+Xbm9pDOwQEHKki uwY5OQPb3rYJ8g7GeVm7uBvLrWN4PzYkap2VpK/YrRDuTNEbOsfNJYld5fvg5gBo J/ilMJ0dVh2NKLS7VBJp9uBB+qjh81Qf4jXuhtR+esftWF8E5iQUdV/GE1idH4Zc IlSTy++0f7ovmqjhdtCP6bUzAFzJ3CZsqJWQQdTBFKW/1v4+vI03SK2EojhugSo3 Ermz5EBUu5f5aXxWDKkWl43MsjQE6puQMRNRAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUQNgPybRdcBuFzxtSrY9Wh9IbAQwwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1FOZ1B5YlJkY0J1Rnp4dFNyWTlXaDlJ YkFRdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADfFz8wDQYJ KoZIhvcNAQELBQADggEBAIhqRiQqoWTz544h0FlaBZO8myM4eNIhqbQ73cTwbWPI 1k7/SMHNUbMmeQHCCq62F6JuTWK8yH98nqaSZjsxh4uidZFy+xMdcxWXv8BUDu+Z 11nyr4UoHkgYKvp3vIVX+FwX7nMc5w4FeleeLffWoSAEWlrAiPzMEooJPuV9xT0G sBsxpatlb7/616GszRg67mviusK2HzhRuqRm8k66lfnXiNVo3yD10n2pUXpI8C9a NwYYNhutC+XtyD7AhSN8uqj8T13bSTckVl2PNWktlNHH5eRCdyQqBdAYUDCTiKYm 7AfYmh2fv9GjhGZ7LgDwLCI3jpWIwvYz/lmjyZVJstQ= -----END CERTIFICATE-----Generated at Fri Nov 22 14:13:08 2024 by rpki-client on console-fra.rpki-client.org