$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/aN019-JSkGE87cX54IEAWHXJaek.roa File: aN019-JSkGE87cX54IEAWHXJaek.roa (raw, json) Hash identifier: 0Effh7ipqNMz1UiDMjZx7o2cF6pMZOOcsOwxclXFdlQ= Subject key identifier: 68:DD:35:F7:E2:52:90:61:3C:ED:C5:F9:E0:81:00:58:75:C9:69:E9 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 106A Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/aN019-JSkGE87cX54IEAWHXJaek.roa Signing time: Mon 26 Aug 2024 05:16:23 +0000 ROA not before: Mon 26 Aug 2024 05:16:23 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 222.157.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4202 (0x106a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:23 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=68DD35F7E25290613CEDC5F9E081005875C969E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:39:e2:8d:16:56:56:c6:33:09:3f:62:5c:19: a4:2c:40:97:01:26:54:51:70:25:35:3f:08:15:6e: 0f:92:d5:d4:de:11:a8:88:ea:6a:01:f1:92:a5:5b: 98:a0:71:2d:41:b8:db:fd:c4:a4:74:fe:3f:19:13: 36:79:ec:eb:f0:e6:4e:48:04:04:ca:8a:14:b7:6e: 8f:61:91:b7:f8:db:56:38:54:4b:64:55:6a:bf:f5: 1f:ba:80:8f:7f:c0:c8:fb:e1:cb:3b:c8:fb:fd:da: 49:f9:40:21:90:5b:d0:ac:91:5c:fb:de:87:bd:9e: c4:0d:1f:cb:f0:09:4c:90:57:a7:6a:04:7f:80:5d: 94:91:b1:d1:ae:91:cd:16:b0:72:c5:48:d5:30:bb: 89:1f:b1:ab:9e:da:11:1a:bc:20:57:2d:02:90:c1: 21:ad:20:04:29:49:90:f4:3c:71:15:1a:b8:f6:ac: 1d:9a:8a:79:b7:48:5e:b1:78:b9:03:a0:2c:0f:0d: 6e:a2:42:1e:5b:ae:38:b0:2c:84:7e:29:72:47:11: ee:44:79:c5:6d:87:d3:6a:3b:fa:51:a3:a2:89:65: 07:10:b6:17:13:6b:20:2f:6c:25:3c:f8:0a:11:94: f9:b6:07:ec:f9:d9:fe:5c:0b:03:bc:1d:cd:eb:33: 6f:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:DD:35:F7:E2:52:90:61:3C:ED:C5:F9:E0:81:00:58:75:C9:69:E9 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/aN019-JSkGE87cX54IEAWHXJaek.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 222.157.64.0/19 Signature Algorithm: sha256WithRSAEncryption 5c:62:a7:2a:92:6d:b6:87:a4:60:88:df:6d:01:b2:65:7b:64: c1:40:6d:7c:3b:d1:ea:89:8e:b2:7c:c8:c9:dc:f5:e0:c8:b9: fd:cd:dd:ca:f2:e5:fe:10:d9:00:74:0e:16:bf:e0:39:47:fc: 0f:a1:c3:d0:05:9c:74:37:1e:0a:16:af:95:74:0a:7c:ff:62: 61:fa:04:06:f5:e4:88:28:bc:73:a3:f4:8f:d7:83:bf:ee:21: 93:dd:c0:00:04:a2:30:6b:15:77:22:3b:1f:0a:71:71:4b:93: 38:e0:0b:34:65:ad:0e:2d:62:e9:51:40:94:64:b3:4e:04:86: 6c:6a:35:15:1d:7a:3a:a3:fa:ff:d7:cc:b9:b4:b0:d0:e9:8a: 42:76:7e:1a:bd:98:61:a6:94:d8:77:b8:c4:5a:e9:fc:9d:c5: ed:f2:aa:1d:9f:5f:30:b5:63:c4:c9:15:9f:1c:be:2d:51:b0: f1:17:03:96:15:ca:d0:31:1e:a2:a8:2b:de:4f:a6:b4:0e:2a: 80:a3:d9:32:15:f9:81:9d:50:23:7f:b7:a0:4e:ae:ee:36:24: d6:2e:42:51:3f:3a:cd:c7:06:81:c6:81:c7:1b:2d:08:62:f3: c3:b8:8f:09:ea:80:0b:41:0f:85:37:1f:05:ad:2a:6d:22:e4: 3c:17:b4:57 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEGowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2MjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY4REQzNUY3RTI1Mjkw NjEzQ0VEQzVGOUUwODEwMDU4NzVDOTY5RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3OeKNFlZWxjMJP2JcGaQsQJcBJlRRcCU1PwgVbg+S1dTeEaiI 6moB8ZKlW5igcS1BuNv9xKR0/j8ZEzZ57Ovw5k5IBATKihS3bo9hkbf421Y4VEtk VWq/9R+6gI9/wMj74cs7yPv92kn5QCGQW9CskVz73oe9nsQNH8vwCUyQV6dqBH+A XZSRsdGukc0WsHLFSNUwu4kfsaue2hEavCBXLQKQwSGtIAQpSZD0PHEVGrj2rB2a inm3SF6xeLkDoCwPDW6iQh5brjiwLIR+KXJHEe5EecVth9NqO/pRo6KJZQcQthcT ayAvbCU8+AoRlPm2B+z52f5cCwO8Hc3rM2/TAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUaN019+JSkGE87cX54IEAWHXJaekwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2FOMDE5LUpTa0dFODdjWDU0SUVBV0hY SmFlay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXenUAwDQYJ KoZIhvcNAQELBQADggEBAFxipyqSbbaHpGCI320BsmV7ZMFAbXw70eqJjrJ8yMnc 9eDIuf3N3cry5f4Q2QB0Dha/4DlH/A+hw9AFnHQ3HgoWr5V0Cnz/YmH6BAb15Igo vHOj9I/Xg7/uIZPdwAAEojBrFXciOx8KcXFLkzjgCzRlrQ4tYulRQJRks04Ehmxq NRUdejqj+v/XzLm0sNDpikJ2fhq9mGGmlNh3uMRa6fydxe3yqh2fXzC1Y8TJFZ8c vi1RsPEXA5YVytAxHqKoK95PprQOKoCj2TIV+YGdUCN/t6BOru42JNYuQlE/Os3H BoHGgccbLQhi88O4jwnqgAtBD4U3HwWtKm0i5DwXtFc= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:50 2024 by rpki-client on console-fra.rpki-client.org