$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/r1YduKDcOpf9vC5qjSWgsOsAkK8.roa File: r1YduKDcOpf9vC5qjSWgsOsAkK8.roa (raw, json) Hash identifier: AcP5cXdbHb4fbUvnuG9UnYHTLssGk/jozutd40KPoSo= Subject key identifier: AF:56:1D:B8:A0:DC:3A:97:FD:BC:2E:6A:8D:25:A0:B0:EB:00:90:AF Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1059 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/r1YduKDcOpf9vC5qjSWgsOsAkK8.roa Signing time: Mon 26 Aug 2024 05:16:20 +0000 ROA not before: Mon 26 Aug 2024 05:16:20 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131142 IP address blocks: 223.22.0.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4185 (0x1059) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:20 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=AF561DB8A0DC3A97FDBC2E6A8D25A0B0EB0090AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:6f:99:95:0a:a8:a1:73:2a:fa:c6:fc:49:f3: 51:86:e4:f7:9c:22:60:7a:b7:33:ae:ce:7d:d9:24: e8:10:93:71:95:44:31:ce:2a:e0:24:15:20:27:12: 01:86:aa:f8:ca:dd:79:11:de:da:92:4d:0e:c9:08: 31:0c:3b:81:9d:d2:74:43:f4:cf:6e:c4:81:74:5f: 72:06:93:fb:02:b6:a6:e9:3a:25:6b:ee:a9:06:d7: 54:2d:0d:78:14:e6:6d:fe:c0:b8:e4:15:75:4d:b7: e6:35:44:26:4d:99:f7:42:5e:96:ed:3b:67:44:a1: 29:01:b1:f4:4e:de:86:2f:27:a0:cd:e1:ab:41:d7: 24:9e:0c:9f:83:8b:29:ad:15:a9:b4:a7:bb:5d:9b: 9c:5b:c4:30:40:8d:18:e8:5d:01:f7:f8:b1:00:8e: 76:6b:2e:81:be:e6:06:6b:f4:60:3e:4b:db:36:45: 91:fe:f4:27:d3:bc:22:33:3a:ee:6d:e9:a2:94:8d: 94:20:18:18:6f:e9:b6:b6:38:a9:b8:83:58:17:df: 64:1e:56:7c:5a:27:8d:f5:e8:4e:a3:52:7e:db:2c: f4:da:83:01:f1:3e:be:59:9b:c9:c6:68:02:be:dd: ab:33:dc:c3:ff:25:35:cf:f2:07:5e:c7:38:17:47: 12:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:56:1D:B8:A0:DC:3A:97:FD:BC:2E:6A:8D:25:A0:B0:EB:00:90:AF X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/r1YduKDcOpf9vC5qjSWgsOsAkK8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.22.0.0/20 Signature Algorithm: sha256WithRSAEncryption 52:82:9e:bc:51:25:fc:d9:ec:d7:8b:23:34:03:fb:65:11:17: a8:ec:b0:b6:05:2b:89:1d:d8:e7:3a:78:0d:14:35:85:49:8d: d2:63:c7:ca:ed:ce:c9:a5:c4:93:4c:14:77:96:c8:93:00:64: 70:42:db:ec:1d:37:2e:11:d1:8e:77:48:fc:ab:d1:05:eb:d7: d7:d9:a2:aa:33:29:57:e0:2c:d3:85:26:38:b1:17:05:db:0b: ce:db:e7:dd:32:2f:f7:37:a4:ed:bf:4c:85:65:1e:62:f8:59: 79:44:86:f7:04:48:6e:2d:b7:0b:29:dd:ad:93:d5:50:ba:62: 6f:6f:4c:c6:ee:b3:e6:46:18:a4:1d:79:b0:f2:12:6f:9d:04: 52:f7:87:31:9f:77:ef:0f:6f:00:5e:fd:a2:fe:07:e7:03:85: e9:4a:87:99:66:ca:69:31:38:0a:cd:10:67:72:d2:a2:9d:15: c9:da:40:2a:d6:ee:37:6a:47:64:cb:5a:f8:66:9b:29:bf:f2: 29:9c:d5:28:7f:8a:43:cf:36:cb:d3:09:87:a3:2c:19:5f:71: 87:4e:97:08:b9:e2:54:71:96:42:28:d2:62:ba:8a:94:ed:5d: 3b:35:05:c2:72:87:e6:47:e6:e6:b3:d1:ee:00:e3:f2:a6:d4: 63:32:a5:40 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFGNTYxREI4QTBEQzNB OTdGREJDMkU2QThEMjVBMEIwRUIwMDkwQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDob5mVCqihcyr6xvxJ81GG5PecImB6tzOuzn3ZJOgQk3GVRDHO KuAkFSAnEgGGqvjK3XkR3tqSTQ7JCDEMO4Gd0nRD9M9uxIF0X3IGk/sCtqbpOiVr 7qkG11QtDXgU5m3+wLjkFXVNt+Y1RCZNmfdCXpbtO2dEoSkBsfRO3oYvJ6DN4atB 1ySeDJ+DiymtFam0p7tdm5xbxDBAjRjoXQH3+LEAjnZrLoG+5gZr9GA+S9s2RZH+ 9CfTvCIzOu5t6aKUjZQgGBhv6ba2OKm4g1gX32QeVnxaJ4316E6jUn7bLPTagwHx Pr5Zm8nGaAK+3asz3MP/JTXP8gdexzgXRxKTAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUr1YduKDcOpf9vC5qjSWgsOsAkK8wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3IxWWR1S0RjT3BmOXZDNXFqU1dnc09z QWtLOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATfFgAwDQYJ KoZIhvcNAQELBQADggEBAFKCnrxRJfzZ7NeLIzQD+2URF6jssLYFK4kd2Oc6eA0U NYVJjdJjx8rtzsmlxJNMFHeWyJMAZHBC2+wdNy4R0Y53SPyr0QXr19fZoqozKVfg LNOFJjixFwXbC87b590yL/c3pO2/TIVlHmL4WXlEhvcESG4ttwsp3a2T1VC6Ym9v TMbus+ZGGKQdebDyEm+dBFL3hzGfd+8PbwBe/aL+B+cDhelKh5lmymkxOArNEGdy 0qKdFcnaQCrW7jdqR2TLWvhmmym/8imc1Sh/ikPPNsvTCYejLBlfcYdOlwi54lRx lkIo0mK6ipTtXTs1BcJyh+ZH5uaz0e4A4/Km1GMypUA= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:31 2024 by rpki-client on console-ams.rpki-client.org