$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/upFPssbBE3lRQ0NtyiwXvrzsFRs.roa File: upFPssbBE3lRQ0NtyiwXvrzsFRs.roa (raw, json) Hash identifier: ao4PeWxzAj25u0W1ffnsGWp7ENYvmKNFzCLsgI9+n/4= Subject key identifier: BA:91:4F:B2:C6:C1:13:79:51:43:43:6D:CA:2C:17:BE:BC:EC:15:1B Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 0FE2 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/upFPssbBE3lRQ0NtyiwXvrzsFRs.roa Signing time: Mon 26 Aug 2024 05:15:50 +0000 ROA not before: Mon 26 Aug 2024 05:15:50 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 43.240.104.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4066 (0xfe2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:15:50 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=BA914FB2C6C113795143436DCA2C17BEBCEC151B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d2:62:dd:45:c3:2a:7f:9d:0d:d4:b7:32:44: 56:28:4e:0e:88:7b:66:0a:31:4c:08:7a:c7:8e:75: 7b:17:50:9d:7d:74:7c:f0:21:f0:90:4d:44:55:a0: f1:3e:95:cc:b1:29:bd:a6:5a:4b:73:e6:99:45:30: 6b:5f:58:5a:70:da:7d:67:47:27:13:43:81:c8:46: f5:2c:c7:d2:08:5e:2d:46:86:89:77:61:a9:6b:0c: 3c:37:6a:39:af:6c:a7:6f:52:a4:c7:b3:1c:ca:33: 25:be:ab:1d:c5:58:6a:df:b6:e1:86:56:92:91:32: b9:6a:fc:8f:83:15:1c:82:39:b0:52:06:cd:ec:03: 0f:fd:6f:7c:e6:23:ca:4a:14:18:1c:c1:36:b6:2d: 88:c6:98:3c:8c:20:79:48:b2:ec:12:19:9d:c9:d9: cd:76:5b:0f:0a:e9:36:4c:24:03:e4:d5:6b:15:71: 4c:2c:18:77:0b:cd:5e:f5:c3:cb:f2:a1:8e:ae:04: 5d:c6:fc:e2:f8:40:19:84:61:b5:a0:8d:f3:14:f5: a8:85:c3:0e:5d:9d:fd:3c:7f:d9:6f:38:5d:b2:2f: df:c5:31:f7:f0:06:05:84:7c:97:04:dc:3e:42:7f: 6c:f2:58:ea:36:69:33:b7:3e:30:25:44:04:69:80: 36:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:91:4F:B2:C6:C1:13:79:51:43:43:6D:CA:2C:17:BE:BC:EC:15:1B X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/upFPssbBE3lRQ0NtyiwXvrzsFRs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.240.104.0/22 Signature Algorithm: sha256WithRSAEncryption a1:70:29:02:2e:aa:11:c8:d2:99:68:cb:2c:56:7d:d5:d1:04: f8:2e:70:2d:f7:71:28:e5:ca:44:74:66:b5:c4:07:74:34:bc: 57:b7:e4:a3:19:c0:5b:5f:47:97:4e:e7:28:80:0f:01:e6:9a: 49:d4:1c:93:de:ae:ea:c4:94:e3:8a:7f:f0:0a:ea:c5:39:96: 68:9e:2e:3d:d8:cb:6c:91:00:04:81:db:7f:fc:b1:a7:c6:da: b8:d8:93:12:0e:f8:18:4c:d1:ff:e4:1b:a6:3f:e5:cf:fb:d1: 9d:78:32:2b:05:13:1c:23:21:64:a6:d0:5a:f5:77:91:20:72: e5:59:90:60:c5:5d:62:e7:9b:0e:67:5c:60:6d:9b:a6:22:8e: b9:4d:d4:77:1d:34:f6:b2:9b:ce:d7:bf:1f:58:5a:fc:6e:85: ad:0c:35:c3:cf:63:10:cb:6a:f3:8e:d0:6e:3b:1c:51:9a:9f: 6d:1a:a4:94:41:b0:49:55:4a:ce:57:fa:11:4c:f3:d7:c7:01: 55:35:d7:07:0c:ff:c8:16:75:61:5c:1b:da:8d:1e:fb:ea:78: 6f:4d:4c:d5:c9:91:f2:16:04:dd:ed:82:be:64:50:d4:3a:2a: b6:e7:22:29:93:1b:b5:56:32:22:3b:59:3a:11:90:8a:bc:61: 98:eb:e1:34 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICD+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE1NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJBOTE0RkIyQzZDMTEz Nzk1MTQzNDM2RENBMkMxN0JFQkNFQzE1MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDK0mLdRcMqf50N1LcyRFYoTg6Ie2YKMUwIeseOdXsXUJ19dHzw IfCQTURVoPE+lcyxKb2mWktz5plFMGtfWFpw2n1nRycTQ4HIRvUsx9IIXi1Ghol3 YalrDDw3ajmvbKdvUqTHsxzKMyW+qx3FWGrftuGGVpKRMrlq/I+DFRyCObBSBs3s Aw/9b3zmI8pKFBgcwTa2LYjGmDyMIHlIsuwSGZ3J2c12Ww8K6TZMJAPk1WsVcUws GHcLzV71w8vyoY6uBF3G/OL4QBmEYbWgjfMU9aiFww5dnf08f9lvOF2yL9/FMffw BgWEfJcE3D5Cf2zyWOo2aTO3PjAlRARpgDbNAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUupFPssbBE3lRQ0NtyiwXvrzsFRswHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3VwRlBzc2JCRTNsUlEwTnR5aXdYdnJ6 c0ZScy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr8GgwDQYJ KoZIhvcNAQELBQADggEBAKFwKQIuqhHI0ployyxWfdXRBPgucC33cSjlykR0ZrXE B3Q0vFe35KMZwFtfR5dO5yiADwHmmknUHJPerurElOOKf/AK6sU5lmieLj3Yy2yR AASB23/8safG2rjYkxIO+BhM0f/kG6Y/5c/70Z14MisFExwjIWSm0Fr1d5EgcuVZ kGDFXWLnmw5nXGBtm6YijrlN1HcdNPaym87Xvx9YWvxuha0MNcPPYxDLavOO0G47 HFGan20apJRBsElVSs5X+hFM89fHAVU11wcM/8gWdWFcG9qNHvvqeG9NTNXJkfIW BN3tgr5kUNQ6KrbnIimTG7VWMiI7WToRkIq8YZjr4TQ= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:31 2024 by rpki-client on console-ams.rpki-client.org