$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/xFOr3-sklIGxAcgqhfgmBDnJ7nA.roa File: xFOr3-sklIGxAcgqhfgmBDnJ7nA.roa (raw, json) Hash identifier: r+S2+aUq03hItoLcMAZlxZrafU9Ai1Wzu2m8xFdKcxg= Subject key identifier: C4:53:AB:DF:EB:24:94:81:B1:01:C8:2A:85:F8:26:04:39:C9:EE:70 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1017 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/xFOr3-sklIGxAcgqhfgmBDnJ7nA.roa Signing time: Mon 26 Aug 2024 05:16:03 +0000 ROA not before: Mon 26 Aug 2024 05:16:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18412 IP address blocks: 39.12.64.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4119 (0x1017) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:03 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C453ABDFEB249481B101C82A85F8260439C9EE70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:24:ac:e3:59:a1:c6:25:cb:28:c8:ef:b6:4d: 81:54:d7:51:42:68:1e:32:2d:af:90:48:c3:fa:35: 06:63:56:92:71:49:af:2c:a9:ab:dc:47:86:21:02: 7a:24:b4:11:4c:15:d4:45:9e:98:18:f4:c6:e7:a2: ff:70:76:79:cb:5b:fd:f9:c6:e0:dc:6d:ce:4d:e6: f3:65:fe:34:dc:27:7f:cf:16:c1:51:c8:cf:dd:f6: 1e:1f:f4:e9:35:dd:c8:b4:99:04:0b:52:b6:ac:1f: 20:4d:9a:be:97:ad:af:79:3e:da:e1:07:c0:37:83: d0:73:4d:ab:96:9c:02:c8:43:85:67:27:ae:89:eb: f1:ed:fe:40:60:c7:23:3c:a6:b6:b3:2b:9a:62:b1: 60:8d:30:68:4f:e9:4a:5c:fe:77:da:39:91:b1:28: 90:c8:fc:01:c6:f3:6f:96:f9:d8:b8:0d:c3:98:f9: 91:98:8b:e2:4e:95:55:05:e3:21:a5:e1:56:1a:e9: 9a:ac:f9:40:73:a5:da:cf:40:eb:dd:ad:94:e1:9a: 17:16:8f:8c:6b:02:ca:23:37:6c:b6:95:db:29:e1: 17:00:ff:2d:a1:7d:0c:0e:9f:ca:9c:0e:f8:70:04: da:5e:cf:3f:f8:15:0f:58:06:ad:a0:c8:49:40:eb: 95:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:53:AB:DF:EB:24:94:81:B1:01:C8:2A:85:F8:26:04:39:C9:EE:70 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/xFOr3-sklIGxAcgqhfgmBDnJ7nA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 39.12.64.0/20 Signature Algorithm: sha256WithRSAEncryption b6:5d:3f:8b:85:85:ca:59:c3:6f:b0:a8:8e:5f:77:d7:03:f7: 8a:b6:da:88:e4:28:3b:ca:55:d2:75:44:64:c4:e2:b6:61:93: dd:6b:28:62:0b:a0:06:8e:66:8f:71:6e:d3:c2:fc:8e:04:21: ee:5d:7b:e4:b8:5c:90:2d:03:86:90:7f:0e:03:00:f7:76:40: 6a:df:6c:3a:ab:d3:d0:df:6b:ea:4b:aa:88:2e:96:c7:1e:c4: af:c2:08:14:93:9c:9f:39:fd:75:a7:fa:98:81:4b:49:3d:52: eb:1b:be:b4:f3:c5:7e:41:f2:17:d6:30:6e:8c:5e:d6:59:24: 0d:3c:3a:22:aa:83:be:4e:d6:a4:55:57:df:e6:e0:07:00:ad: 32:b2:a7:c6:03:b3:c1:95:7c:cb:ef:6a:d3:b7:72:d6:c5:86: b1:08:eb:84:69:5d:f9:9c:6d:5b:db:bd:5c:99:1c:92:0c:88: 42:2f:ba:d8:a6:67:6c:9d:68:94:77:35:e3:3b:60:a0:7d:92: 7f:38:00:c3:7f:a4:7e:42:37:85:0a:5b:2d:30:a6:8d:42:71: ed:28:19:b7:3a:77:6e:01:b2:28:66:8b:f7:c9:78:5d:bb:6f: a1:aa:2e:5c:d4:ea:0a:7d:27:77:75:46:1e:0c:e9:86:53:93: 0d:fe:d1:c9 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEBcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2MDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM0NTNBQkRGRUIyNDk0 ODFCMTAxQzgyQTg1RjgyNjA0MzlDOUVFNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEJKzjWaHGJcsoyO+2TYFU11FCaB4yLa+QSMP6NQZjVpJxSa8s qavcR4YhAnoktBFMFdRFnpgY9Mbnov9wdnnLW/35xuDcbc5N5vNl/jTcJ3/PFsFR yM/d9h4f9Ok13ci0mQQLUrasHyBNmr6Xra95PtrhB8A3g9BzTauWnALIQ4VnJ66J 6/Ht/kBgxyM8prazK5pisWCNMGhP6Upc/nfaOZGxKJDI/AHG82+W+di4DcOY+ZGY i+JOlVUF4yGl4VYa6Zqs+UBzpdrPQOvdrZThmhcWj4xrAsojN2y2ldsp4RcA/y2h fQwOn8qcDvhwBNpezz/4FQ9YBq2gyElA65WTAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUxFOr3+sklIGxAcgqhfgmBDnJ7nAwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3hGT3IzLXNrbElHeEFjZ3FoZmdtQkRu SjduQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQnDEAwDQYJ KoZIhvcNAQELBQADggEBALZdP4uFhcpZw2+wqI5fd9cD94q22ojkKDvKVdJ1RGTE 4rZhk91rKGILoAaOZo9xbtPC/I4EIe5de+S4XJAtA4aQfw4DAPd2QGrfbDqr09Df a+pLqogulscexK/CCBSTnJ85/XWn+piBS0k9UusbvrTzxX5B8hfWMG6MXtZZJA08 OiKqg75O1qRVV9/m4AcArTKyp8YDs8GVfMvvatO3ctbFhrEI64RpXfmcbVvbvVyZ HJIMiEIvutimZ2ydaJR3NeM7YKB9kn84AMN/pH5CN4UKWy0wpo1Cce0oGbc6d24B sihmi/fJeF27b6GqLlzU6gp9J3d1Rh4M6YZTkw3+0ck= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:31 2024 by rpki-client on console-ams.rpki-client.org