$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IDT/cXWQQf0L_J-8ySwncGdqu-Fc40w.roa File: cXWQQf0L_J-8ySwncGdqu-Fc40w.roa (raw, json) Hash identifier: c4rp8oSsthN9T0jf54D4jbPfbxhXrRpHh+hMCJ/pgeQ= Subject key identifier: 71:75:90:41:FD:0B:FC:9F:BC:C9:2C:27:70:67:6A:BB:E1:5C:E3:4C Certificate issuer: /CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493 Certificate serial: 048E Authority key identifier: 4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/cXWQQf0L_J-8ySwncGdqu-Fc40w.roa Signing time: Mon 26 Aug 2024 05:18:55 +0000 ROA not before: Mon 26 Aug 2024 05:18:55 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 138997 IP address blocks: 103.152.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1166 (0x48e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493 Validity Not Before: Aug 26 05:18:55 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=71759041FD0BFC9FBCC92C2770676ABBE15CE34C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:9d:92:9c:a0:12:e6:c0:49:dd:55:5f:62:54: 52:b9:63:61:5d:1f:36:81:fe:92:3c:11:8a:94:b9: 58:20:96:0a:e4:23:7d:dc:29:a7:48:81:90:44:5c: 18:e5:b7:5b:8d:a4:12:97:37:71:34:73:42:75:e3: 7c:50:77:e1:fe:7d:60:97:c9:6a:09:5c:0f:e8:73: 10:9e:7e:f3:ba:4d:64:98:ea:67:74:fc:97:f7:90: b8:ed:8c:f3:57:dc:06:f5:c8:03:cc:87:49:5d:26: 55:42:27:c0:e9:16:6d:f9:7f:f9:d4:fb:7a:51:17: 59:07:64:8d:73:63:5f:c8:20:0c:83:ce:e5:83:7e: 27:a8:93:23:34:9f:69:9d:a0:9d:bd:62:1a:52:b3: b3:d3:1a:1e:43:ca:95:44:55:8b:1b:ea:03:d1:fa: 47:fe:70:4b:49:66:41:55:ac:9f:63:55:7b:ce:d0: 65:b8:31:59:36:9a:eb:e5:e7:83:07:eb:00:6c:87: 2a:07:18:8e:77:19:7f:8a:4e:b1:b6:da:8d:ac:d2: 7e:d9:70:ca:52:28:73:30:5e:fe:8c:dc:19:ae:d8: 85:9f:c0:65:e9:08:e1:e8:0f:b0:3f:5c:7e:13:76: de:42:a9:54:5b:1f:14:05:5e:dd:83:4d:3b:56:ba: ff:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:75:90:41:FD:0B:FC:9F:BC:C9:2C:27:70:67:6A:BB:E1:5C:E3:4C X509v3 Authority Key Identifier: keyid:4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/cXWQQf0L_J-8ySwncGdqu-Fc40w.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.220.0/23 Signature Algorithm: sha256WithRSAEncryption b1:11:ed:e8:ec:22:04:3d:68:b2:fd:a8:38:c9:84:8c:65:ed: 10:ad:a6:43:3c:4f:ba:79:7b:3d:cb:4e:5c:7e:f0:bd:64:a5: 7a:48:7a:75:d8:08:8c:d8:ad:35:27:1f:74:18:96:95:c6:62: 45:2a:39:69:43:de:6c:bb:78:c9:18:0f:ed:99:e6:92:bb:c9: 32:da:13:67:a7:6a:0a:36:61:da:1a:c6:c3:8b:42:b5:5d:33: 63:3b:e9:73:62:ab:18:4d:5b:8e:04:3f:ab:b9:89:b5:a7:f7: 55:7e:2a:c2:26:09:54:07:e7:35:9b:fd:b3:45:3c:3d:96:f8: 87:ab:47:67:f0:a8:1e:8d:b8:3b:15:03:0a:92:60:3b:8a:4b: 0a:79:eb:c0:f8:23:2b:c9:42:9a:4e:c3:c2:81:f6:cd:22:47: ac:6e:fc:ee:e6:fe:a9:c2:77:68:0f:0a:c7:d9:a4:be:42:a6: 8e:2c:51:ac:00:7f:ef:0a:fc:50:8e:7a:7e:ed:7b:4a:00:1b: b5:99:45:f6:65:9e:d5:e9:65:b6:a6:3d:cd:4a:c7:5e:a2:f2: 30:2a:3f:2c:ff:48:67:4d:c9:ba:a3:6b:e9:14:5d:7f:75:69: fb:28:65:1b:e7:53:26:82:42:54:d3:0c:4f:17:24:9f:46:89: bb:53:2f:b3 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICBI4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZB NkE2QTY1NUEwQzQyQjk5QzdFMjA4N0VCRUY0NDRBQ0I1NjQ5MzAeFw0yNDA4MjYw NTE4NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcxNzU5MDQxRkQwQkZD OUZCQ0M5MkMyNzcwNjc2QUJCRTE1Q0UzNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDenZKcoBLmwEndVV9iVFK5Y2FdHzaB/pI8EYqUuVgglgrkI33c KadIgZBEXBjlt1uNpBKXN3E0c0J143xQd+H+fWCXyWoJXA/ocxCefvO6TWSY6md0 /Jf3kLjtjPNX3Ab1yAPMh0ldJlVCJ8DpFm35f/nU+3pRF1kHZI1zY1/IIAyDzuWD fieokyM0n2mdoJ29YhpSs7PTGh5DypVEVYsb6gPR+kf+cEtJZkFVrJ9jVXvO0GW4 MVk2muvl54MH6wBshyoHGI53GX+KTrG22o2s0n7ZcMpSKHMwXv6M3Bmu2IWfwGXp COHoD7A/XH4Tdt5CqVRbHxQFXt2DTTtWuv/fAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUcXWQQf0L/J+8ySwncGdqu+Fc40wwHwYDVR0jBBgwFoAUT6amplWgxCuZx+II fr70RKy1ZJMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL1Q2 YW1wbFdneEN1WngtSUlmcjcwUkt5MVpKTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev VDZhbXBsV2d4Q3VaeC1JSWZyNzBSS3kxWkpNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL2NYV1FRZjBMX0otOHlTd25jR2RxdS1G YzQwdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnmNwwDQYJ KoZIhvcNAQELBQADggEBALER7ejsIgQ9aLL9qDjJhIxl7RCtpkM8T7p5ez3LTlx+ 8L1kpXpIenXYCIzYrTUnH3QYlpXGYkUqOWlD3my7eMkYD+2Z5pK7yTLaE2enago2 YdoaxsOLQrVdM2M76XNiqxhNW44EP6u5ibWn91V+KsImCVQH5zWb/bNFPD2W+Ier R2fwqB6NuDsVAwqSYDuKSwp568D4IyvJQppOw8KB9s0iR6xu/O7m/qnCd2gPCsfZ pL5Cpo4sUawAf+8K/FCOen7te0oAG7WZRfZlntXpZbamPc1Kx16i8jAqPyz/SGdN ybqja+kUXX91afsoZRvnUyaCQlTTDE8XJJ9GibtTL7M= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:51 2024 by rpki-client on console-fra.rpki-client.org