$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IDT/mpTU3TQzwJuFVyCsyQPlBlRsHPk.roa File: mpTU3TQzwJuFVyCsyQPlBlRsHPk.roa (raw, json) Hash identifier: lItqlR+JWU2p0/md4iDd8X9jbTOKFftLm255hlUsRsU= Subject key identifier: 9A:94:D4:DD:34:33:C0:9B:85:57:20:AC:C9:03:E5:06:54:6C:1C:F9 Certificate issuer: /CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493 Certificate serial: 0399 Authority key identifier: 4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/mpTU3TQzwJuFVyCsyQPlBlRsHPk.roa Signing time: Fri 01 Sep 2023 09:01:39 +0000 ROA not before: Fri 01 Sep 2023 09:01:39 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 138997 IP address blocks: 103.152.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 May 2024 19:28:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 921 (0x399) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493 Validity Not Before: Sep 1 09:01:39 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=9A94D4DD3433C09B855720ACC903E506546C1CF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:45:98:61:a1:77:2d:18:26:e5:90:0c:95:4a: 51:f3:0e:ee:72:e3:f6:00:72:68:04:dc:f3:ca:a6: 68:5a:5b:f5:8c:b9:22:96:a5:0e:bf:71:13:91:83: a4:62:1b:89:7d:15:ad:a8:e4:17:47:83:2d:8c:8c: ff:eb:ef:89:8c:90:81:7d:29:9f:eb:ff:01:a4:94: 11:02:1e:ee:40:34:8f:ba:ef:4b:53:05:1f:2d:83: b5:9e:aa:04:01:e7:cc:b1:3a:e2:b7:c1:06:63:63: 73:ab:e3:81:b5:d6:15:6f:2f:ff:12:ae:b8:f3:ee: b0:ad:36:32:02:a8:60:50:28:0b:9a:5c:e1:15:07: 48:45:be:d3:cb:c4:c5:c3:dd:8f:17:c1:a1:56:9d: 53:90:6d:4a:8b:fd:0d:e9:80:5e:aa:41:2c:8b:0e: 45:87:e1:07:2f:ca:f0:6c:a0:f8:2a:20:66:56:d3: cd:d0:67:98:eb:b7:9d:66:0e:38:25:d8:a7:26:8b: b7:52:c4:29:6c:1a:01:85:65:4f:91:a6:aa:4c:ee: 84:b8:bd:d9:33:f7:e6:79:82:84:7f:75:5f:2a:de: 1f:5d:ec:58:78:d4:03:7e:9f:d4:c5:db:fb:aa:9d: 37:00:b6:bb:72:55:7a:7e:d5:f9:f0:5a:36:d8:59: 7e:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:94:D4:DD:34:33:C0:9B:85:57:20:AC:C9:03:E5:06:54:6C:1C:F9 X509v3 Authority Key Identifier: keyid:4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/mpTU3TQzwJuFVyCsyQPlBlRsHPk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.220.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:c7:ea:6d:3d:85:33:e2:72:1f:e6:57:0c:56:4a:df:e6:6f: 17:ff:5d:ff:9d:71:f1:bc:74:d7:83:7a:06:11:ba:67:36:92: b9:b6:63:2a:6a:ad:11:f1:c7:46:b2:d8:e2:31:c0:18:cd:77: f2:85:d7:7f:ab:b3:0d:10:92:52:48:b0:82:ee:1b:7b:4f:29: cb:f7:50:2b:8a:f6:30:c7:c2:ba:1a:cb:e8:64:57:41:50:19: 43:02:e4:d3:a4:27:18:f0:b2:a0:5b:20:7a:cf:b8:46:ab:9b: 86:07:83:78:67:9a:08:4b:f8:0e:5b:99:57:0e:fb:0e:fd:84: 17:40:7a:d8:b4:65:09:c2:a1:97:5b:25:33:40:87:dc:6d:e5: 1f:f6:a0:43:37:0f:ee:d5:fd:3e:b9:fd:2a:f5:25:16:8f:a9: d2:d0:a2:e7:fa:46:7c:c3:ec:f1:c3:7e:6e:00:d1:5c:44:06: 78:f0:e3:73:cf:7e:b3:19:58:05:f9:40:d7:1a:c7:d7:d5:7b: 2d:31:3c:b6:8b:b3:2a:13:46:ed:50:fa:c4:eb:9f:cc:6c:fe: d4:3a:c5:55:17:ec:eb:ea:90:9e:38:7b:a6:d7:9f:b0:7c:43: 49:e3:8f:34:b6:4d:f0:ec:0a:b5:4e:9b:dd:19:d4:99:ba:ca: cd:30:5a:4f -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICA5kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZB NkE2QTY1NUEwQzQyQjk5QzdFMjA4N0VCRUY0NDRBQ0I1NjQ5MzAeFw0yMzA5MDEw OTAxMzlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlBOTRENEREMzQzM0Mw OUI4NTU3MjBBQ0M5MDNFNTA2NTQ2QzFDRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFRZhhoXctGCblkAyVSlHzDu5y4/YAcmgE3PPKpmhaW/WMuSKW pQ6/cRORg6RiG4l9Fa2o5BdHgy2MjP/r74mMkIF9KZ/r/wGklBECHu5ANI+670tT BR8tg7WeqgQB58yxOuK3wQZjY3Or44G11hVvL/8Srrjz7rCtNjICqGBQKAuaXOEV B0hFvtPLxMXD3Y8XwaFWnVOQbUqL/Q3pgF6qQSyLDkWH4QcvyvBsoPgqIGZW083Q Z5jrt51mDjgl2Kcmi7dSxClsGgGFZU+RpqpM7oS4vdkz9+Z5goR/dV8q3h9d7Fh4 1AN+n9TF2/uqnTcAtrtyVXp+1fnwWjbYWX5tAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUmpTU3TQzwJuFVyCsyQPlBlRsHPkwHwYDVR0jBBgwFoAUT6amplWgxCuZx+II fr70RKy1ZJMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL1Q2 YW1wbFdneEN1WngtSUlmcjcwUkt5MVpKTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev VDZhbXBsV2d4Q3VaeC1JSWZyNzBSS3kxWkpNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL21wVFUzVFF6d0p1RlZ5Q3N5UVBsQmxS c0hQay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnmNwwDQYJ KoZIhvcNAQELBQADggEBAH/H6m09hTPich/mVwxWSt/mbxf/Xf+dcfG8dNeDegYR umc2krm2YypqrRHxx0ay2OIxwBjNd/KF13+rsw0QklJIsILuG3tPKcv3UCuK9jDH wroay+hkV0FQGUMC5NOkJxjwsqBbIHrPuEarm4YHg3hnmghL+A5bmVcO+w79hBdA eti0ZQnCoZdbJTNAh9xt5R/2oEM3D+7V/T65/Sr1JRaPqdLQouf6RnzD7PHDfm4A 0VxEBnjw43PPfrMZWAX5QNcax9fVey0xPLaLsyoTRu1Q+sTrn8xs/tQ6xVUX7Ovq kJ44e6bXn7B8Q0njjzS2TfDsCrVOm90Z1Jm6ys0wWk8= -----END CERTIFICATE-----Generated at Sun May 19 18:41:01 2024 by rpki-client on console-ams.rpki-client.org