$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/QgbiAXrdTBvVwbLfwqnnkuyf4Do.roa File: QgbiAXrdTBvVwbLfwqnnkuyf4Do.roa (raw, json) Hash identifier: IqTIg2OYQPPGgn/MLqIxR9vML4+fBz9bNeKHbtEp69M= Subject key identifier: 42:06:E2:01:7A:DD:4C:1B:D5:C1:B2:DF:C2:A9:E7:92:EC:9F:E0:3A Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0D19 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/QgbiAXrdTBvVwbLfwqnnkuyf4Do.roa Signing time: Mon 26 Aug 2024 05:19:34 +0000 ROA not before: Mon 26 Aug 2024 05:19:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18042 IP address blocks: 123.252.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3353 (0xd19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 26 05:19:34 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4206E2017ADD4C1BD5C1B2DFC2A9E792EC9FE03A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:7d:38:7a:90:ce:c3:e2:3d:f9:69:1f:3f:45: 0b:ca:02:4e:c4:a7:f7:a8:e8:30:5a:14:ef:7f:29: 9a:bf:96:b7:4d:bf:12:16:a6:4b:d2:14:e8:98:b0: 21:94:c7:d7:68:db:1e:bb:55:76:e2:6b:e5:f1:51: fc:24:da:8d:30:44:b4:6d:4b:70:08:b7:ac:c6:a0: 0b:b0:f5:c1:66:ab:8e:6c:14:01:ec:1b:ca:66:5a: 58:fc:56:54:43:11:7f:5e:68:22:2b:f3:90:5a:00: 31:93:e7:8c:0a:c7:73:c7:77:80:c5:b2:1b:71:49: 11:24:15:e0:19:6f:d3:da:7e:dc:ed:41:6c:14:7d: ec:47:cf:93:71:3f:61:aa:6e:28:06:73:95:83:a3: fc:57:50:03:68:8f:09:6a:b3:3c:e5:22:e3:8c:3b: 86:bb:e3:f7:ae:95:06:ec:27:5f:07:06:fe:5b:7f: aa:52:66:f6:7b:76:e0:8f:6f:a9:57:43:ae:25:8f: 70:f1:a5:38:e8:9e:c2:c1:a7:96:d8:92:a0:d2:74: ec:c5:b5:9b:0f:08:26:f6:95:12:4f:1f:36:64:f9: 1e:5e:82:47:bd:18:82:cb:87:9e:48:1d:35:65:75: d4:e1:8b:26:3a:7e:91:83:b9:5c:a3:18:42:9a:21: 1c:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:06:E2:01:7A:DD:4C:1B:D5:C1:B2:DF:C2:A9:E7:92:EC:9F:E0:3A X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/QgbiAXrdTBvVwbLfwqnnkuyf4Do.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.252.0.0/17 Signature Algorithm: sha256WithRSAEncryption 08:17:4b:a6:e1:d4:cb:ce:4d:5a:17:52:5a:b7:88:9e:d5:2d: 30:91:1f:f6:43:cc:df:80:0e:20:7d:c6:72:26:28:21:f4:4b: a4:73:c0:5d:fb:21:62:0b:bc:b9:98:d7:72:ad:7f:a4:6b:c2: 4a:2f:ba:3d:b5:05:1a:1a:36:d9:73:69:ac:f6:0b:9b:cc:f3: fd:62:6a:bb:05:b2:02:95:64:14:62:1a:b7:84:60:d1:09:b9: 27:ac:9d:4d:90:32:7e:0e:1d:57:40:64:51:ba:f4:aa:b5:26: cb:06:87:43:d2:5a:3f:ef:c5:02:94:99:84:25:bb:f2:23:0d: c1:95:ba:69:c8:80:3b:6f:64:5f:86:e8:f3:51:7e:93:7d:78: de:87:b3:b0:b5:ed:e4:7e:0d:ff:59:e3:43:34:66:5f:72:4f: f5:f1:4d:84:9e:83:c4:89:7e:dc:03:e5:2a:87:a6:45:df:67: f5:be:4a:a0:c6:0c:3b:0c:8c:cc:a4:55:63:ea:83:8b:f4:e6: 7c:35:07:f5:c9:b2:6b:8d:3d:58:37:3e:aa:9d:0b:2c:be:8c: 8e:3b:73:2d:b5:96:d2:c5:32:a8:60:1e:b7:06:8b:bb:90:4a: ef:53:5d:38:26:00:1e:ab:b6:2b:72:78:82:49:31:d0:14:e6: 93:47:2e:22 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDRkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNDA4MjYw NTE5MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQyMDZFMjAxN0FERDRD MUJENUMxQjJERkMyQTlFNzkyRUM5RkUwM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCifTh6kM7D4j35aR8/RQvKAk7Ep/eo6DBaFO9/KZq/lrdNvxIW pkvSFOiYsCGUx9do2x67VXbia+XxUfwk2o0wRLRtS3AIt6zGoAuw9cFmq45sFAHs G8pmWlj8VlRDEX9eaCIr85BaADGT54wKx3PHd4DFshtxSREkFeAZb9PaftztQWwU fexHz5NxP2GqbigGc5WDo/xXUANojwlqszzlIuOMO4a74/eulQbsJ18HBv5bf6pS ZvZ7duCPb6lXQ64lj3DxpTjonsLBp5bYkqDSdOzFtZsPCCb2lRJPHzZk+R5egke9 GILLh55IHTVlddThiyY6fpGDuVyjGEKaIRwNAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUQgbiAXrdTBvVwbLfwqnnkuyf4DowHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL1FnYmlBWHJkVEJ2VndiTGZ3 cW5ua3V5ZjREby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd7 /AAwDQYJKoZIhvcNAQELBQADggEBAAgXS6bh1MvOTVoXUlq3iJ7VLTCRH/ZDzN+A DiB9xnImKCH0S6RzwF37IWILvLmY13Ktf6Rrwkovuj21BRoaNtlzaaz2C5vM8/1i arsFsgKVZBRiGreEYNEJuSesnU2QMn4OHVdAZFG69Kq1JssGh0PSWj/vxQKUmYQl u/IjDcGVumnIgDtvZF+G6PNRfpN9eN6Hs7C17eR+Df9Z40M0Zl9yT/XxTYSeg8SJ ftwD5SqHpkXfZ/W+SqDGDDsMjMykVWPqg4v05nw1B/XJsmuNPVg3PqqdCyy+jI47 cy21ltLFMqhgHrcGi7uQSu9TXTgmAB6rtityeIJJMdAU5pNHLiI= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:52 2024 by rpki-client on console-fra.rpki-client.org