$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fWa3XW0Yuy5ai4kqlBPQuyHOg3Y.roa File: fWa3XW0Yuy5ai4kqlBPQuyHOg3Y.roa (raw, json) Hash identifier: 2ECJCroaz+nN6o1Qlc8cxuOxSyr9TtAGsw0YdeCYuco= Subject key identifier: 7D:66:B7:5D:6D:18:BB:2E:5A:8B:89:2A:94:13:D0:BB:21:CE:83:76 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0D1D Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fWa3XW0Yuy5ai4kqlBPQuyHOg3Y.roa Signing time: Mon 26 Aug 2024 05:19:35 +0000 ROA not before: Mon 26 Aug 2024 05:19:35 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9416 IP address blocks: 124.155.128.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3357 (0xd1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 26 05:19:35 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=7D66B75D6D18BB2E5A8B892A9413D0BB21CE8376 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:5e:ae:73:4d:b0:9e:53:e4:61:9a:fd:79:e3: 6b:cb:a8:d6:77:d0:d6:48:d5:4e:a6:56:ea:c7:09: 8f:22:7f:95:8a:16:67:95:45:46:81:95:95:8f:52: 83:d1:9b:2c:fb:40:23:57:37:4e:16:cc:39:09:e3: 9e:ee:ae:91:c7:70:73:32:d7:15:d6:93:a5:dd:6a: c2:6b:bd:03:22:94:d8:32:4d:2a:7b:61:09:8f:f3: 6d:5a:12:40:93:84:c2:ed:ff:68:e8:da:01:18:93: ef:72:16:3a:4b:ed:e9:e8:90:7b:45:4e:58:67:e7: 95:4a:31:c9:10:8f:7f:fd:32:5f:f3:65:9d:0d:08: 3b:df:e0:14:29:be:3d:6b:92:b1:b7:bf:be:f7:2e: f3:ce:24:8a:74:95:30:34:05:fe:24:1f:3b:e3:e9: f9:6e:e8:0a:c2:16:cc:9e:12:51:d8:b5:6b:c3:52: c5:cc:df:ba:64:ff:ad:ce:70:e6:c6:91:26:7f:a5: 7e:43:9c:f7:53:0b:ea:4d:7c:97:da:80:57:7a:ce: 09:75:10:82:99:82:f1:13:aa:f7:df:b5:33:82:ed: 0c:db:d5:e0:c0:b5:a5:7b:dd:c6:03:9d:f8:0a:65: d5:56:b0:b5:a8:14:07:89:16:0a:8c:fe:de:c9:6e: 90:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:66:B7:5D:6D:18:BB:2E:5A:8B:89:2A:94:13:D0:BB:21:CE:83:76 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/fWa3XW0Yuy5ai4kqlBPQuyHOg3Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.155.128.0/19 Signature Algorithm: sha256WithRSAEncryption 81:03:bd:69:ec:98:1f:78:7f:7d:4a:4c:b1:16:30:38:6a:c4: 15:4e:66:6f:96:64:9d:0c:20:07:f5:f4:b2:2b:52:9a:57:29: 5c:b3:7e:b7:ae:2e:c0:2a:69:f7:03:85:8f:78:3b:9e:3c:8e: 48:f6:cb:a6:0d:4a:bd:e2:82:93:a8:c6:c6:ce:80:08:0f:f4: 50:c6:b5:39:b2:b8:e1:b5:0e:06:9d:4b:79:4b:dc:41:ce:c7: da:f4:53:9d:31:2c:10:76:30:c6:b1:4f:b7:fd:ce:98:37:0d: 36:ea:d5:f7:80:5a:fb:8a:07:7c:ff:df:3d:e8:c3:3c:2c:d6: f6:38:66:6c:21:be:02:c1:53:f7:33:da:7b:e3:57:40:c5:e8: d4:bc:06:ae:6e:48:bc:d8:ce:c8:7a:ad:90:3b:ec:16:e7:4d: 54:d3:15:ae:92:f5:3a:84:db:a8:f1:18:cb:02:57:34:d5:2e: 48:55:96:dc:34:79:62:f6:18:55:04:0e:cd:8a:58:d9:8a:01: 1e:51:b2:d8:cf:f7:32:8d:25:97:10:41:23:77:97:f3:d8:32: 3d:2b:d6:1a:b6:fd:4f:e8:b1:a2:30:2c:c0:66:ac:e8:ad:93: 80:01:c6:5e:7e:76:9e:2c:fd:d7:dc:09:39:43:c7:4d:26:52: 72:96:ba:14 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNDA4MjYw NTE5MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdENjZCNzVENkQxOEJC MkU1QThCODkyQTk0MTNEMEJCMjFDRTgzNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiXq5zTbCeU+Rhmv1542vLqNZ30NZI1U6mVurHCY8if5WKFmeV RUaBlZWPUoPRmyz7QCNXN04WzDkJ457urpHHcHMy1xXWk6XdasJrvQMilNgyTSp7 YQmP821aEkCThMLt/2jo2gEYk+9yFjpL7enokHtFTlhn55VKMckQj3/9Ml/zZZ0N CDvf4BQpvj1rkrG3v773LvPOJIp0lTA0Bf4kHzvj6flu6ArCFsyeElHYtWvDUsXM 37pk/63OcObGkSZ/pX5DnPdTC+pNfJfagFd6zgl1EIKZgvETqvfftTOC7Qzb1eDA taV73cYDnfgKZdVWsLWoFAeJFgqM/t7JbpBbAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUfWa3XW0Yuy5ai4kqlBPQuyHOg3YwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2ZXYTNYVzBZdXk1YWk0a3Fs QlBRdXlIT2czWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAV8 m4AwDQYJKoZIhvcNAQELBQADggEBAIEDvWnsmB94f31KTLEWMDhqxBVOZm+WZJ0M IAf19LIrUppXKVyzfreuLsAqafcDhY94O548jkj2y6YNSr3igpOoxsbOgAgP9FDG tTmyuOG1DgadS3lL3EHOx9r0U50xLBB2MMaxT7f9zpg3DTbq1feAWvuKB3z/3z3o wzws1vY4ZmwhvgLBU/cz2nvjV0DF6NS8Bq5uSLzYzsh6rZA77BbnTVTTFa6S9TqE 26jxGMsCVzTVLkhVltw0eWL2GFUEDs2KWNmKAR5RstjP9zKNJZcQQSN3l/PYMj0r 1hq2/U/osaIwLMBmrOitk4ABxl5+dp4s/dfcCTlDx00mUnKWuhQ= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:52 2024 by rpki-client on console-fra.rpki-client.org