$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/id9pl2rcUZ6LK7CBZ3qcuZbIgbw.roa File: id9pl2rcUZ6LK7CBZ3qcuZbIgbw.roa (raw, json) Hash identifier: Ta9wem5W7zv9x893t/A9x76ODT7g+LVmPRgUzscP3Ck= Subject key identifier: 89:DF:69:97:6A:DC:51:9E:8B:2B:B0:81:67:7A:9C:B9:96:C8:81:BC Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0D1B Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/id9pl2rcUZ6LK7CBZ3qcuZbIgbw.roa Signing time: Mon 26 Aug 2024 05:19:34 +0000 ROA not before: Mon 26 Aug 2024 05:19:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9416 IP address blocks: 220.157.112.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3355 (0xd1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 26 05:19:34 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=89DF69976ADC519E8B2BB081677A9CB996C881BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ab:c7:fc:ca:ab:ea:64:ce:27:71:66:79:0a: ee:50:3a:44:a7:b6:dc:a9:69:9b:70:d1:d0:fd:a6: 81:64:1b:7c:38:21:ca:f3:37:9e:03:35:cf:50:b8: bd:64:f0:6a:a9:2d:1b:cc:f6:ec:07:0a:67:41:54: 33:b7:60:e9:7a:a8:f3:31:09:b2:df:bd:78:c3:39: aa:78:28:b3:04:e1:ff:ea:14:48:ee:ea:b2:83:22: e5:27:45:ee:97:26:d9:30:e9:e7:9d:ac:9d:4c:43: 1f:a4:20:44:e2:5f:66:81:29:87:9d:68:ff:1f:9d: 14:90:07:c4:f2:bc:05:5f:79:fb:ae:03:83:58:d6: a9:27:c6:e7:6a:25:14:91:ae:e6:f2:26:23:67:63: 39:af:f8:e2:ef:8b:21:33:a8:33:26:44:9f:92:78: d6:81:07:46:75:24:fe:b4:46:78:ae:5e:f1:6b:8e: b1:8b:49:36:dd:9a:c3:b1:3c:bc:a1:a3:79:1e:5a: 64:64:0e:e6:d5:1f:bd:77:72:8d:2e:f7:50:ca:f7: 7d:0f:aa:b6:0b:1d:c3:35:ac:e0:43:de:dc:63:43: 26:fd:fc:b0:bc:40:d8:0c:8b:d6:ee:3b:df:f0:be: 88:41:cb:75:65:23:fd:4b:f5:7d:c2:22:5b:35:1d: f1:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:DF:69:97:6A:DC:51:9E:8B:2B:B0:81:67:7A:9C:B9:96:C8:81:BC X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/id9pl2rcUZ6LK7CBZ3qcuZbIgbw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.157.112.0/20 Signature Algorithm: sha256WithRSAEncryption 8a:c1:90:e5:71:b6:7b:34:bf:ee:b6:ec:5c:4f:13:f1:e5:7f: 34:dc:ca:f2:92:03:6e:b7:75:39:bf:ec:60:ea:17:6f:94:c5: 22:c1:38:f0:9c:a5:92:46:71:90:b6:83:31:b9:c6:2c:99:a4: 5f:72:68:d2:ac:9f:c0:c3:50:29:7b:ee:f0:fd:97:b0:e5:fa: a2:d7:d7:52:f3:9c:66:db:b5:82:07:28:d1:c2:d3:99:86:79: 2e:7b:7f:68:f8:b3:8d:55:3b:37:ed:b6:f7:c1:95:43:d2:3a: 21:8e:f2:e7:f6:d4:b9:3a:2c:18:51:97:a7:32:99:25:59:03: c8:1d:4a:fb:16:74:68:ef:8b:80:e2:f2:d0:bb:4f:13:e6:1e: 0d:8d:e6:3b:e6:b8:dd:01:2f:a8:a0:44:38:c6:fa:ad:c5:25: a5:14:dc:3e:da:d9:db:15:02:79:58:af:b5:6a:53:80:02:be: be:39:aa:36:98:5a:b4:d4:e1:ca:c0:df:db:0c:f8:88:87:1f: 13:5b:89:f0:30:b4:3e:ff:30:a0:08:b7:f8:c1:d7:d4:25:cf: 98:01:a8:a3:27:6f:59:7d:be:97:14:e6:8c:a7:9a:68:40:17: 60:71:36:ba:88:3c:08:69:e2:e2:05:96:f6:68:cc:43:72:ab: 72:48:bc:53 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDRswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNDA4MjYw NTE5MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5REY2OTk3NkFEQzUx OUU4QjJCQjA4MTY3N0E5Q0I5OTZDODgxQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkq8f8yqvqZM4ncWZ5Cu5QOkSnttypaZtw0dD9poFkG3w4Icrz N54DNc9QuL1k8GqpLRvM9uwHCmdBVDO3YOl6qPMxCbLfvXjDOap4KLME4f/qFEju 6rKDIuUnRe6XJtkw6eedrJ1MQx+kIETiX2aBKYedaP8fnRSQB8TyvAVfefuuA4NY 1qknxudqJRSRrubyJiNnYzmv+OLviyEzqDMmRJ+SeNaBB0Z1JP60RniuXvFrjrGL STbdmsOxPLyho3keWmRkDubVH713co0u91DK930PqrYLHcM1rOBD3txjQyb9/LC8 QNgMi9buO9/wvohBy3VlI/1L9X3CIls1HfFXAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUid9pl2rcUZ6LK7CBZ3qcuZbIgbwwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2lkOXBsMnJjVVo2TEs3Q0Ja M3FjdVpiSWdidy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATc nXAwDQYJKoZIhvcNAQELBQADggEBAIrBkOVxtns0v+627FxPE/HlfzTcyvKSA263 dTm/7GDqF2+UxSLBOPCcpZJGcZC2gzG5xiyZpF9yaNKsn8DDUCl77vD9l7Dl+qLX 11LznGbbtYIHKNHC05mGeS57f2j4s41VOzfttvfBlUPSOiGO8uf21Lk6LBhRl6cy mSVZA8gdSvsWdGjvi4Di8tC7TxPmHg2N5jvmuN0BL6igRDjG+q3FJaUU3D7a2dsV AnlYr7VqU4ACvr45qjaYWrTU4crA39sM+IiHHxNbifAwtD7/MKAIt/jB19Qlz5gB qKMnb1l9vpcU5oynmmhAF2BxNrqIPAhp4uIFlvZozENyq3JIvFM= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:32 2024 by rpki-client on console-ams.rpki-client.org