$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/Q9qbmU6rMUIS5l7-KJO5q9-UjZc.roa File: Q9qbmU6rMUIS5l7-KJO5q9-UjZc.roa (raw, json) Hash identifier: e+6o0cLADNDQMUK3/c+A6AjKxuVAwf/ee+b3YKtsnXE= Subject key identifier: 43:DA:9B:99:4E:AB:31:42:12:E6:5E:FE:28:93:B9:AB:DF:94:8D:97 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0D52 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Q9qbmU6rMUIS5l7-KJO5q9-UjZc.roa Signing time: Mon 26 Aug 2024 05:19:40 +0000 ROA not before: Mon 26 Aug 2024 05:19:40 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 54994 IP address blocks: 61.61.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3410 (0xd52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 26 05:19:40 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=43DA9B994EAB314212E65EFE2893B9ABDF948D97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:aa:25:d6:c9:4c:47:d2:27:fc:c8:e7:cf:12: bb:e1:d0:c2:34:c6:ad:57:d2:6d:25:80:ee:84:f0: 81:4e:06:cc:4d:bd:00:35:20:15:4d:3a:db:29:0f: ad:f2:5c:f5:41:4a:af:97:4b:43:99:2d:0a:5d:73: 95:60:41:38:11:59:d6:e8:d0:82:92:ce:ea:1a:d4: cd:00:05:07:13:40:d6:db:6f:1c:26:aa:ad:d3:83: df:60:38:7d:1f:92:05:b8:39:a6:cf:00:82:1e:a0: 09:aa:50:29:87:48:5f:ba:9a:5a:9c:30:38:fb:72: 4f:d7:37:6a:bb:22:3c:91:16:b2:87:c2:42:b3:09: 86:ba:55:5d:86:2d:ff:c4:82:e6:fa:bf:c2:6d:41: d8:e5:72:de:bf:06:b1:df:4f:07:02:db:b3:2b:eb: 09:3c:c1:ce:4c:ce:40:c8:72:26:09:48:01:77:d4: 98:bb:11:93:44:2e:39:34:62:7c:df:2c:41:12:6e: f0:ec:31:00:66:10:b9:f9:35:40:30:81:de:b4:dc: 28:66:3a:e8:62:eb:ba:ad:06:b8:35:74:1c:23:66: 27:83:a6:ba:b1:53:49:dc:78:2a:58:f8:a7:de:80: 4d:6a:59:83:ff:ab:b4:69:10:fb:1c:44:18:3c:2d: 70:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:DA:9B:99:4E:AB:31:42:12:E6:5E:FE:28:93:B9:AB:DF:94:8D:97 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Q9qbmU6rMUIS5l7-KJO5q9-UjZc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.163.0/24 Signature Algorithm: sha256WithRSAEncryption 26:cf:fa:09:1f:9e:5e:0a:6e:b4:90:25:8b:b7:08:5e:6b:b7: 01:53:b6:7d:6a:fb:4a:6c:65:55:b9:aa:c0:e1:91:c3:f3:89: 27:a5:9b:6e:08:0e:26:bd:42:e2:59:83:a0:3c:d9:c5:a2:d2: 24:97:a2:1c:4d:31:fe:9a:a4:32:a9:3e:e3:3a:53:2e:f9:a4: 82:b3:45:07:46:e4:c2:88:08:09:1e:7f:df:4c:8f:4f:d2:71: 15:72:39:c7:c8:e5:d3:5f:f5:03:7a:bb:04:2e:a0:34:d1:01: 3a:9e:b3:0e:32:9d:7c:01:a2:29:3f:00:fb:98:53:b0:70:f4: df:3a:1d:db:85:db:7f:90:67:d1:6d:36:ec:70:b7:d0:e6:86: b6:67:fb:06:d3:23:cd:9a:90:4b:0b:4c:66:3d:7e:99:ea:37: 1f:00:a7:71:c4:2d:e0:24:30:02:5e:46:b2:48:11:3b:0f:f9: 9a:41:24:0a:21:be:0f:bc:fb:7d:63:b1:1a:cd:81:e4:3e:6d: 83:12:64:f3:5c:3a:4f:c0:44:3d:c9:36:bc:0f:f0:f8:96:a9: d4:42:cf:0e:03:4a:d0:5a:c8:59:d8:2a:60:24:29:d2:72:39: 82:8a:bd:69:05:d4:f5:b7:71:a3:a6:77:15:7b:11:79:79:3f: f3:a1:3f:67 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw NTE5NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQzREE5Qjk5NEVBQjMx NDIxMkU2NUVGRTI4OTNCOUFCREY5NDhEOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFqiXWyUxH0if8yOfPErvh0MI0xq1X0m0lgO6E8IFOBsxNvQA1 IBVNOtspD63yXPVBSq+XS0OZLQpdc5VgQTgRWdbo0IKSzuoa1M0ABQcTQNbbbxwm qq3Tg99gOH0fkgW4OabPAIIeoAmqUCmHSF+6mlqcMDj7ck/XN2q7IjyRFrKHwkKz CYa6VV2GLf/Egub6v8JtQdjlct6/BrHfTwcC27Mr6wk8wc5MzkDIciYJSAF31Ji7 EZNELjk0YnzfLEESbvDsMQBmELn5NUAwgd603ChmOuhi67qtBrg1dBwjZieDprqx U0nceCpY+KfegE1qWYP/q7RpEPscRBg8LXAfAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUQ9qbmU6rMUIS5l7+KJO5q9+UjZcwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1E5cWJtVTZyTVVJUzVsNy1LSk81cTkt VWpaYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PaMwDQYJ KoZIhvcNAQELBQADggEBACbP+gkfnl4KbrSQJYu3CF5rtwFTtn1q+0psZVW5qsDh kcPziSelm24IDia9QuJZg6A82cWi0iSXohxNMf6apDKpPuM6Uy75pIKzRQdG5MKI CAkef99Mj0/ScRVyOcfI5dNf9QN6uwQuoDTRATqesw4ynXwBoik/APuYU7Bw9N86 HduF23+QZ9FtNuxwt9DmhrZn+wbTI82akEsLTGY9fpnqNx8Ap3HELeAkMAJeRrJI ETsP+ZpBJAohvg+8+31jsRrNgeQ+bYMSZPNcOk/ARD3JNrwP8PiWqdRCzw4DStBa yFnYKmAkKdJyOYKKvWkF1PW3caOmdxV7EXl5P/OhP2c= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:52 2024 by rpki-client on console-fra.rpki-client.org