$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/SHu7QbI4NU5uvGKApc8OAMmjKHY.roa File: SHu7QbI4NU5uvGKApc8OAMmjKHY.roa (raw, json) Hash identifier: GZj161Hoovb+Yj9Q3IY6Fp4VXtFg5jmHvLRB8mCgghg= Subject key identifier: 48:7B:BB:41:B2:38:35:4E:6E:BC:62:80:A5:CF:0E:00:C9:A3:28:76 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0D5D Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/SHu7QbI4NU5uvGKApc8OAMmjKHY.roa Signing time: Mon 26 Aug 2024 05:19:44 +0000 ROA not before: Mon 26 Aug 2024 05:19:44 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9922 IP address blocks: 61.61.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3421 (0xd5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 26 05:19:44 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=487BBB41B238354E6EBC6280A5CF0E00C9A32876 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:12:00:f5:c8:bd:d8:5e:ab:db:9c:c5:67:59: 36:d3:4e:1e:18:b4:df:7f:8b:ca:12:b2:f3:77:b2: f6:d5:52:28:72:5e:8e:49:28:2a:55:53:3d:7d:60: 3f:6b:34:88:58:7a:72:95:63:21:54:57:18:8e:da: 98:c7:6f:a7:92:b7:05:9d:fd:d7:8e:8b:ef:77:d4: b1:f6:ef:2b:9e:c0:7e:a3:bc:6a:a8:70:df:22:fd: f5:5a:87:cc:fb:eb:99:70:73:2a:41:ea:10:bc:88: da:3a:8a:d3:0d:b8:2d:d8:4b:f2:e2:e7:bf:67:c5: b3:f8:b1:a8:57:53:17:e7:59:3e:88:b0:4c:f4:bb: 19:15:f3:b5:14:df:a3:8c:af:b7:e1:32:31:1c:73: 39:62:65:2d:27:9c:28:24:53:56:db:d2:94:db:e7: 4e:de:c5:51:2a:a0:7e:92:83:a3:e0:9d:6c:20:9d: 29:71:df:49:e4:50:5d:f6:d3:a7:69:19:6d:a3:d0: 6d:43:96:db:95:c2:40:79:79:2e:83:5a:f9:18:28: 11:1e:54:34:38:a9:cf:cd:6c:f1:0f:16:99:29:58: 21:dd:b1:78:73:81:98:cb:97:22:09:99:96:ff:24: ac:60:86:2d:68:5d:50:fd:1e:ef:68:52:75:eb:65: 5f:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:7B:BB:41:B2:38:35:4E:6E:BC:62:80:A5:CF:0E:00:C9:A3:28:76 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/SHu7QbI4NU5uvGKApc8OAMmjKHY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.164.0/22 Signature Algorithm: sha256WithRSAEncryption 0d:ce:9f:10:28:e1:c7:ae:30:5c:38:a9:a3:f0:79:db:06:0e: 6f:a3:28:c7:51:54:60:d3:aa:c6:1b:ed:13:c0:ea:e3:3a:f7: 10:d0:d2:74:0a:83:01:72:4b:4b:c0:57:28:66:67:61:94:6a: 33:1f:ed:5a:b2:76:d9:f5:8e:8d:46:e5:16:77:d5:6a:fa:a2: 46:47:dc:dc:8d:d1:9d:af:cb:9e:87:ba:74:4b:6f:ec:63:ca: 64:06:14:1b:77:c8:31:91:b0:ca:60:af:78:64:83:98:57:20: 51:b3:e1:e8:3a:78:2c:6a:f7:f4:18:19:59:c5:24:9c:fe:61: e2:77:59:ae:44:3e:7e:3d:fd:24:60:82:13:d0:99:77:36:c1: 96:b9:c9:c5:e9:55:39:9b:a8:f3:a1:d5:ee:d7:8e:fb:39:cf: b9:d9:bb:3c:bd:78:3e:62:2a:7e:0f:fc:ba:29:e4:d3:8a:34: e7:b0:fd:2f:f6:1c:01:49:c7:cb:0a:d4:a4:31:f5:14:d0:45: 84:d6:9c:b3:45:6e:f4:97:dd:d1:25:cb:bf:8d:c6:ad:fe:c3: b5:d3:5d:c8:2b:b1:f8:6e:4b:96:6a:b4:1e:8f:5f:a4:bd:0e: be:ea:0b:64:38:49:e2:31:57:af:fd:82:2f:af:02:4f:96:6c: 6f:f4:f1:d2 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw NTE5NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ4N0JCQjQxQjIzODM1 NEU2RUJDNjI4MEE1Q0YwRTAwQzlBMzI4NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvEgD1yL3YXqvbnMVnWTbTTh4YtN9/i8oSsvN3svbVUihyXo5J KCpVUz19YD9rNIhYenKVYyFUVxiO2pjHb6eStwWd/deOi+931LH27yuewH6jvGqo cN8i/fVah8z765lwcypB6hC8iNo6itMNuC3YS/Li579nxbP4sahXUxfnWT6IsEz0 uxkV87UU36OMr7fhMjEcczliZS0nnCgkU1bb0pTb507exVEqoH6Sg6PgnWwgnSlx 30nkUF3206dpGW2j0G1DltuVwkB5eS6DWvkYKBEeVDQ4qc/NbPEPFpkpWCHdsXhz gZjLlyIJmZb/JKxghi1oXVD9Hu9oUnXrZV+xAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUSHu7QbI4NU5uvGKApc8OAMmjKHYwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1NIdTdRYkk0TlU1dXZHS0FwYzhPQU1t aktIWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PaQwDQYJ KoZIhvcNAQELBQADggEBAA3OnxAo4ceuMFw4qaPwedsGDm+jKMdRVGDTqsYb7RPA 6uM69xDQ0nQKgwFyS0vAVyhmZ2GUajMf7Vqydtn1jo1G5RZ31Wr6okZH3NyN0Z2v y56HunRLb+xjymQGFBt3yDGRsMpgr3hkg5hXIFGz4eg6eCxq9/QYGVnFJJz+YeJ3 Wa5EPn49/SRgghPQmXc2wZa5ycXpVTmbqPOh1e7Xjvs5z7nZuzy9eD5iKn4P/Lop 5NOKNOew/S/2HAFJx8sK1KQx9RTQRYTWnLNFbvSX3dEly7+Nxq3+w7XTXcgrsfhu S5ZqtB6PX6S9Dr7qC2Q4SeIxV6/9gi+vAk+WbG/08dI= -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:09 2024 by rpki-client on console-ams.rpki-client.org