$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/lHwdS1QPnvoFKd_sONCa5pQ55EQ.roa File: lHwdS1QPnvoFKd_sONCa5pQ55EQ.roa (raw, json) Hash identifier: QEQ2q1NZJv8c6KGXCL3iF4szIZsYvTlq/kyLE9cLWsY= Subject key identifier: 94:7C:1D:4B:54:0F:9E:FA:05:29:DF:EC:38:D0:9A:E6:94:39:E4:44 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0D61 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/lHwdS1QPnvoFKd_sONCa5pQ55EQ.roa Signing time: Mon 26 Aug 2024 05:19:45 +0000 ROA not before: Mon 26 Aug 2024 05:19:45 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18049 IP address blocks: 61.61.56.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3425 (0xd61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 26 05:19:45 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=947C1D4B540F9EFA0529DFEC38D09AE69439E444 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:01:c7:c4:74:51:16:dc:25:bf:3a:39:a0:68: ef:2a:09:b3:9b:71:41:14:11:de:70:c4:39:61:3a: 98:09:b1:8b:59:08:61:ef:ac:00:1f:d6:b6:65:a0: 20:34:c6:ce:0f:6c:42:02:74:e1:f7:1b:e2:ac:6a: d9:3b:60:dd:2b:8e:3f:fe:1a:a1:9a:ee:7d:e3:eb: e1:fd:89:76:02:65:e0:e8:f5:a6:de:aa:bb:50:5f: 2c:d5:a3:76:df:ff:59:d7:ee:9a:f0:f7:af:cb:69: dc:b7:cd:5d:49:3f:f7:e8:18:a3:35:64:ca:c7:7a: cc:56:3d:68:fb:e4:e4:b2:38:34:b8:aa:4f:b4:b9: 9d:b9:26:67:41:6c:e8:0c:e4:9f:33:ae:13:0b:1d: d1:15:6e:84:0a:95:16:bb:2a:9e:db:77:ef:67:3d: 7b:6e:3a:08:5f:37:2b:b6:be:fe:32:b3:41:8c:8f: 5c:55:f4:35:c5:b3:9d:ab:aa:e1:87:a2:f5:ef:2f: 2a:91:ca:c8:9e:ed:92:52:26:51:2d:75:6e:f5:11: dd:9b:14:fa:67:42:da:07:9f:1f:29:54:f4:2d:ec: 20:41:38:1d:71:fa:51:35:71:da:82:aa:ba:e3:ed: 72:95:93:80:fc:3d:91:83:e5:d4:03:57:1f:b7:82: 9c:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:7C:1D:4B:54:0F:9E:FA:05:29:DF:EC:38:D0:9A:E6:94:39:E4:44 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/lHwdS1QPnvoFKd_sONCa5pQ55EQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.56.0/22 Signature Algorithm: sha256WithRSAEncryption 32:2b:97:31:f8:33:27:ca:74:e5:d6:44:73:f3:35:ef:a4:60: 09:38:b2:8c:1a:dd:9d:b0:88:f4:8c:b7:6d:dd:b4:cd:17:d5: c0:9a:84:a5:8f:02:87:c9:38:5a:dd:b6:5c:2b:8f:f0:01:25: dd:f6:6e:c7:10:0f:e2:22:e4:5d:e1:0a:36:c6:03:2c:55:c1: b2:ac:75:43:36:fe:bb:07:48:9e:31:7d:c9:a4:95:1c:43:26: 5b:93:58:6c:a4:7f:04:43:b7:c7:8b:69:c8:91:18:99:20:a4: 87:94:a3:2d:02:1e:d1:f0:d1:77:2e:d8:da:71:6b:b1:57:db: 0b:7e:d0:66:61:5f:08:a7:1a:b2:3f:fc:8b:fa:4c:55:ab:aa: 60:91:20:9e:b2:61:5a:43:ea:c1:5f:ce:5d:53:6a:65:19:22: 5a:15:71:10:08:7c:13:22:3d:43:d1:8b:d9:b3:c3:52:06:ca: 38:46:24:2c:c3:e6:98:ba:f6:b3:0d:8b:4e:57:f6:6e:17:72: 16:12:fb:7b:28:b2:c4:a8:8f:18:d7:d8:13:89:19:11:6c:9c: d8:f0:ec:e0:fb:a5:8b:99:af:d3:bf:b4:8b:d8:6d:66:91:ce: 1a:b1:91:ff:38:93:1c:85:98:21:c1:14:d6:24:e8:2e:fd:b7: ee:5e:01:56 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw NTE5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk0N0MxRDRCNTQwRjlF RkEwNTI5REZFQzM4RDA5QUU2OTQzOUU0NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyAcfEdFEW3CW/OjmgaO8qCbObcUEUEd5wxDlhOpgJsYtZCGHv rAAf1rZloCA0xs4PbEICdOH3G+Ksatk7YN0rjj/+GqGa7n3j6+H9iXYCZeDo9abe qrtQXyzVo3bf/1nX7prw96/Lady3zV1JP/foGKM1ZMrHesxWPWj75OSyODS4qk+0 uZ25JmdBbOgM5J8zrhMLHdEVboQKlRa7Kp7bd+9nPXtuOghfNyu2vv4ys0GMj1xV 9DXFs52rquGHovXvLyqRysie7ZJSJlEtdW71Ed2bFPpnQtoHnx8pVPQt7CBBOB1x +lE1cdqCqrrj7XKVk4D8PZGD5dQDVx+3gpzRAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUlHwdS1QPnvoFKd/sONCa5pQ55EQwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2xId2RTMVFQbnZvRktkX3NPTkNhNXBR NTVFUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PTgwDQYJ KoZIhvcNAQELBQADggEBADIrlzH4MyfKdOXWRHPzNe+kYAk4sowa3Z2wiPSMt23d tM0X1cCahKWPAofJOFrdtlwrj/ABJd32bscQD+Ii5F3hCjbGAyxVwbKsdUM2/rsH SJ4xfcmklRxDJluTWGykfwRDt8eLaciRGJkgpIeUoy0CHtHw0Xcu2Npxa7FX2wt+ 0GZhXwinGrI//Iv6TFWrqmCRIJ6yYVpD6sFfzl1TamUZIloVcRAIfBMiPUPRi9mz w1IGyjhGJCzD5pi69rMNi05X9m4XchYS+3sossSojxjX2BOJGRFsnNjw7OD7pYuZ r9O/tIvYbWaRzhqxkf84kxyFmCHBFNYk6C79t+5eAVY= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:32 2024 by rpki-client on console-ams.rpki-client.org