$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/rh0kdNZd_CwdrGnyNgt2bKWyqrc.roa File: rh0kdNZd_CwdrGnyNgt2bKWyqrc.roa (raw, json) Hash identifier: BNXUq5aEqvSPLHcb2exUSAfZN1uay+0ggWQSftVMBlI= Subject key identifier: AE:1D:24:74:D6:5D:FC:2C:1D:AC:69:F2:36:0B:76:6C:A5:B2:AA:B7 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0D57 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/rh0kdNZd_CwdrGnyNgt2bKWyqrc.roa Signing time: Mon 26 Aug 2024 05:19:43 +0000 ROA not before: Mon 26 Aug 2024 05:19:43 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18049 IP address blocks: 61.61.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3415 (0xd57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 26 05:19:43 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=AE1D2474D65DFC2C1DAC69F2360B766CA5B2AAB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e0:6f:16:64:05:23:50:94:74:b2:61:aa:81: eb:f0:60:0b:8a:c0:d1:a0:11:ae:00:1a:1d:e9:69: 07:0e:c1:39:e3:c8:9b:b9:6c:7d:48:14:c9:75:88: a4:68:b0:95:d8:79:7a:44:91:7c:72:27:39:e4:5d: 0e:54:9d:e3:f1:f6:62:42:22:0f:32:ec:c8:51:76: da:45:81:f8:1e:cb:fc:cc:8e:a7:e4:83:ad:60:69: e6:20:72:55:cc:f0:80:6d:87:ea:8f:d7:7b:9a:f9: d2:56:44:6f:2d:8f:77:6e:c1:f6:40:06:e4:27:6c: 7d:e1:b4:cb:00:0f:1c:82:be:a0:c9:d1:45:80:e7: 38:5e:f7:73:4c:ef:e9:9b:b5:c9:d8:86:3a:dd:63: 4e:85:9f:1e:f4:32:63:e0:bf:28:40:b3:7c:df:bb: c0:e6:e5:91:ae:be:7e:61:b3:5b:e9:70:dd:1c:89: 7e:eb:eb:22:95:4e:9e:de:5c:6f:b9:fd:2e:96:fc: 39:59:16:0e:1e:9a:8d:4f:5b:a4:27:a7:e0:23:de: e2:28:4a:c5:c8:7a:8f:86:7f:ea:41:4a:c9:2e:57: 5c:34:28:8a:7b:d8:c5:f3:55:78:ac:df:25:8a:99: e3:07:03:93:bb:1b:10:82:15:e2:2a:87:f1:57:a9: 15:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:1D:24:74:D6:5D:FC:2C:1D:AC:69:F2:36:0B:76:6C:A5:B2:AA:B7 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/rh0kdNZd_CwdrGnyNgt2bKWyqrc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.176.0/20 Signature Algorithm: sha256WithRSAEncryption 7f:51:dc:49:39:d3:3a:93:97:cc:4a:eb:3b:f4:7e:fe:04:3e: 11:2d:3b:2e:03:31:31:24:22:f3:47:62:2f:9d:e1:a8:00:b2: 77:64:e7:8d:35:71:f5:7f:78:09:5e:0d:c8:98:67:17:dd:2b: b1:28:1f:b9:dd:b5:77:9e:0e:b2:82:ca:cb:56:22:23:68:85: 63:de:97:d0:50:bb:05:82:dd:56:2d:77:4e:1b:f7:9c:b4:85: ba:26:f8:44:d9:a2:c2:c6:69:b0:73:e4:41:c3:79:cb:07:5f: 5f:1a:2b:6f:52:45:bd:13:0a:e4:01:b9:1a:9d:65:c6:8b:55: dc:e9:33:07:b1:df:f0:1f:37:31:f4:19:1b:54:ae:c6:c7:18: 13:a6:9c:3a:3c:b3:81:7a:7c:72:0a:5d:ae:7c:ff:bf:5e:21: fe:60:13:fa:30:d9:31:d6:cc:19:5b:82:b9:e2:20:fb:83:d1: d0:a4:e4:e1:52:cb:06:a2:34:47:96:f9:b7:6a:2d:e1:2f:35: 01:d9:04:ce:5f:a1:d1:3e:6e:f8:fa:15:1c:41:fd:0e:71:27: 76:aa:7e:fd:e6:b7:e2:76:a5:c1:b2:c4:f2:fa:98:52:45:2a: 9b:46:64:94:70:fa:93:96:45:97:81:16:7c:93:d4:61:e2:d9: da:3b:fe:eb -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw NTE5NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFFMUQyNDc0RDY1REZD MkMxREFDNjlGMjM2MEI3NjZDQTVCMkFBQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZ4G8WZAUjUJR0smGqgevwYAuKwNGgEa4AGh3paQcOwTnjyJu5 bH1IFMl1iKRosJXYeXpEkXxyJznkXQ5UnePx9mJCIg8y7MhRdtpFgfgey/zMjqfk g61gaeYgclXM8IBth+qP13ua+dJWRG8tj3duwfZABuQnbH3htMsADxyCvqDJ0UWA 5zhe93NM7+mbtcnYhjrdY06Fnx70MmPgvyhAs3zfu8Dm5ZGuvn5hs1vpcN0ciX7r 6yKVTp7eXG+5/S6W/DlZFg4emo1PW6Qnp+Aj3uIoSsXIeo+Gf+pBSskuV1w0KIp7 2MXzVXis3yWKmeMHA5O7GxCCFeIqh/FXqRW5AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUrh0kdNZd/CwdrGnyNgt2bKWyqrcwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3JoMGtkTlpkX0N3ZHJHbnlOZ3QyYktX eXFyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9PbAwDQYJ KoZIhvcNAQELBQADggEBAH9R3Ek50zqTl8xK6zv0fv4EPhEtOy4DMTEkIvNHYi+d 4agAsndk5401cfV/eAleDciYZxfdK7EoH7ndtXeeDrKCystWIiNohWPel9BQuwWC 3VYtd04b95y0hbom+ETZosLGabBz5EHDecsHX18aK29SRb0TCuQBuRqdZcaLVdzp Mwex3/AfNzH0GRtUrsbHGBOmnDo8s4F6fHIKXa58/79eIf5gE/ow2THWzBlbgrni IPuD0dCk5OFSywaiNEeW+bdqLeEvNQHZBM5fodE+bvj6FRxB/Q5xJ3aqfv3mt+J2 pcGyxPL6mFJFKptGZJRw+pOWRZeBFnyT1GHi2do7/us= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:33 2024 by rpki-client on console-ams.rpki-client.org