$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/ypDmWZ5GV1vYi4bAAXNL4OoUog8.roa File: ypDmWZ5GV1vYi4bAAXNL4OoUog8.roa (raw, json) Hash identifier: ZG+SxVZBS0stNbnVFEFUEjl60Ko8ewZTgsKCEgeT24M= Subject key identifier: CA:90:E6:59:9E:46:57:5B:D8:8B:86:C0:01:73:4B:E0:EA:14:A2:0F Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0D62 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ypDmWZ5GV1vYi4bAAXNL4OoUog8.roa Signing time: Mon 26 Aug 2024 05:19:45 +0000 ROA not before: Mon 26 Aug 2024 05:19:45 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9918 IP address blocks: 61.61.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3426 (0xd62) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 26 05:19:45 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CA90E6599E46575BD88B86C001734BE0EA14A20F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b1:e3:bd:63:59:ea:10:d4:23:85:96:4d:bd: ac:d9:4c:12:3e:0c:ca:77:91:61:65:8f:78:fe:c1: fc:e1:82:ce:22:49:29:5e:ef:45:10:be:21:46:6e: c0:16:3e:43:08:ce:ed:ae:15:de:67:fe:13:0e:4b: 54:ec:46:ca:67:74:ff:4e:70:2f:13:88:fe:58:b8: 24:97:a8:67:94:e0:15:c4:24:b0:12:5f:dd:1d:fd: c8:3d:60:e3:d8:93:6d:25:9b:6f:8d:89:48:35:13: 07:ff:83:ae:4b:bd:25:23:39:da:fb:51:6d:51:12: c9:1e:b0:8b:ea:64:96:a8:0b:ee:aa:83:0b:42:a4: da:e7:4b:42:c8:a6:54:95:95:54:a5:29:99:39:ac: fc:1f:63:bf:aa:9d:6e:7d:98:b9:f8:3b:9f:13:ae: d4:38:9a:0d:92:3b:09:87:58:55:21:ec:fb:e4:26: 5f:c9:93:28:53:cb:e9:34:a2:9f:25:5c:82:31:1c: 54:ff:df:be:d4:97:99:41:87:b6:e7:65:13:a3:5d: 71:ea:f4:1a:b9:1e:37:5e:a5:34:b6:d2:78:6e:0f: 09:21:1b:25:30:eb:dc:df:bd:19:79:a3:8e:de:d3: 08:1e:67:3d:69:c1:4a:92:e3:0f:77:48:31:18:3a: 18:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:90:E6:59:9E:46:57:5B:D8:8B:86:C0:01:73:4B:E0:EA:14:A2:0F X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ypDmWZ5GV1vYi4bAAXNL4OoUog8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.128.0/18 Signature Algorithm: sha256WithRSAEncryption 6b:9f:b4:97:c4:b3:23:0c:26:9b:44:fe:fc:7b:9e:81:2f:b4: f6:93:ed:29:9c:c0:06:d5:16:ca:cd:c3:ff:7e:cb:03:40:a7: 4d:ac:ea:b5:b9:e6:48:d7:ea:f7:08:78:96:97:ec:a9:34:0c: 84:77:0b:61:7d:b3:f0:30:37:fa:e3:98:bd:41:0d:7c:2a:7b: dd:8f:e4:43:3d:17:f4:48:f6:b2:e1:b3:25:bd:45:ba:b5:be: 7d:7e:7a:08:6d:01:19:53:f7:a3:e9:fa:5a:02:ba:24:75:fe: b7:c7:67:ab:5b:3f:c7:d0:9b:54:b6:e1:6c:92:90:8f:63:6e: d7:5f:d6:1d:70:91:f2:a4:ec:5f:ef:8c:fa:43:90:05:0e:1a: f4:20:96:6c:ee:1f:c7:87:99:7a:16:9a:c3:fc:e0:da:76:6a: 3e:5f:d3:bb:09:c9:f3:66:57:89:d8:03:af:8e:dc:fd:ad:53: fc:d8:82:09:53:20:c0:fa:a9:40:ff:a7:16:a8:df:53:47:a2: f0:9d:18:f5:de:96:e4:d5:34:4e:c2:e5:bb:85:27:6d:aa:cb: 70:cb:cc:2e:5e:4d:a4:02:02:17:6c:08:cf:cb:20:f3:68:65: 6e:bb:b2:48:d1:a9:6b:60:f7:13:8a:19:8f:47:c3:48:41:cf: a5:3f:6b:d9 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw NTE5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENBOTBFNjU5OUU0NjU3 NUJEODhCODZDMDAxNzM0QkUwRUExNEEyMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgseO9Y1nqENQjhZZNvazZTBI+DMp3kWFlj3j+wfzhgs4iSSle 70UQviFGbsAWPkMIzu2uFd5n/hMOS1TsRspndP9OcC8TiP5YuCSXqGeU4BXEJLAS X90d/cg9YOPYk20lm2+NiUg1Ewf/g65LvSUjOdr7UW1REskesIvqZJaoC+6qgwtC pNrnS0LIplSVlVSlKZk5rPwfY7+qnW59mLn4O58TrtQ4mg2SOwmHWFUh7PvkJl/J kyhTy+k0op8lXIIxHFT/377Ul5lBh7bnZROjXXHq9Bq5HjdepTS20nhuDwkhGyUw 69zfvRl5o47e0wgeZz1pwUqS4w93SDEYOhhJAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUypDmWZ5GV1vYi4bAAXNL4OoUog8wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3lwRG1XWjVHVjF2WWk0YkFBWE5MNE9v VW9nOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAY9PYAwDQYJ KoZIhvcNAQELBQADggEBAGuftJfEsyMMJptE/vx7noEvtPaT7SmcwAbVFsrNw/9+ ywNAp02s6rW55kjX6vcIeJaX7Kk0DIR3C2F9s/AwN/rjmL1BDXwqe92P5EM9F/RI 9rLhsyW9Rbq1vn1+eghtARlT96Pp+loCuiR1/rfHZ6tbP8fQm1S24WySkI9jbtdf 1h1wkfKk7F/vjPpDkAUOGvQglmzuH8eHmXoWmsP84Np2aj5f07sJyfNmV4nYA6+O 3P2tU/zYgglTIMD6qUD/pxao31NHovCdGPXeluTVNE7C5buFJ22qy3DLzC5eTaQC AhdsCM/LIPNoZW67skjRqWtg9xOKGY9Hw0hBz6U/a9k= -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:40 2024 by rpki-client on console-fra.rpki-client.org