$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKSMF/TFHFcqukQtvjsqxlG0waWosyqD4.roa File: TFHFcqukQtvjsqxlG0waWosyqD4.roa (raw, json) Hash identifier: CDDxhOpamrkqbOr8ElqsE9mBQKHamnxV07ZZ9HCqxpw= Subject key identifier: 4C:51:C5:72:AB:A4:42:DB:E3:B2:AC:65:1B:4C:1A:5A:8B:32:A8:3E Certificate issuer: /CN=FBCFA1880AC86CE4FB99F974E9953F3597DCDE0A Certificate serial: 0D2E Authority key identifier: FB:CF:A1:88:0A:C8:6C:E4:FB:99:F9:74:E9:95:3F:35:97:DC:DE:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/TFHFcqukQtvjsqxlG0waWosyqD4.roa Signing time: Mon 26 Aug 2024 05:20:02 +0000 ROA not before: Mon 26 Aug 2024 05:20:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131645 IP address blocks: 2405:29c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/-8-hiArIbOT7mfl06ZU_NZfc3go.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/-8-hiArIbOT7mfl06ZU_NZfc3go.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3374 (0xd2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FBCFA1880AC86CE4FB99F974E9953F3597DCDE0A Validity Not Before: Aug 26 05:20:02 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4C51C572ABA442DBE3B2AC651B4C1A5A8B32A83E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:14:11:50:85:f1:25:f9:23:b5:9e:25:20:d0: c7:59:4a:ac:a5:45:ba:8e:73:c9:d9:73:cf:d6:ef: 43:26:c0:9e:55:84:0b:93:5c:2e:5b:9f:15:22:4b: 17:59:4c:a1:b8:c1:82:a3:c3:22:2e:85:c2:37:43: 90:1d:bb:da:d9:a8:73:93:87:02:aa:79:cf:4d:5f: f8:d4:4f:3f:1a:41:9e:61:e2:78:8f:c0:c0:da:1e: 2b:2c:8a:24:f1:44:e2:16:70:d6:a2:c9:6d:a2:3e: 2f:cb:c6:6c:71:3e:a5:4c:c1:7b:d3:ab:f8:2a:79: 96:7a:bd:ce:16:f9:b8:6d:8a:b7:8f:50:db:aa:ec: 42:62:e2:ac:49:e1:68:a8:39:3c:ac:59:b7:87:c4: 19:e5:d0:af:77:3d:7d:a3:9b:0f:55:f6:91:56:54: 37:fa:ca:d5:62:4e:bb:75:2e:99:33:1e:39:f5:59: 17:3f:9a:e9:63:a1:ea:7e:b1:e7:0b:12:f2:90:32: f8:59:83:1e:62:e5:6c:96:76:40:ec:5a:e5:e2:fa: 3e:72:81:59:3e:41:25:c4:69:bc:67:51:29:72:70: 66:6a:24:66:99:26:5c:65:19:7f:f4:3f:70:d5:f6: f3:0b:b5:57:b9:20:d3:d0:37:35:31:75:cb:45:68: 62:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:51:C5:72:AB:A4:42:DB:E3:B2:AC:65:1B:4C:1A:5A:8B:32:A8:3E X509v3 Authority Key Identifier: keyid:FB:CF:A1:88:0A:C8:6C:E4:FB:99:F9:74:E9:95:3F:35:97:DC:DE:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/-8-hiArIbOT7mfl06ZU_NZfc3go.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/TFHFcqukQtvjsqxlG0waWosyqD4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:29c0::/32 Signature Algorithm: sha256WithRSAEncryption d5:01:65:ad:9a:9f:9f:a8:d8:90:1d:bf:13:4f:7d:e6:93:9c: 67:21:c3:e2:72:13:16:c3:2f:b7:50:23:18:c0:17:b6:73:c2: 7f:d6:d8:2c:8f:dc:dd:7e:c6:1b:12:65:e8:84:82:3d:87:fb: a0:72:2a:10:4c:fb:a3:16:72:56:6f:19:fb:7d:da:60:26:92: 79:9d:d6:d7:67:24:49:e9:da:0e:78:2a:7f:e9:ff:c0:05:e9: 19:51:7b:cf:2e:b1:b7:7b:41:c4:56:29:06:59:40:c9:41:26: 81:b3:8b:af:bf:d8:2d:95:b9:b8:bd:94:42:d5:a9:2e:d8:f9: 33:dc:74:c1:2c:63:b0:4d:19:e5:40:c4:cd:91:58:b2:bf:98: af:13:01:4e:93:25:39:34:9a:f5:f8:ea:17:db:39:d5:c5:0f: ed:88:c4:2f:c7:15:ea:88:b5:29:d0:5d:53:30:35:63:df:43: 3a:47:4a:23:a5:a2:87:e1:c0:b9:d9:f9:72:81:80:8c:5a:66: e9:d2:0d:d2:c4:ae:34:cf:89:5f:b0:28:ec:ca:35:bb:4e:f5: 43:2c:50:b5:e0:45:b2:8a:37:8a:d5:2a:f9:0e:af:85:d7:f2: a0:0e:22:b3:81:5c:88:97:0f:19:38:13:57:81:88:e5:dd:ed: 7c:06:84:b8 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICDS4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkJD RkExODgwQUM4NkNFNEZCOTlGOTc0RTk5NTNGMzU5N0RDREUwQTAeFw0yNDA4MjYw NTIwMDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRDNTFDNTcyQUJBNDQy REJFM0IyQUM2NTFCNEMxQTVBOEIzMkE4M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIFBFQhfEl+SO1niUg0MdZSqylRbqOc8nZc8/W70MmwJ5VhAuT XC5bnxUiSxdZTKG4wYKjwyIuhcI3Q5Adu9rZqHOThwKqec9NX/jUTz8aQZ5h4niP wMDaHissiiTxROIWcNaiyW2iPi/LxmxxPqVMwXvTq/gqeZZ6vc4W+bhtirePUNuq 7EJi4qxJ4WioOTysWbeHxBnl0K93PX2jmw9V9pFWVDf6ytViTrt1LpkzHjn1WRc/ muljoep+secLEvKQMvhZgx5i5WyWdkDsWuXi+j5ygVk+QSXEabxnUSlycGZqJGaZ JlxlGX/0P3DV9vMLtVe5INPQNzUxdctFaGKXAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQUTFHFcqukQtvjsqxlG0waWosyqD4wHwYDVR0jBBgwFoAU+8+hiArIbOT7mfl0 6ZU/NZfc3gowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tTTUYv LTgtaGlBckliT1Q3bWZsMDZaVV9OWmZjM2dvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8tOC1oaUFySWJPVDdtZmwwNlpVX05aZmMzZ28uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS1NNRi9URkhGY3F1a1F0dmpzcXhsRzB3 YVdvc3lxRDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAUp wDANBgkqhkiG9w0BAQsFAAOCAQEA1QFlrZqfn6jYkB2/E0995pOcZyHD4nITFsMv t1AjGMAXtnPCf9bYLI/c3X7GGxJl6ISCPYf7oHIqEEz7oxZyVm8Z+33aYCaSeZ3W 12ckSenaDngqf+n/wAXpGVF7zy6xt3tBxFYpBllAyUEmgbOLr7/YLZW5uL2UQtWp Ltj5M9x0wSxjsE0Z5UDEzZFYsr+YrxMBTpMlOTSa9fjqF9s51cUP7YjEL8cV6oi1 KdBdUzA1Y99DOkdKI6Wih+HAudn5coGAjFpm6dIN0sSuNM+JX7Ao7Mo1u071QyxQ teBFsoo3itUq+Q6vhdfyoA4is4FciJcPGTgTV4GI5d3tfAaEuA== -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:33 2024 by rpki-client on console-ams.rpki-client.org