$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCHC/q5BKD3PUzWPi7I1x8aDc7DC5WW8.roa File: q5BKD3PUzWPi7I1x8aDc7DC5WW8.roa (raw, json) Hash identifier: 512egPS+pVi1DSrvdInxE8WWzqatwWeF3dznpH6WaVY= Subject key identifier: AB:90:4A:0F:73:D4:CD:63:E2:EC:8D:71:F1:A0:DC:EC:30:B9:59:6F Certificate issuer: /CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891 Certificate serial: 0C3A Authority key identifier: ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/q5BKD3PUzWPi7I1x8aDc7DC5WW8.roa Signing time: Mon 26 Aug 2024 05:21:29 +0000 ROA not before: Mon 26 Aug 2024 05:21:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 7539 IP address blocks: 211.79.48.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3130 (0xc3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891 Validity Not Before: Aug 26 05:21:29 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=AB904A0F73D4CD63E2EC8D71F1A0DCEC30B9596F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:11:41:07:ea:c2:2c:e7:5a:25:d6:ea:37:71: e8:75:bb:f8:41:f9:7b:e2:b1:5b:45:5c:1e:96:96: f8:cd:7f:07:0f:9c:0f:16:c4:15:fe:59:ba:14:71: 1c:bd:7a:1e:69:d5:e0:ab:09:e4:52:c0:8b:c7:3a: 65:25:fa:96:93:5a:9b:9c:0c:30:3e:8c:2b:71:9e: d0:90:40:b3:06:2f:73:38:f3:3b:18:d4:8d:a9:fe: ba:5e:dd:0a:19:44:8b:6f:bd:13:fd:d4:ef:16:d4: 55:ce:91:9d:fc:25:a7:4f:eb:c9:58:d6:d1:90:20: 8d:e9:04:58:b1:9b:f0:8c:92:fa:55:fb:63:65:af: b9:3d:64:dc:4a:4e:43:47:6d:c5:77:ee:0f:a9:bd: 81:71:d1:7e:6f:04:4c:32:d9:1b:60:dc:be:b2:36: 1b:3c:95:97:d7:70:4f:1e:1a:b5:d3:54:e9:b4:ae: 7d:02:ea:ab:ff:7e:db:a1:3b:37:f9:88:3e:4a:50: 11:18:53:bb:8c:6e:8d:fa:5e:ef:82:8e:07:20:fb: 0b:63:63:fe:6f:e1:9a:41:ed:e0:8e:9c:34:a9:c6: c4:6d:47:93:8d:88:2c:77:d0:1a:23:f2:80:24:90: f8:ac:6f:cc:d2:98:87:4d:07:d8:6a:bd:4c:64:39: da:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:90:4A:0F:73:D4:CD:63:E2:EC:8D:71:F1:A0:DC:EC:30:B9:59:6F X509v3 Authority Key Identifier: keyid:ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/q5BKD3PUzWPi7I1x8aDc7DC5WW8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.79.48.0/20 Signature Algorithm: sha256WithRSAEncryption 33:ca:2f:03:3a:69:e6:f8:c1:b5:87:1c:87:13:b8:1d:cb:4c: 83:4c:e9:18:d4:5b:d2:79:3e:09:cb:35:83:10:a1:93:e2:58: d5:04:01:a0:9e:66:ea:44:73:cf:40:61:a3:40:20:b3:ec:67: a6:6d:09:68:2f:40:74:0a:39:a1:7b:00:1f:3d:25:be:d5:c8: b9:c2:52:a6:11:4d:bf:f1:7b:d8:af:2e:f7:4e:b0:9c:7a:5a: 12:75:dd:93:0d:fd:09:01:bb:85:8a:16:83:9f:98:38:e2:ce: b5:2a:ba:12:42:20:4f:39:92:af:20:2a:04:7b:a1:6e:43:a5: de:63:31:35:dc:4a:a5:67:79:30:05:67:65:82:3c:3b:13:42: 68:63:81:9b:69:5c:8b:b9:83:59:19:6d:d2:45:e9:10:df:13: 5d:af:7e:25:5c:9f:63:ea:8d:65:83:33:34:e9:d4:73:c7:22: c9:ec:cf:9b:15:e7:29:89:3c:10:85:7c:4a:09:2e:c3:16:6d: 54:5d:95:5d:96:4e:36:39:39:68:89:0a:49:b7:90:ec:e3:e4: d0:9a:cf:20:1b:2a:98:ae:32:5d:41:0f:68:4d:2e:53:8f:1a: 23:40:8d:c7:91:37:22:9f:26:2a:ca:07:c0:05:4b:a0:25:e3: 7a:6a:20:e7 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQz ODY4NUZGM0VBMUY0NjY4NURFNUY1N0M2QTRCODEwNDQ4MTg5MTAeFw0yNDA4MjYw NTIxMjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFCOTA0QTBGNzNENENE NjNFMkVDOEQ3MUYxQTBEQ0VDMzBCOTU5NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTEUEH6sIs51ol1uo3ceh1u/hB+XvisVtFXB6WlvjNfwcPnA8W xBX+WboUcRy9eh5p1eCrCeRSwIvHOmUl+paTWpucDDA+jCtxntCQQLMGL3M48zsY 1I2p/rpe3QoZRItvvRP91O8W1FXOkZ38JadP68lY1tGQII3pBFixm/CMkvpV+2Nl r7k9ZNxKTkNHbcV37g+pvYFx0X5vBEwy2Rtg3L6yNhs8lZfXcE8eGrXTVOm0rn0C 6qv/ftuhOzf5iD5KUBEYU7uMbo36Xu+Cjgcg+wtjY/5v4ZpB7eCOnDSpxsRtR5ON iCx30Boj8oAkkPisb8zSmIdNB9hqvUxkOdprAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUq5BKD3PUzWPi7I1x8aDc7DC5WW8wHwYDVR0jBBgwFoAU7ThoX/PqH0ZoXeX1 fGpLgQRIGJEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNIQy83 VGhvWF9QcUgwWm9YZVgxZkdwTGdRUklHSkUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB LzdUaG9YX1BxSDBab1hlWDFmR3BMZ1FSSUdKRS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSEMvcTVCS0QzUFV6V1BpN0kxeDhhRGM3 REM1V1c4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNNPMDAN BgkqhkiG9w0BAQsFAAOCAQEAM8ovAzpp5vjBtYcchxO4HctMg0zpGNRb0nk+Ccs1 gxChk+JY1QQBoJ5m6kRzz0Bho0Ags+xnpm0JaC9AdAo5oXsAHz0lvtXIucJSphFN v/F72K8u906wnHpaEnXdkw39CQG7hYoWg5+YOOLOtSq6EkIgTzmSryAqBHuhbkOl 3mMxNdxKpWd5MAVnZYI8OxNCaGOBm2lci7mDWRlt0kXpEN8TXa9+JVyfY+qNZYMz NOnUc8ciyezPmxXnKYk8EIV8SgkuwxZtVF2VXZZONjk5aIkKSbeQ7OPk0JrPIBsq mK4yXUEPaE0uU48aI0CNx5E3Ip8mKsoHwAVLoCXjemog5w== -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:33 2024 by rpki-client on console-ams.rpki-client.org