$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SDCL-TW/mAIYc7cE_7exIEEFvtBVk_4OSbs.roa File: mAIYc7cE_7exIEEFvtBVk_4OSbs.roa (raw, json) Hash identifier: 8syaeJT1nH2DfWafwPPZDYvEfDnK7fC+EcegT0Tl6NE= Subject key identifier: 98:02:18:73:B7:04:FF:B7:B1:20:41:05:BE:D0:55:93:FE:0E:49:BB Certificate issuer: /CN=0264A41A741E5F00AED2BD7E4A7A42F5B1D758D5 Certificate serial: 010C Authority key identifier: 02:64:A4:1A:74:1E:5F:00:AE:D2:BD:7E:4A:7A:42:F5:B1:D7:58:D5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AmSkGnQeXwCu0r1-SnpC9bHXWNU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SDCL-TW/mAIYc7cE_7exIEEFvtBVk_4OSbs.roa Signing time: Mon 26 Aug 2024 05:25:36 +0000 ROA not before: Mon 26 Aug 2024 05:25:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 134823 IP address blocks: 123.253.140.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SDCL-TW/AmSkGnQeXwCu0r1-SnpC9bHXWNU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SDCL-TW/AmSkGnQeXwCu0r1-SnpC9bHXWNU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/AmSkGnQeXwCu0r1-SnpC9bHXWNU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 11:24:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 268 (0x10c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0264A41A741E5F00AED2BD7E4A7A42F5B1D758D5 Validity Not Before: Aug 26 05:25:36 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=98021873B704FFB7B1204105BED05593FE0E49BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:05:b9:ad:b8:6b:49:7b:a6:e2:dd:83:b9:d4: f8:23:b5:8b:b1:64:1e:ff:36:22:c7:13:7a:c9:26: 55:d1:3d:3c:18:96:a8:02:e4:98:5b:c9:46:29:6d: dc:88:c9:90:10:52:19:56:fd:28:93:1b:83:1c:75: 5a:78:49:66:95:ad:51:48:86:2a:49:05:79:7f:5e: d2:21:07:52:76:66:fe:44:ba:b0:07:4a:a4:31:08: b0:4e:2d:3b:bc:5d:02:58:58:c4:1e:8d:58:40:d1: 5a:d0:2a:eb:55:bd:77:df:44:d3:6b:5e:4b:d8:d9: d9:55:24:ef:84:f5:cc:9e:f4:74:40:90:19:76:96: 87:ed:b8:10:a6:ac:17:64:10:37:fd:2c:90:36:c9: 75:c7:44:89:42:5f:9e:97:6b:d2:e7:2b:12:09:06: 63:e1:bb:bd:3b:62:c2:e5:f3:7b:40:a2:a9:25:c7: 37:2b:78:18:95:a2:a7:f2:aa:81:f1:e4:87:13:c6: c6:83:40:be:b9:b5:97:8a:d1:57:fc:81:37:b7:a2: 66:0e:82:cd:58:61:e8:aa:de:d5:f0:82:d7:d7:54: 81:c7:db:58:af:a5:24:57:78:34:71:2a:d8:33:a7: 83:b8:32:6b:f2:aa:c1:ab:8c:be:11:21:1c:e7:41: 2f:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:02:18:73:B7:04:FF:B7:B1:20:41:05:BE:D0:55:93:FE:0E:49:BB X509v3 Authority Key Identifier: keyid:02:64:A4:1A:74:1E:5F:00:AE:D2:BD:7E:4A:7A:42:F5:B1:D7:58:D5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SDCL-TW/AmSkGnQeXwCu0r1-SnpC9bHXWNU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AmSkGnQeXwCu0r1-SnpC9bHXWNU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SDCL-TW/mAIYc7cE_7exIEEFvtBVk_4OSbs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.253.140.0/23 Signature Algorithm: sha256WithRSAEncryption 76:85:e3:e7:c1:5e:9c:ab:9c:20:e6:9f:10:99:76:48:27:7b: 95:0b:c9:d7:be:10:eb:99:7e:06:8d:4f:04:f2:20:25:33:73: 2c:f9:0c:d9:4b:d3:eb:49:93:10:ba:1b:04:c5:07:33:e8:76: 57:51:ab:a0:33:a5:51:d7:fb:9a:b5:fe:a0:3e:25:5f:26:3b: 6c:b1:ef:fd:a4:64:dc:fd:54:99:e0:c0:82:92:31:c2:8c:9c: 3d:4d:f5:7f:86:aa:0c:58:a6:d2:b2:36:81:cb:80:50:c7:8b: b7:43:44:89:f6:80:4a:47:18:e0:6e:45:7a:e5:91:35:1a:ac: 16:f9:db:04:60:71:ae:19:c7:12:46:7f:63:90:c4:0c:37:4a: 7a:26:56:c8:db:b8:19:10:c5:f3:76:dc:b7:64:0c:58:33:56: f3:1b:d3:e8:46:38:c5:ec:ee:f2:c7:eb:f9:4e:d6:5b:c7:bb: 66:72:06:81:e7:26:96:8d:ec:21:d7:53:40:9c:9e:16:f5:69: d5:35:e9:dc:48:21:a6:ba:7f:f1:83:7d:e2:7d:17:bb:b2:6b: 35:36:24:66:95:39:bf:32:15:97:39:9f:75:54:f2:e9:94:a0: ef:3b:c2:8b:14:c6:18:67:b3:23:a4:95:90:39:16:71:b8:c9: ac:67:d2:04 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICAQwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDI2 NEE0MUE3NDFFNUYwMEFFRDJCRDdFNEE3QTQyRjVCMUQ3NThENTAeFw0yNDA4MjYw NTI1MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk4MDIxODczQjcwNEZG QjdCMTIwNDEwNUJFRDA1NTkzRkUwRTQ5QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCBbmtuGtJe6bi3YO51PgjtYuxZB7/NiLHE3rJJlXRPTwYlqgC 5JhbyUYpbdyIyZAQUhlW/SiTG4McdVp4SWaVrVFIhipJBXl/XtIhB1J2Zv5EurAH SqQxCLBOLTu8XQJYWMQejVhA0VrQKutVvXffRNNrXkvY2dlVJO+E9cye9HRAkBl2 loftuBCmrBdkEDf9LJA2yXXHRIlCX56Xa9LnKxIJBmPhu707YsLl83tAoqklxzcr eBiVoqfyqoHx5IcTxsaDQL65tZeK0Vf8gTe3omYOgs1YYeiq3tXwgtfXVIHH21iv pSRXeDRxKtgzp4O4MmvyqsGrjL4RIRznQS8fAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUmAIYc7cE/7exIEEFvtBVk/4OSbswHwYDVR0jBBgwFoAUAmSkGnQeXwCu0r1+ SnpC9bHXWNUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0RDTC1U Vy9BbVNrR25RZVh3Q3UwcjEtU25wQzliSFhXTlUuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0FtU2tHblFlWHdDdTByMS1TbnBDOWJIWFdOVS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NEQ0wtVFcvbUFJWWM3Y0VfN2V4SUVF RnZ0QlZrXzRPU2JzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AXv9jDANBgkqhkiG9w0BAQsFAAOCAQEAdoXj58FenKucIOafEJl2SCd7lQvJ174Q 65l+Bo1PBPIgJTNzLPkM2UvT60mTELobBMUHM+h2V1GroDOlUdf7mrX+oD4lXyY7 bLHv/aRk3P1UmeDAgpIxwoycPU31f4aqDFim0rI2gcuAUMeLt0NEifaASkcY4G5F euWRNRqsFvnbBGBxrhnHEkZ/Y5DEDDdKeiZWyNu4GRDF83bct2QMWDNW8xvT6EY4 xezu8sfr+U7WW8e7ZnIGgecmlo3sIddTQJyeFvVp1TXp3Eghprp/8YN94n0Xu7Jr NTYkZpU5vzIVlzmfdVTy6ZSg7zvCixTGGGezI6SVkDkWcbjJrGfSBA== -----END CERTIFICATE-----Generated at Fri Nov 22 07:03:31 2024 by rpki-client on console-fra.rpki-client.org