$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/3Aa6dmVQbsCNlwps-ejcEAQ-HU4.roa File: 3Aa6dmVQbsCNlwps-ejcEAQ-HU4.roa (raw, json) Hash identifier: sGnqsvg1phPtgLARsTcd8XuWWme72rv1rIqYYx3nUZU= Subject key identifier: DC:06:BA:76:65:50:6E:C0:8D:97:0A:6C:F9:E8:DC:10:04:3E:1D:4E Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B Certificate serial: 0CA2 Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/3Aa6dmVQbsCNlwps-ejcEAQ-HU4.roa Signing time: Tue 24 Sep 2024 10:58:38 +0000 ROA not before: Tue 24 Sep 2024 10:58:38 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9922 IP address blocks: 39.1.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3234 (0xca2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B Validity Not Before: Sep 24 10:58:38 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DC06BA7665506EC08D970A6CF9E8DC10043E1D4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:8d:e9:c9:aa:95:ec:15:8f:b4:1c:9f:bc:0b: 6a:0b:ea:de:8a:7f:ca:94:e4:f4:2d:5a:dd:e6:5e: 7e:bd:9b:5f:4e:37:d0:2c:b0:e9:5c:99:b6:e1:b0: 1e:9a:e5:aa:d0:69:a1:a7:f1:65:eb:c2:fc:4e:44: 15:13:9c:da:7d:53:bd:55:28:43:ce:7b:8f:af:a0: 12:2e:19:39:75:b9:f3:d4:f0:ad:6c:b3:53:66:57: 21:70:55:85:4e:2c:00:ad:41:f0:d1:f0:03:24:64: c6:59:33:36:c5:b5:d9:67:4c:af:70:e9:95:5f:61: e1:cf:e1:96:06:cf:84:3f:c7:b5:39:37:be:fb:1f: ac:a1:71:68:d8:82:6f:c5:f9:28:c0:47:02:a0:50: 07:c6:b5:d7:ee:67:fc:6b:5b:44:2b:78:43:b3:b4: 60:0f:f9:29:de:9f:88:6a:7f:49:4f:65:96:8c:e9: 83:4f:17:89:0c:36:76:4f:05:12:b3:8c:0e:12:6a: f3:63:f6:1e:75:74:91:a7:99:ca:73:f7:19:b2:32: b5:3c:57:b7:46:40:1b:59:8f:55:04:e8:f5:63:e0: 85:84:e1:2a:c5:ba:43:b1:dd:44:95:db:4e:74:3b: 18:ec:bd:31:ca:fc:45:84:75:01:31:11:b0:3c:af: 72:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:06:BA:76:65:50:6E:C0:8D:97:0A:6C:F9:E8:DC:10:04:3E:1D:4E X509v3 Authority Key Identifier: keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/3Aa6dmVQbsCNlwps-ejcEAQ-HU4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 39.1.47.0/24 Signature Algorithm: sha256WithRSAEncryption 21:62:eb:a7:53:2b:a7:4f:00:a2:a6:8f:03:aa:a9:e8:53:53: 2b:51:32:a9:7f:7a:6c:42:5c:6b:94:a4:06:d9:a1:10:a2:aa: 5c:d7:0b:f3:d4:ea:c0:18:ca:61:d1:fe:fa:3c:be:78:8a:2e: fc:15:3d:6d:e8:64:75:56:e5:42:14:c3:90:4f:72:f0:d8:96: 1e:59:db:11:f2:3d:e7:fd:87:b3:1a:dc:45:89:57:42:05:e8: 95:20:c1:32:0c:6c:e6:48:89:ae:72:d3:88:23:dd:f9:26:85: bd:17:ed:c5:d1:03:13:8d:a6:fc:5c:ce:4b:f9:5d:93:a5:db: 12:1e:6d:b9:fe:a7:a7:f0:14:89:61:1c:71:4a:04:9a:7c:56: 42:ce:51:0b:28:4a:59:06:06:9f:1c:95:4c:4d:bb:cb:56:15: f9:d4:38:5d:38:56:47:f6:34:90:ae:00:49:61:a0:5e:57:f7: 03:63:e0:82:b3:ea:6d:2d:83:13:d7:a7:e7:41:80:bc:30:ee: bb:ba:5c:25:e6:46:bf:13:69:2b:d9:c2:2e:1a:32:f8:fe:82: 01:90:70:76:4a:fe:29:6d:d6:25:6b:c5:af:ef:c3:52:36:2e: 12:50:8f:0d:a4:f7:3b:76:90:53:73:9b:ee:e9:cc:8d:0e:0e: cd:7e:83:e7 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yNDA5MjQx MDU4MzhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDMDZCQTc2NjU1MDZF QzA4RDk3MEE2Q0Y5RThEQzEwMDQzRTFENEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOjenJqpXsFY+0HJ+8C2oL6t6Kf8qU5PQtWt3mXn69m19ON9As sOlcmbbhsB6a5arQaaGn8WXrwvxORBUTnNp9U71VKEPOe4+voBIuGTl1ufPU8K1s s1NmVyFwVYVOLACtQfDR8AMkZMZZMzbFtdlnTK9w6ZVfYeHP4ZYGz4Q/x7U5N777 H6yhcWjYgm/F+SjARwKgUAfGtdfuZ/xrW0QreEOztGAP+Snen4hqf0lPZZaM6YNP F4kMNnZPBRKzjA4SavNj9h51dJGnmcpz9xmyMrU8V7dGQBtZj1UE6PVj4IWE4SrF ukOx3USV2050OxjsvTHK/EWEdQExEbA8r3LlAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU3Aa6dmVQbsCNlwps+ejcEAQ+HU4wHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5 B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC8zQWE2ZG1WUWJzQ05sd3BzLWVq Y0VBUS1IVTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJwEv MA0GCSqGSIb3DQEBCwUAA4IBAQAhYuunUyunTwCipo8DqqnoU1MrUTKpf3psQlxr lKQG2aEQoqpc1wvz1OrAGMph0f76PL54ii78FT1t6GR1VuVCFMOQT3Lw2JYeWdsR 8j3n/YezGtxFiVdCBeiVIMEyDGzmSImuctOII935JoW9F+3F0QMTjab8XM5L+V2T pdsSHm25/qen8BSJYRxxSgSafFZCzlELKEpZBgafHJVMTbvLVhX51DhdOFZH9jSQ rgBJYaBeV/cDY+CCs+ptLYMT16fnQYC8MO67ulwl5ka/E2kr2cIuGjL4/oIBkHB2 Sv4pbdYla8Wv78NSNi4SUI8NpPc7dpBTc5vu6cyNDg7NfoPn -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:14 2024 by rpki-client on console-ams.rpki-client.org