$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/rGWS5jWGTuoEvb3IuzuWLbak6R8.roa File: rGWS5jWGTuoEvb3IuzuWLbak6R8.roa (raw, json) Hash identifier: 52zx7Z2/LOdhJUcYd8qAJZaEHw/J+v0RbeqGYgX2NOs= Subject key identifier: AC:65:92:E6:35:86:4E:EA:04:BD:BD:C8:BB:3B:96:2D:B6:A4:E9:1F Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Certificate serial: 0CA2 Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/rGWS5jWGTuoEvb3IuzuWLbak6R8.roa Signing time: Mon 26 Aug 2024 05:26:55 +0000 ROA not before: Mon 26 Aug 2024 05:26:55 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 101.3.106.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3234 (0xca2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9 Validity Not Before: Aug 26 05:26:55 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=AC6592E635864EEA04BDBDC8BB3B962DB6A4E91F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:79:a4:14:cb:91:ea:26:0a:85:67:0b:fb:e3: 4f:2d:7c:00:e1:98:7e:a4:3f:48:d4:72:6e:96:b5: 4c:90:9e:d1:a1:71:13:09:77:38:3a:69:7e:75:31: 44:5a:bf:6c:cd:3d:c8:e9:5f:df:5b:2a:84:70:d2: cd:fe:a1:35:35:cc:9b:f1:41:51:70:fd:3a:e5:24: e6:d3:4f:94:0e:f0:07:19:b6:23:cf:45:5e:84:d3: dc:67:a1:2d:62:a1:87:53:f8:09:de:41:b2:30:80: 98:fa:8f:fe:6a:bd:e4:48:81:fc:e9:31:85:ab:57: 15:1d:b7:f3:4a:b8:10:1f:0b:1c:c0:d9:6a:15:54: d6:37:2a:f6:47:80:ce:b0:3a:3b:7e:e5:10:25:22: 80:6e:5b:7b:5a:84:d6:dc:a3:2e:ff:d5:47:2c:63: 8d:0c:40:11:d5:1d:7a:d0:92:ec:6d:53:55:b9:d8: 97:82:5f:1d:a5:f4:e1:0d:73:79:60:c2:51:34:6b: 9d:f0:c7:60:41:1e:42:28:f3:42:b3:09:4e:e4:91: 5d:37:d5:60:df:64:46:ba:00:5d:0d:a8:4b:7a:3f: 11:47:6c:bc:f6:60:27:eb:4b:29:28:34:da:14:a2: bf:fc:f4:4a:34:3e:3d:9b:1b:eb:16:76:1e:01:1e: 19:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:65:92:E6:35:86:4E:EA:04:BD:BD:C8:BB:3B:96:2D:B6:A4:E9:1F X509v3 Authority Key Identifier: keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/rGWS5jWGTuoEvb3IuzuWLbak6R8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.3.106.0/23 Signature Algorithm: sha256WithRSAEncryption 23:68:c4:b0:b1:74:58:97:27:ca:6e:f7:37:27:08:58:93:18: 3b:39:86:8f:f1:80:2a:fb:6a:bd:b1:4b:a2:90:a5:3f:a6:de: c5:5b:1b:ac:29:51:a8:8f:67:22:a5:f7:09:5e:17:72:04:9e: bb:71:5f:f1:3f:0b:46:10:a2:f7:5a:b9:9e:63:73:17:4a:8b: 55:65:36:7b:72:e3:82:f5:84:f8:a5:0f:f6:79:99:b3:62:5e: 35:5f:54:4b:9d:0f:10:3a:04:a0:e2:7f:e9:75:95:4f:c5:c4: 1b:3b:73:50:95:39:cd:f9:88:71:81:bb:a0:2b:5e:91:ae:1f: 93:dc:73:d9:fc:1e:a9:2c:4c:c3:8e:47:28:11:8d:4e:29:87: 54:70:9d:65:a8:6d:5c:04:68:1b:0f:de:c3:61:c6:e5:56:e8: a0:54:5e:d8:d3:80:37:fe:24:7a:33:41:22:e2:ea:09:0c:b8: b1:a2:cc:e8:d8:d9:5a:94:fc:50:b4:d8:2b:7b:63:bf:89:c0: c6:af:29:be:2a:04:a3:8d:3d:12:83:f3:19:ca:9f:62:0a:47: 6e:f0:8a:89:76:80:f6:41:cf:cc:a9:17:16:7d:f3:20:18:d8: f9:75:ca:56:88:70:ac:27:5f:68:82:c1:7f:7a:5d:02:f6:4d: 10:99:58:3e -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1 NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNDA4MjYw NTI2NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFDNjU5MkU2MzU4NjRF RUEwNEJEQkRDOEJCM0I5NjJEQjZBNEU5MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgeaQUy5HqJgqFZwv7408tfADhmH6kP0jUcm6WtUyQntGhcRMJ dzg6aX51MURav2zNPcjpX99bKoRw0s3+oTU1zJvxQVFw/TrlJObTT5QO8AcZtiPP RV6E09xnoS1ioYdT+AneQbIwgJj6j/5qveRIgfzpMYWrVxUdt/NKuBAfCxzA2WoV VNY3KvZHgM6wOjt+5RAlIoBuW3tahNbcoy7/1UcsY40MQBHVHXrQkuxtU1W52JeC Xx2l9OENc3lgwlE0a53wx2BBHkIo80KzCU7kkV031WDfZEa6AF0NqEt6PxFHbLz2 YCfrSykoNNoUor/89Eo0Pj2bG+sWdh4BHhlfAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUrGWS5jWGTuoEvb3IuzuWLbak6R8wHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83 NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L3JHV1M1aldHVHVv RXZiM0l1enVXTGJhazZSOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAFlA2owDQYJKoZIhvcNAQELBQADggEBACNoxLCxdFiXJ8pu9zcnCFiTGDs5 ho/xgCr7ar2xS6KQpT+m3sVbG6wpUaiPZyKl9wleF3IEnrtxX/E/C0YQovdauZ5j cxdKi1VlNnty44L1hPilD/Z5mbNiXjVfVEudDxA6BKDif+l1lU/FxBs7c1CVOc35 iHGBu6ArXpGuH5Pcc9n8HqksTMOORygRjU4ph1RwnWWobVwEaBsP3sNhxuVW6KBU XtjTgDf+JHozQSLi6gkMuLGizOjY2VqU/FC02Ct7Y7+JwMavKb4qBKONPRKD8xnK n2IKR27wiol2gPZBz8ypFxZ98yAY2Pl1ylaIcKwnX2iCwX96XQL2TRCZWD4= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:54 2024 by rpki-client on console-fra.rpki-client.org