$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/3juHypy3c-g41GThb-ns04LIdI4.roa File: 3juHypy3c-g41GThb-ns04LIdI4.roa (raw, json) Hash identifier: odO7EHdAK0afS1isPx+P72vzB2ZXpkCJXjkekPHtrtM= Subject key identifier: DE:3B:87:CA:9C:B7:73:E8:38:D4:64:E1:6F:E9:EC:D3:82:C8:74:8E Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 0E4D Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/3juHypy3c-g41GThb-ns04LIdI4.roa Signing time: Mon 26 Aug 2024 05:27:12 +0000 ROA not before: Mon 26 Aug 2024 05:27:12 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17716 IP address blocks: 120.96.248.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3661 (0xe4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 26 05:27:12 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=DE3B87CA9CB773E838D464E16FE9ECD382C8748E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:65:a5:ac:e2:c9:8d:19:13:5f:dd:64:6e:8a: e5:9e:8a:40:a2:7a:12:bb:64:c6:49:e5:91:74:5e: 06:b0:61:d9:77:a2:33:9f:97:86:9f:dd:54:fa:e8: 8f:e0:ca:53:2b:c2:08:44:a3:9f:6e:26:c1:20:a4: cc:2f:e8:73:08:ee:92:17:0f:14:f0:d1:cd:99:e6: 21:49:0f:4d:7a:83:9f:4e:10:14:ef:cb:9d:0e:66: 92:f5:eb:b6:27:c8:1b:bb:b4:78:5f:bb:fe:8f:5a: 87:35:eb:69:c3:1f:74:ce:7e:ae:e9:50:03:80:2f: 12:bb:be:00:df:80:cf:7f:37:6b:f5:e9:bc:ba:6a: 8b:8f:ea:a4:a8:72:be:a0:45:be:3c:61:b4:53:4a: dd:3a:fa:af:d4:f3:6f:b3:06:91:ee:75:18:47:06: 74:4d:a6:8c:43:9d:68:9b:8b:a3:8c:c1:a5:02:46: 88:67:84:48:65:d1:32:92:48:51:15:e8:f3:57:83: 01:86:f4:4a:30:86:4b:ec:0c:ba:a7:4d:4a:4a:3a: 8a:0b:e1:68:8f:34:30:d1:42:e7:f1:56:7e:d2:ae: a4:ee:ae:24:1d:03:04:64:a1:19:4b:b2:df:05:ce: 3c:c6:9c:a7:4b:71:ba:49:30:31:74:06:5d:1f:9b: cc:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:3B:87:CA:9C:B7:73:E8:38:D4:64:E1:6F:E9:EC:D3:82:C8:74:8E X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/3juHypy3c-g41GThb-ns04LIdI4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.96.248.0/22 Signature Algorithm: sha256WithRSAEncryption 30:f1:d9:2a:e1:3c:b8:a2:c6:0b:d3:7b:83:5e:a1:b4:b4:7f: c8:83:9d:e2:63:6c:ff:73:67:7d:8c:e5:de:3b:01:b8:21:75: 4a:9c:14:b6:82:fd:6c:5e:6b:c5:3e:43:56:c8:e6:35:eb:71: 54:70:3a:52:ae:d7:58:83:38:72:a8:a8:c7:22:72:bc:42:93: db:69:4b:31:f2:12:ca:e1:aa:06:91:8a:bf:ea:41:9c:74:cf: 52:99:b5:98:5f:fe:a5:d7:47:90:e0:aa:c2:8b:ae:24:5c:4c: 48:a0:d9:1a:3b:70:98:22:23:6a:eb:f2:64:4e:5a:58:69:a6: 9e:1d:7f:91:5f:d0:4d:61:04:66:04:1f:2b:38:1b:ec:07:b4: cf:6a:17:b6:5e:c5:f0:04:6b:e6:46:41:90:3e:03:8b:05:db: c1:11:0f:67:c0:d9:5d:a3:41:b5:b1:14:63:70:08:ab:83:fd: fb:ab:0a:62:e9:6a:fa:59:b3:6b:e1:de:d6:9e:cc:c6:18:20: 2d:8b:1f:6c:7b:9b:96:be:48:86:d2:61:0a:c8:2a:fa:1e:6c: c9:b8:5b:4e:f2:f4:32:62:e5:b8:f4:4c:39:bd:c2:ab:3f:6a: fe:0f:8a:06:3e:53:bf:f9:e2:61:4e:7e:98:f9:37:a7:9a:91: 67:62:65:6b -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNDA4MjYw NTI3MTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERFM0I4N0NBOUNCNzcz RTgzOEQ0NjRFMTZGRTlFQ0QzODJDODc0OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOZaWs4smNGRNf3WRuiuWeikCiehK7ZMZJ5ZF0XgawYdl3ojOf l4af3VT66I/gylMrwghEo59uJsEgpMwv6HMI7pIXDxTw0c2Z5iFJD016g59OEBTv y50OZpL167YnyBu7tHhfu/6PWoc162nDH3TOfq7pUAOALxK7vgDfgM9/N2v16by6 aouP6qSocr6gRb48YbRTSt06+q/U82+zBpHudRhHBnRNpoxDnWibi6OMwaUCRohn hEhl0TKSSFEV6PNXgwGG9EowhkvsDLqnTUpKOooL4WiPNDDRQufxVn7SrqTuriQd AwRkoRlLst8FzjzGnKdLcbpJMDF0Bl0fm8yTAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU3juHypy3c+g41GThb+ns04LIdI4wHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC8zanVIeXB5M2MtZzQxR1RoYi1u czA0TElkSTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCeGD4 MA0GCSqGSIb3DQEBCwUAA4IBAQAw8dkq4Ty4osYL03uDXqG0tH/Ig53iY2z/c2d9 jOXeOwG4IXVKnBS2gv1sXmvFPkNWyOY163FUcDpSrtdYgzhyqKjHInK8QpPbaUsx 8hLK4aoGkYq/6kGcdM9SmbWYX/6l10eQ4KrCi64kXExIoNkaO3CYIiNq6/JkTlpY aaaeHX+RX9BNYQRmBB8rOBvsB7TPahe2XsXwBGvmRkGQPgOLBdvBEQ9nwNldo0G1 sRRjcAirg/37qwpi6Wr6WbNr4d7WnszGGCAtix9se5uWvkiG0mEKyCr6HmzJuFtO 8vQyYuW49Ew5vcKrP2r+D4oGPlO/+eJhTn6Y+TenmpFnYmVr -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:15 2024 by rpki-client on console-ams.rpki-client.org