$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/8s-MZc8TTa7JiE3P6D_u6WVtTb4.roa File: 8s-MZc8TTa7JiE3P6D_u6WVtTb4.roa (raw, json) Hash identifier: lOntXVhcF20tyQFmNWGjx/KT1a2WD/XhujukuSg25OE= Subject key identifier: F2:CF:8C:65:CF:13:4D:AE:C9:88:4D:CF:E8:3F:EE:E9:65:6D:4D:BE Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 0E52 Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/8s-MZc8TTa7JiE3P6D_u6WVtTb4.roa Signing time: Mon 26 Aug 2024 05:27:14 +0000 ROA not before: Mon 26 Aug 2024 05:27:14 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18185 IP address blocks: 120.117.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3666 (0xe52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 26 05:27:14 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=F2CF8C65CF134DAEC9884DCFE83FEEE9656D4DBE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:67:e3:00:73:25:b2:83:2e:31:de:b5:48:e6: 65:d4:c0:1a:ab:89:52:86:fc:ec:1a:5f:4f:f0:a9: 25:40:a2:57:ac:46:29:9c:48:22:38:6a:c6:ca:25: 06:40:0e:3a:66:13:bd:f1:81:35:d4:f8:36:49:dc: 8d:a9:2f:20:9f:58:ff:e8:5f:74:6c:9a:f8:2c:1c: cb:ca:e2:d9:ac:c7:ad:cd:f3:e2:13:39:15:7f:72: 55:f6:05:1f:71:78:65:dd:68:d6:42:77:b1:54:76: b6:59:d9:68:98:9c:79:42:58:b3:02:da:d3:b4:1b: 7d:51:10:94:af:25:a4:20:2f:c0:57:45:94:25:c5: 2c:76:8d:00:22:cf:a4:3a:bc:5d:5b:6c:71:f6:6b: e2:3f:fa:5f:e1:94:56:a5:2d:0c:aa:23:17:2e:b9: 81:ac:9c:8b:29:26:ea:47:7a:45:c8:66:9e:ef:1c: a0:88:2a:e3:a8:ed:c9:f5:57:80:1c:a3:d8:9f:2c: 2c:9b:22:32:79:bd:53:bf:84:24:64:62:5f:b7:4e: e8:cb:1b:89:72:fd:c4:00:0f:05:89:0d:c9:60:12: 47:fa:99:b3:77:30:68:76:0e:fc:dc:32:66:82:23: 9f:2e:92:b6:9f:1f:2a:04:4f:a8:9a:55:13:51:6e: 52:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:CF:8C:65:CF:13:4D:AE:C9:88:4D:CF:E8:3F:EE:E9:65:6D:4D:BE X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/8s-MZc8TTa7JiE3P6D_u6WVtTb4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.117.1.0/24 Signature Algorithm: sha256WithRSAEncryption 61:f1:c4:db:61:d6:76:10:d2:96:5e:00:e6:d1:25:7d:40:bb: 0d:76:7a:33:56:62:a7:d8:df:9b:21:20:a1:89:f1:3e:a4:f6: 64:e7:07:90:6c:2e:10:10:d0:7d:4e:65:6b:cb:40:42:dd:73: 32:ef:80:73:12:c1:fd:91:b3:f0:6c:69:46:f1:10:92:16:cf: 18:8c:8c:75:69:6f:03:54:ba:ee:be:00:f1:14:c9:4d:e2:db: 0b:f7:44:af:8a:85:07:e3:fd:d3:f4:e5:f1:20:43:e9:68:d1: cb:fd:7e:9b:87:94:f6:17:86:a0:f9:02:b1:18:c0:b4:bf:33: f2:cb:ef:a2:e2:4a:d9:fe:c6:9e:8b:08:f1:d7:6e:9f:f5:2d: 87:34:41:47:ce:6f:7e:8f:06:e5:b6:e7:36:41:18:7f:8e:3c: e5:61:1b:4c:a7:b0:3f:58:03:c6:7c:6b:88:ef:5c:ac:65:b1: 5e:6f:a1:9b:53:93:18:a2:75:a5:51:85:7e:fa:de:a0:f7:af: 29:24:94:34:da:57:41:59:34:7c:bf:81:5b:2b:35:c3:79:10: 51:b8:4d:26:bf:a5:b3:d6:0b:1e:0f:8d:88:03:6b:eb:24:a9: 5c:66:b2:f8:c1:d9:56:a6:83:3d:72:21:14:f9:51:63:a2:d8: f5:b0:74:06 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNDA4MjYw NTI3MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEYyQ0Y4QzY1Q0YxMzRE QUVDOTg4NERDRkU4M0ZFRUU5NjU2RDREQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+Z+MAcyWygy4x3rVI5mXUwBqriVKG/OwaX0/wqSVAolesRimc SCI4asbKJQZADjpmE73xgTXU+DZJ3I2pLyCfWP/oX3RsmvgsHMvK4tmsx63N8+IT ORV/clX2BR9xeGXdaNZCd7FUdrZZ2WiYnHlCWLMC2tO0G31REJSvJaQgL8BXRZQl xSx2jQAiz6Q6vF1bbHH2a+I/+l/hlFalLQyqIxcuuYGsnIspJupHekXIZp7vHKCI KuOo7cn1V4Aco9ifLCybIjJ5vVO/hCRkYl+3TujLG4ly/cQADwWJDclgEkf6mbN3 MGh2DvzcMmaCI58ukrafHyoET6iaVRNRblLhAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU8s+MZc8TTa7JiE3P6D/u6WVtTb4wHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC84cy1NWmM4VFRhN0ppRTNQNkRf dTZXVnRUYjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeHUB MA0GCSqGSIb3DQEBCwUAA4IBAQBh8cTbYdZ2ENKWXgDm0SV9QLsNdnozVmKn2N+b ISChifE+pPZk5weQbC4QENB9TmVry0BC3XMy74BzEsH9kbPwbGlG8RCSFs8YjIx1 aW8DVLruvgDxFMlN4tsL90SvioUH4/3T9OXxIEPpaNHL/X6bh5T2F4ag+QKxGMC0 vzPyy++i4krZ/saeiwjx126f9S2HNEFHzm9+jwbltuc2QRh/jjzlYRtMp7A/WAPG fGuI71ysZbFeb6GbU5MYonWlUYV++t6g968pJJQ02ldBWTR8v4FbKzXDeRBRuE0m v6Wz1gseD42IA2vrJKlcZrL4wdlWpoM9ciEU+VFjotj1sHQG -----END CERTIFICATE-----Generated at Fri Nov 22 14:13:13 2024 by rpki-client on console-fra.rpki-client.org