$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/9FGsZLe8eZrYfFwi51S5LgYqv5k.roa File: 9FGsZLe8eZrYfFwi51S5LgYqv5k.roa (raw, json) Hash identifier: 7sj6doovqe2MIaZ67WepDkRzSFQvnmgwapOAUjkCxIM= Subject key identifier: F4:51:AC:64:B7:BC:79:9A:D8:7C:5C:22:E7:54:B9:2E:06:2A:BF:99 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0DE9 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9FGsZLe8eZrYfFwi51S5LgYqv5k.roa Signing time: Mon 26 Aug 2024 05:27:18 +0000 ROA not before: Mon 26 Aug 2024 05:27:18 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38844 IP address blocks: 140.122.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3561 (0xde9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Aug 26 05:27:18 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=F451AC64B7BC799AD87C5C22E754B92E062ABF99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a7:08:9b:f9:18:bb:70:a8:ce:53:a6:c4:96: 09:67:e2:0f:88:88:40:a9:98:8c:23:79:91:ad:6c: 60:14:48:de:a2:da:9f:ed:89:88:e3:97:ee:23:a4: 71:9b:19:26:52:33:a4:9e:c7:e6:7f:37:3e:60:c1: 07:87:4e:fe:40:04:18:fc:9f:29:c1:62:89:9d:69: a7:b6:b5:27:46:26:ad:dd:51:b6:99:7d:3c:00:f1: 2d:4a:9a:2e:46:9b:82:0c:13:46:75:71:ac:86:3b: 1f:ee:ee:7d:2d:d7:e9:bd:62:ae:95:d8:09:43:02: b7:95:2d:69:39:6b:66:88:95:d6:46:37:c6:f3:99: fc:99:a1:e4:35:37:83:65:79:5a:70:b1:95:16:f6: 31:2c:69:10:b9:d6:f8:fb:e5:89:a1:75:b9:56:d8: 4d:4b:79:a4:a1:17:73:c8:2d:4c:0d:b2:cc:4f:2f: 4b:60:fa:a8:fa:b0:a8:8f:21:74:40:74:29:c4:33: cd:a5:be:b3:c4:aa:84:cb:b7:e3:07:90:67:52:e1: 93:57:e0:95:ac:ee:15:8e:28:31:10:02:9a:ea:a0: d1:58:49:93:c4:67:00:58:16:b6:f8:0e:77:36:b1: bc:80:2d:ad:54:61:18:0b:ec:72:a0:d7:57:b2:de: ec:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:51:AC:64:B7:BC:79:9A:D8:7C:5C:22:E7:54:B9:2E:06:2A:BF:99 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9FGsZLe8eZrYfFwi51S5LgYqv5k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.122.0.0/16 Signature Algorithm: sha256WithRSAEncryption 8a:b2:de:5c:6a:46:4d:66:fb:60:8f:fa:a1:6a:6a:8b:e8:59: d9:c6:56:56:8c:95:f7:6a:47:76:04:b0:fc:cf:a6:71:41:62: 95:83:d5:25:5f:5c:f2:04:4f:ad:c9:11:e2:21:11:07:66:e1: 30:34:1e:89:5f:7d:4d:c4:44:30:bb:51:9d:e3:e8:07:0f:4e: 72:1f:98:4d:db:c1:2a:44:a8:4d:4d:b6:2b:d2:25:ac:3f:23: a3:29:46:d9:dd:93:47:3d:a0:04:3b:f4:5b:7b:66:3d:ff:bd: 97:be:ee:82:0c:24:d0:cb:1b:c3:4a:6e:7a:20:ea:d0:15:77: 77:8f:37:d0:7c:10:40:9a:a2:87:96:da:5e:12:a6:13:7b:eb: c5:32:6d:44:a4:94:f3:99:f3:4a:a0:69:73:c2:0d:0d:b6:c1: 77:e4:df:cb:37:fa:cc:b8:3c:8e:17:2e:26:63:06:fa:7b:f5: 0c:0f:e9:ba:9d:90:75:36:bd:fe:5c:2d:61:62:9e:3c:6a:c6: 71:f8:c8:5a:30:e2:63:ae:cf:32:ae:2f:4f:24:31:b0:0d:91: 6b:28:98:16:48:fe:99:a3:43:39:4c:db:2d:5a:61:64:50:1c: ad:95:23:95:a5:64:09:0c:b3:4b:3c:1a:c8:d3:f0:cd:bc:98: d4:83:52:a2 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNDA4MjYw NTI3MThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY0NTFBQzY0QjdCQzc5 OUFEODdDNUMyMkU3NTRCOTJFMDYyQUJGOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/pwib+Ri7cKjOU6bElgln4g+IiECpmIwjeZGtbGAUSN6i2p/t iYjjl+4jpHGbGSZSM6Sex+Z/Nz5gwQeHTv5ABBj8nynBYomdaae2tSdGJq3dUbaZ fTwA8S1Kmi5Gm4IME0Z1cayGOx/u7n0t1+m9Yq6V2AlDAreVLWk5a2aIldZGN8bz mfyZoeQ1N4NleVpwsZUW9jEsaRC51vj75YmhdblW2E1LeaShF3PILUwNssxPL0tg +qj6sKiPIXRAdCnEM82lvrPEqoTLt+MHkGdS4ZNX4JWs7hWOKDEQAprqoNFYSZPE ZwBYFrb4Dnc2sbyALa1UYRgL7HKg11ey3ux/AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU9FGsZLe8eZrYfFwi51S5LgYqv5kwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC85RkdzWkxlOGVacllmRndpNTFT NUxnWXF2NWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHow DQYJKoZIhvcNAQELBQADggEBAIqy3lxqRk1m+2CP+qFqaovoWdnGVlaMlfdqR3YE sPzPpnFBYpWD1SVfXPIET63JEeIhEQdm4TA0HolffU3ERDC7UZ3j6AcPTnIfmE3b wSpEqE1NtivSJaw/I6MpRtndk0c9oAQ79Ft7Zj3/vZe+7oIMJNDLG8NKbnog6tAV d3ePN9B8EECaooeW2l4SphN768UybUSklPOZ80qgaXPCDQ22wXfk38s3+sy4PI4X LiZjBvp79QwP6bqdkHU2vf5cLWFinjxqxnH4yFow4mOuzzKuL08kMbANkWsomBZI /pmjQzlM2y1aYWRQHK2VI5WlZAkMs0s8GsjT8M28mNSDUqI= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:35 2024 by rpki-client on console-ams.rpki-client.org