$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/CG3kD_QG9SlBs1xR2lMF0xaSDmk.roa File: CG3kD_QG9SlBs1xR2lMF0xaSDmk.roa (raw, json) Hash identifier: AawPuLQKC4qqc6j0kDap4exZlxSCFzlekNndDWc4cag= Subject key identifier: 08:6D:E4:0F:F4:06:F5:29:41:B3:5C:51:DA:53:05:D3:16:92:0E:69 Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Certificate serial: 0DF4 Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CG3kD_QG9SlBs1xR2lMF0xaSDmk.roa Signing time: Mon 26 Aug 2024 05:27:25 +0000 ROA not before: Mon 26 Aug 2024 05:27:25 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38847 IP address blocks: 140.120.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3572 (0xdf4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A Validity Not Before: Aug 26 05:27:25 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=086DE40FF406F52941B35C51DA5305D316920E69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:bf:cf:c9:9e:56:1b:1c:91:1c:97:95:23:8d: 0a:56:ae:c3:b8:2d:37:16:91:14:1c:bf:37:cc:19: dc:f5:73:62:5c:f6:da:46:da:6b:2c:7a:7d:a4:c5: f6:a3:52:d6:97:54:f3:48:0e:42:b1:bd:fa:ad:4c: db:b0:63:4a:7c:17:de:40:40:1c:43:0e:7e:44:94: 7f:c8:b1:96:33:c7:93:ed:96:c5:46:c8:c6:88:b0: f0:aa:3b:96:e0:66:0d:c6:da:0c:b3:e6:5d:36:a7: cd:88:3a:63:05:19:a0:20:12:50:d4:64:a2:85:eb: 3f:35:51:81:ff:fb:f7:a5:3b:4c:6a:26:50:56:40: bf:d6:04:5c:04:12:24:3b:9f:3f:e8:d1:82:c5:f6: 94:d2:49:1d:72:f5:37:1b:2d:93:1f:c4:da:0d:ce: f6:af:91:94:70:be:01:ea:90:8f:39:fc:c4:99:91: 63:b2:a5:3e:a3:d8:0b:4f:9e:9a:21:8c:53:85:f4: 05:38:b2:e3:8b:4a:44:6c:a4:a3:15:20:0d:77:c9: 61:bc:bc:77:60:29:21:2f:ff:6c:9c:d2:90:a5:f0: de:a0:5c:34:e0:de:56:47:f2:3a:09:b0:87:14:b7: 3a:6b:39:c9:e9:ee:c4:67:b3:cc:d2:b3:96:59:86: 55:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:6D:E4:0F:F4:06:F5:29:41:B3:5C:51:DA:53:05:D3:16:92:0E:69 X509v3 Authority Key Identifier: keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CG3kD_QG9SlBs1xR2lMF0xaSDmk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 140.120.0.0/16 Signature Algorithm: sha256WithRSAEncryption 16:cc:02:7d:bf:71:45:39:f7:49:e0:de:1f:50:0e:6f:54:98: b8:06:1b:9e:bd:b9:5c:61:34:84:14:87:5a:d3:bc:1e:37:90: ca:b1:52:fa:e7:23:a6:41:68:8f:9f:62:8f:b4:c2:28:65:47: 22:5b:00:76:c2:61:18:c0:e9:27:79:bd:e5:01:99:10:ab:e8: 29:cd:91:81:1f:44:d4:b4:fd:90:8d:de:01:11:18:9a:f1:02: 6d:07:cb:62:b8:0f:66:29:e1:e2:8b:35:ee:3e:46:7e:4e:25: 65:4a:00:86:52:1c:88:fc:60:e0:a3:fb:36:af:33:e3:e7:97: 16:b2:73:44:a2:a0:92:4b:ea:51:c9:04:3b:a6:df:00:8b:9e: c8:45:f3:fe:f1:a9:9a:1f:1f:7b:ce:a7:ce:10:74:bb:10:3b: 4e:64:fe:c4:56:cc:c8:73:ff:4f:5b:26:19:1e:d5:3b:be:f7: 0b:81:50:26:8c:2d:29:97:81:d0:31:1e:d1:ea:d8:0d:b4:dd: 12:4c:49:1c:78:d8:17:7c:4b:4a:4c:68:85:fb:28:44:26:37: 4f:9d:ee:9b:df:91:a0:ad:75:a7:fb:de:db:29:6a:1c:89:04: fd:56:cb:1d:fd:93:e3:c2:83:00:c1:e7:c1:ff:27:ab:4b:13: bf:c1:ce:e6 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3 QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNDA4MjYw NTI3MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4NkRFNDBGRjQwNkY1 Mjk0MUIzNUM1MURBNTMwNUQzMTY5MjBFNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAv8/JnlYbHJEcl5UjjQpWrsO4LTcWkRQcvzfMGdz1c2Jc9tpG 2mssen2kxfajUtaXVPNIDkKxvfqtTNuwY0p8F95AQBxDDn5ElH/IsZYzx5PtlsVG yMaIsPCqO5bgZg3G2gyz5l02p82IOmMFGaAgElDUZKKF6z81UYH/+/elO0xqJlBW QL/WBFwEEiQ7nz/o0YLF9pTSSR1y9TcbLZMfxNoNzvavkZRwvgHqkI85/MSZkWOy pT6j2AtPnpohjFOF9AU4suOLSkRspKMVIA13yWG8vHdgKSEv/2yc0pCl8N6gXDTg 3lZH8joJsIcUtzprOcnp7sRns8zSs5ZZhlXlAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUCG3kD/QG9SlBs1xR2lMF0xaSDmkwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+ tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9DRzNrRF9RRzlTbEJzMXhSMmxN RjB4YVNEbWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHgw DQYJKoZIhvcNAQELBQADggEBABbMAn2/cUU590ng3h9QDm9UmLgGG569uVxhNIQU h1rTvB43kMqxUvrnI6ZBaI+fYo+0wihlRyJbAHbCYRjA6Sd5veUBmRCr6CnNkYEf RNS0/ZCN3gERGJrxAm0Hy2K4D2Yp4eKLNe4+Rn5OJWVKAIZSHIj8YOCj+zavM+Pn lxayc0SioJJL6lHJBDum3wCLnshF8/7xqZofH3vOp84QdLsQO05k/sRWzMhz/09b Jhke1Tu+9wuBUCaMLSmXgdAxHtHq2A203RJMSRx42Bd8S0pMaIX7KEQmN0+d7pvf kaCtdaf73tspahyJBP1Wyx39k+PCgwDB58H/J6tLE7/BzuY= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:35 2024 by rpki-client on console-ams.rpki-client.org