$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/GDSsx4V3ihb0NLOXgtvSCW9FpUk.roa File: GDSsx4V3ihb0NLOXgtvSCW9FpUk.roa (raw, json) Hash identifier: KG6ZwINA8yQN6tYCEgM9CpuvrU/FspDi+w7F4kdUJxA= Subject key identifier: 18:34:AC:C7:85:77:8A:16:F4:34:B3:97:82:DB:D2:09:6F:45:A5:49 Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 0E6C Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/GDSsx4V3ihb0NLOXgtvSCW9FpUk.roa Signing time: Mon 26 Aug 2024 05:27:27 +0000 ROA not before: Mon 26 Aug 2024 05:27:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17716 IP address blocks: 120.96.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3692 (0xe6c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 26 05:27:27 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1834ACC785778A16F434B39782DBD2096F45A549 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:9d:76:c3:a0:72:69:4c:d6:3f:d1:6d:a4:2d: 64:cf:b2:0c:fd:e5:cd:2b:45:3d:b2:b0:52:4b:46: 0c:6f:bc:85:6d:5b:73:f6:43:dd:47:f8:a2:a3:5a: 2d:e7:54:35:77:8b:55:68:ba:cc:54:b3:d6:c0:f8: fd:2d:df:27:f9:fc:c1:c9:5c:15:15:ea:3f:cc:a2: c7:e7:fc:02:ed:08:3a:bb:7b:be:07:8b:b4:31:19: df:7b:17:af:2a:4f:3b:15:73:0a:90:b5:cf:36:a6: af:a8:05:19:4c:7c:2c:c6:81:23:a2:30:89:83:42: ee:12:c4:7f:ef:6a:6b:54:b8:a1:b4:9d:73:62:b0: 10:bc:a5:3f:ff:32:60:aa:19:99:25:ad:2c:c5:43: d2:32:29:d7:25:ae:d3:c4:d2:6f:e2:49:c6:c2:a8: f9:3b:42:92:b6:81:59:17:b9:d1:db:f6:fe:ef:9e: cf:f8:4c:bd:2f:97:c1:85:02:42:69:98:37:81:ab: 1b:6a:54:ce:51:6e:87:c7:cf:e1:67:49:25:02:dc: 4c:c1:a9:c1:6a:0c:d7:18:27:97:e3:dc:56:75:52: 87:7c:d9:c8:a7:fc:64:f6:8a:95:45:80:23:3f:3d: 60:40:a3:15:09:d5:01:f3:fb:19:ea:50:66:b1:61: ce:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:34:AC:C7:85:77:8A:16:F4:34:B3:97:82:DB:D2:09:6F:45:A5:49 X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/GDSsx4V3ihb0NLOXgtvSCW9FpUk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.96.0.0/19 Signature Algorithm: sha256WithRSAEncryption 6d:e0:53:d6:59:b1:e1:3e:94:1a:0d:a1:fd:a8:07:d2:ba:26: a6:ea:66:fe:1a:b9:36:b8:38:61:28:d7:fa:9c:e8:d7:6a:09: b1:a4:cb:7c:a5:e1:e9:54:8d:46:d4:db:3e:ea:17:1d:5e:1e: dd:6a:23:9e:0d:63:d5:c7:06:70:61:f8:cf:d1:3b:05:68:2b: 22:f9:0f:1c:bc:b9:6e:59:05:7a:95:bf:09:2a:75:0f:88:3a: 7c:6f:0a:2d:17:16:16:ac:f0:56:2b:80:a5:04:dd:33:62:8f: e7:e1:d9:fa:76:d7:c1:41:29:2c:0d:a1:fb:89:34:a6:c1:ab: fe:16:ef:45:19:a6:e2:0f:91:e5:c1:ad:63:b0:7b:9a:0d:01: 29:4d:f1:62:84:98:57:13:56:5f:ef:02:61:38:4b:19:14:48: e3:67:8f:8e:1a:17:9f:e0:fe:9d:ba:38:3f:50:64:e4:8f:18: 2a:94:5e:8e:a3:18:f7:85:16:ed:fe:5f:77:37:4e:d5:43:e0: f9:a4:73:fe:57:fe:5b:24:13:83:a9:bd:a4:40:36:f8:bd:3e: c9:26:da:93:84:71:5a:14:33:f2:d1:19:92:ee:25:19:4d:e5: 0e:c4:14:45:94:df:ef:f4:1e:d9:62:f5:0d:d9:2b:1a:aa:56: dc:c2:32:18 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNDA4MjYw NTI3MjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDE4MzRBQ0M3ODU3NzhB MTZGNDM0QjM5NzgyREJEMjA5NkY0NUE1NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPnXbDoHJpTNY/0W2kLWTPsgz95c0rRT2ysFJLRgxvvIVtW3P2 Q91H+KKjWi3nVDV3i1VousxUs9bA+P0t3yf5/MHJXBUV6j/Mosfn/ALtCDq7e74H i7QxGd97F68qTzsVcwqQtc82pq+oBRlMfCzGgSOiMImDQu4SxH/vamtUuKG0nXNi sBC8pT//MmCqGZklrSzFQ9IyKdclrtPE0m/iScbCqPk7QpK2gVkXudHb9v7vns/4 TL0vl8GFAkJpmDeBqxtqVM5RbofHz+FnSSUC3EzBqcFqDNcYJ5fj3FZ1Uod82cin /GT2ipVFgCM/PWBAoxUJ1QHz+xnqUGaxYc7jAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUGDSsx4V3ihb0NLOXgtvSCW9FpUkwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9HRFNzeDRWM2loYjBOTE9YZ3R2 U0NXOUZwVWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFeGAA MA0GCSqGSIb3DQEBCwUAA4IBAQBt4FPWWbHhPpQaDaH9qAfSuiam6mb+Grk2uDhh KNf6nOjXagmxpMt8peHpVI1G1Ns+6hcdXh7daiOeDWPVxwZwYfjP0TsFaCsi+Q8c vLluWQV6lb8JKnUPiDp8bwotFxYWrPBWK4ClBN0zYo/n4dn6dtfBQSksDaH7iTSm wav+Fu9FGabiD5Hlwa1jsHuaDQEpTfFihJhXE1Zf7wJhOEsZFEjjZ4+OGhef4P6d ujg/UGTkjxgqlF6Ooxj3hRbt/l93N07VQ+D5pHP+V/5bJBODqb2kQDb4vT7JJtqT hHFaFDPy0RmS7iUZTeUOxBRFlN/v9B7ZYvUN2SsaqlbcwjIY -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:15 2024 by rpki-client on console-ams.rpki-client.org