$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/V2aQlBbJZGa2s2aElz-vjIvjX0Y.roa File: V2aQlBbJZGa2s2aElz-vjIvjX0Y.roa (raw, json) Hash identifier: MqRw4VxkNlfVvE4wBWONuKJc4Bv+GEeY+dPi1yENXP8= Subject key identifier: 57:66:90:94:16:C9:64:66:B6:B3:66:84:97:3F:AF:8C:8B:E3:5F:46 Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 0E58 Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/V2aQlBbJZGa2s2aElz-vjIvjX0Y.roa Signing time: Mon 26 Aug 2024 05:27:16 +0000 ROA not before: Mon 26 Aug 2024 05:27:16 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131150 IP address blocks: 163.32.140.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3672 (0xe58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 26 05:27:16 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5766909416C96466B6B36684973FAF8C8BE35F46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:45:98:61:55:14:63:b0:cd:b1:c4:20:04:3f: 6c:15:5b:3d:57:12:00:b7:ff:35:50:58:21:e8:be: 63:38:85:14:57:00:2f:b1:fd:ad:69:e5:5b:b1:24: 08:b6:e0:00:2f:a1:1f:24:6e:6b:bb:c5:83:eb:63: ff:d9:1b:d1:98:62:bc:3e:dd:d6:f0:4e:0a:ca:c2: 9f:ed:94:dc:30:2a:ed:9d:50:e9:6c:90:e8:30:9e: f4:ea:d7:59:15:7e:89:3d:f9:b6:95:70:0b:bb:7e: 9c:f6:b9:08:d5:a1:12:50:e3:54:51:63:bf:0d:f3: 27:b6:fb:31:02:fc:b9:61:e0:2d:e2:9c:5e:2b:fd: a0:02:ff:b9:69:ab:79:b6:c2:87:f4:7b:e9:ab:c8: 90:03:7a:fd:5f:9d:28:8f:72:85:b6:c7:bf:17:34: 15:f5:b5:74:a4:d3:6f:bf:59:26:4d:e5:b7:3d:09: 0e:2c:37:39:d7:23:33:56:49:e0:41:a3:97:5c:a7: 07:29:26:26:39:40:e6:78:41:98:29:e9:27:c3:e9: 81:8c:fb:45:06:0b:14:0b:50:67:c4:5e:4e:64:b2: 68:7e:e6:0b:91:3c:fc:d3:c2:65:74:e3:9b:e6:fd: 45:f8:e2:51:f3:4c:61:5e:9e:00:4d:4f:dc:ad:a3: 2c:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:66:90:94:16:C9:64:66:B6:B3:66:84:97:3F:AF:8C:8B:E3:5F:46 X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/V2aQlBbJZGa2s2aElz-vjIvjX0Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 163.32.140.0/22 Signature Algorithm: sha256WithRSAEncryption 38:c9:3c:9a:0a:d1:68:22:b3:cb:4f:ea:dc:c7:56:5e:76:af: 37:53:bc:f9:73:df:cd:d6:07:36:c3:8d:60:d2:1c:71:be:38: 2d:35:56:b3:4e:fe:eb:e3:f7:ed:08:8e:99:32:8d:52:37:e2: 99:f0:e3:92:c8:ce:83:bb:2a:3a:d4:30:e2:3f:86:12:14:7c: f9:58:84:59:21:ed:68:9d:e7:96:e0:a7:72:8c:c2:dc:ea:c6: 91:38:11:da:cf:ee:0a:ce:ca:cb:7b:75:f7:da:9b:22:10:b0: 39:95:8f:c4:fe:47:c7:5d:11:6c:3f:1c:4b:b7:b3:03:b4:99: 3d:b5:ac:fa:b2:17:b9:29:5c:80:8e:ce:2d:d0:c0:4d:93:b1: 4d:f8:60:30:62:8d:5c:39:31:17:f2:3f:84:1b:67:ab:3d:f8: 48:95:de:f9:31:89:9c:c6:ec:6d:d5:17:24:fb:46:51:e3:36: 06:ac:72:e5:4d:cd:4c:56:c0:5f:ec:98:23:cf:f1:5d:74:1a: 0d:45:24:11:3f:11:3f:3b:79:5e:7b:62:61:e7:b8:13:1c:c9: 87:eb:54:38:ed:e5:c1:2f:f0:12:41:a7:e1:d5:3a:b4:99:d1: 0a:e2:3c:67:c6:62:aa:de:d8:ee:64:c9:75:43:0b:1c:f6:0c: b5:97:9f:e9 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNDA4MjYw NTI3MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU3NjY5MDk0MTZDOTY0 NjZCNkIzNjY4NDk3M0ZBRjhDOEJFMzVGNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDERZhhVRRjsM2xxCAEP2wVWz1XEgC3/zVQWCHovmM4hRRXAC+x /a1p5VuxJAi24AAvoR8kbmu7xYPrY//ZG9GYYrw+3dbwTgrKwp/tlNwwKu2dUOls kOgwnvTq11kVfok9+baVcAu7fpz2uQjVoRJQ41RRY78N8ye2+zEC/Llh4C3inF4r /aAC/7lpq3m2wof0e+mryJADev1fnSiPcoW2x78XNBX1tXSk02+/WSZN5bc9CQ4s NznXIzNWSeBBo5dcpwcpJiY5QOZ4QZgp6SfD6YGM+0UGCxQLUGfEXk5ksmh+5guR PPzTwmV045vm/UX44lHzTGFengBNT9ytoyy3AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUV2aQlBbJZGa2s2aElz+vjIvjX0YwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9WMmFRbEJiSlpHYTJzMmFFbHot dmpJdmpYMFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoyCM MA0GCSqGSIb3DQEBCwUAA4IBAQA4yTyaCtFoIrPLT+rcx1Zedq83U7z5c9/N1gc2 w41g0hxxvjgtNVazTv7r4/ftCI6ZMo1SN+KZ8OOSyM6Duyo61DDiP4YSFHz5WIRZ Ie1oneeW4KdyjMLc6saROBHaz+4KzsrLe3X32psiELA5lY/E/kfHXRFsPxxLt7MD tJk9taz6she5KVyAjs4t0MBNk7FN+GAwYo1cOTEX8j+EG2erPfhIld75MYmcxuxt 1Rck+0ZR4zYGrHLlTc1MVsBf7Jgjz/FddBoNRSQRPxE/O3lee2Jh57gTHMmH61Q4 7eXBL/ASQafh1Tq0mdEK4jxnxmKq3tjuZMl1Qwsc9gy1l5/p -----END CERTIFICATE-----Generated at Fri Nov 22 14:13:14 2024 by rpki-client on console-fra.rpki-client.org