$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/gl66Sa4CtExqU6U9CUmUm8-favU.roa File: gl66Sa4CtExqU6U9CUmUm8-favU.roa (raw, json) Hash identifier: mnKScoqCWKP77LQjMukvIZYpSEp2gMqQCXvW8Rg7kO4= Subject key identifier: 82:5E:BA:49:AE:02:B4:4C:6A:53:A5:3D:09:49:94:9B:CF:9F:6A:F5 Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 0E67 Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/gl66Sa4CtExqU6U9CUmUm8-favU.roa Signing time: Mon 26 Aug 2024 05:27:25 +0000 ROA not before: Mon 26 Aug 2024 05:27:25 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131150 IP address blocks: 163.32.136.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Sep 2024 00:49:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3687 (0xe67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 26 05:27:25 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=825EBA49AE02B44C6A53A53D0949949BCF9F6AF5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:39:e1:ff:6b:b4:8c:da:26:4d:8f:c8:53:27: 75:12:29:f0:2a:5c:0c:56:59:13:a6:35:a6:26:d9: 94:a5:03:ac:a6:30:9e:bf:d6:fa:0d:3a:b7:c2:8c: cb:17:b9:cb:8b:5b:5c:9f:12:f1:d0:35:06:79:b8: 2f:83:6d:c9:75:48:df:66:a0:11:83:ed:17:08:2f: 59:43:0f:ef:9f:b1:c4:f0:93:77:a4:85:38:e7:79: 3d:b9:3d:25:49:f2:e4:ea:c7:45:3b:54:de:91:a6: 57:de:03:86:5f:d4:1f:50:a7:96:a8:77:83:81:ee: 01:30:3c:79:d9:b2:90:d9:fe:d5:34:9e:d5:66:e2: ea:3c:86:95:34:ad:a8:be:58:80:b0:98:a4:7c:d5: 6e:0b:d5:da:7c:b8:b8:75:f8:8f:06:08:20:8c:ab: 9a:e7:8c:fc:df:5c:03:a5:f0:8f:89:b6:8b:f7:bf: b5:dd:e8:44:69:dd:0e:bd:64:f1:f1:3e:22:fc:f6: 91:d2:be:7e:57:96:10:58:38:df:22:d6:ac:47:27: 1e:84:14:7a:9a:97:2e:9d:26:c8:c4:4a:68:a3:5f: a7:1b:f5:33:99:c6:9a:46:5a:da:4c:20:3a:f5:b0: a2:fb:d1:e1:77:33:23:5b:af:b3:84:cd:4b:9b:3e: 88:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:5E:BA:49:AE:02:B4:4C:6A:53:A5:3D:09:49:94:9B:CF:9F:6A:F5 X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/gl66Sa4CtExqU6U9CUmUm8-favU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 163.32.136.0/22 Signature Algorithm: sha256WithRSAEncryption a8:f3:39:de:5e:3b:ad:bf:a5:a7:de:77:43:2c:06:1a:0c:16: e9:20:fe:0c:1e:30:1a:25:f2:81:60:62:1e:a8:39:c3:89:ed: 87:9f:61:16:d8:a6:e5:76:6a:59:86:19:5d:99:2a:0b:a5:fb: 54:23:83:01:43:73:62:a5:08:c3:c2:5e:1d:32:b0:a5:dd:55: fa:c0:e8:7f:d4:aa:ec:12:b4:be:3a:8d:58:22:89:eb:73:5b: 9b:cd:1f:dd:15:05:56:41:8f:26:6c:72:0b:9a:f8:d2:99:75: 8f:4d:a5:4b:c3:dd:6a:a9:6b:57:0e:80:72:04:53:26:02:65: 28:15:c9:65:03:07:70:2b:40:b0:b2:11:74:cf:8d:47:53:a8: 92:a6:5e:34:95:e8:9d:d3:08:fb:97:0d:95:f0:a3:2e:ed:73: ca:e4:9f:82:81:18:00:28:d1:5c:d6:98:c3:3e:e6:5b:01:5a: 4b:ce:8e:41:81:40:66:c7:6f:3f:0e:d6:e6:c5:08:28:e3:91: 15:04:77:e9:ee:4c:37:86:96:a3:76:1a:5c:9f:2c:93:7e:af: 9f:7c:19:56:09:e7:e2:10:ce:b0:39:89:98:64:20:81:02:59: 9f:dc:e4:7d:90:b7:d3:cc:8f:b2:33:99:c2:7f:09:8f:fe:f4: 21:f8:fd:91 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNDA4MjYw NTI3MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgyNUVCQTQ5QUUwMkI0 NEM2QTUzQTUzRDA5NDk5NDlCQ0Y5RjZBRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPOeH/a7SM2iZNj8hTJ3USKfAqXAxWWROmNaYm2ZSlA6ymMJ6/ 1voNOrfCjMsXucuLW1yfEvHQNQZ5uC+Dbcl1SN9moBGD7RcIL1lDD++fscTwk3ek hTjneT25PSVJ8uTqx0U7VN6RplfeA4Zf1B9Qp5aod4OB7gEwPHnZspDZ/tU0ntVm 4uo8hpU0rai+WICwmKR81W4L1dp8uLh1+I8GCCCMq5rnjPzfXAOl8I+Jtov3v7Xd 6ERp3Q69ZPHxPiL89pHSvn5XlhBYON8i1qxHJx6EFHqaly6dJsjESmijX6cb9TOZ xppGWtpMIDr1sKL70eF3MyNbr7OEzUubPogtAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUgl66Sa4CtExqU6U9CUmUm8+favUwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9nbDY2U2E0Q3RFeHFVNlU5Q1Vt VW04LWZhdlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoyCI MA0GCSqGSIb3DQEBCwUAA4IBAQCo8zneXjutv6Wn3ndDLAYaDBbpIP4MHjAaJfKB YGIeqDnDie2Hn2EW2KbldmpZhhldmSoLpftUI4MBQ3NipQjDwl4dMrCl3VX6wOh/ 1KrsErS+Oo1YIonrc1ubzR/dFQVWQY8mbHILmvjSmXWPTaVLw91qqWtXDoByBFMm AmUoFcllAwdwK0CwshF0z41HU6iSpl40leid0wj7lw2V8KMu7XPK5J+CgRgAKNFc 1pjDPuZbAVpLzo5BgUBmx28/DtbmxQgo45EVBHfp7kw3hpajdhpcnyyTfq+ffBlW CefiEM6wOYmYZCCBAlmf3OR9kLfTzI+yM5nCfwmP/vQh+P2R -----END CERTIFICATE-----Generated at Fri Sep 20 21:34:50 2024 by rpki-client on console-ams.rpki-client.org