$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/iWx8W6FgEU4RY1QqPa8ONaegMOA.roa File: iWx8W6FgEU4RY1QqPa8ONaegMOA.roa (raw, json) Hash identifier: 8jp5kC0rC0Q4d3fTca8BxqQMDUR04v3mDu/D0szFB58= Subject key identifier: 89:6C:7C:5B:A1:60:11:4E:11:63:54:2A:3D:AF:0E:35:A7:A0:30:E0 Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Certificate serial: 0E46 Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/iWx8W6FgEU4RY1QqPa8ONaegMOA.roa Signing time: Mon 26 Aug 2024 05:27:10 +0000 ROA not before: Mon 26 Aug 2024 05:27:10 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131150 IP address blocks: 163.32.200.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3654 (0xe46) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E Validity Not Before: Aug 26 05:27:10 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=896C7C5BA160114E1163542A3DAF0E35A7A030E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:bb:d7:f3:59:0a:96:ce:8f:d9:f6:77:57:57: cb:df:1e:d0:9f:63:cc:1b:d0:2d:8e:df:f3:20:31: 0a:8c:4e:3a:08:90:3d:34:e0:bc:b1:c8:15:ef:15: df:a1:f6:0f:65:a2:8d:80:98:fa:40:55:ba:dc:f3: 46:6a:9c:f8:f2:b7:ad:e6:bb:1d:b3:43:b8:dc:1b: 0a:c6:09:6b:ff:fb:62:b8:18:e9:5f:11:9f:08:e4: a9:33:d9:d9:bd:e0:a3:7d:27:5c:7b:39:07:f6:c2: 72:fe:c9:b9:0e:fd:99:81:5e:d4:cc:e7:b7:2e:65: a6:f1:e7:46:3c:26:7b:ac:dc:49:58:04:9d:bd:1c: 03:30:f5:21:b8:21:d4:73:d3:2f:7f:10:96:84:4b: c2:83:63:1c:e5:d1:bd:b2:31:8d:42:12:61:b3:f5: 04:d4:8a:49:2c:ef:a4:5e:a6:0b:d1:da:24:1c:2e: 68:dd:55:ec:34:bd:ca:fc:09:9d:8d:1f:b8:ea:df: b5:9d:a7:fa:61:bf:54:2c:05:0d:ef:ba:03:38:db: bf:6f:9f:dd:05:80:fa:d4:bf:fd:b6:30:70:af:55: 27:77:79:0a:33:c9:f5:b8:84:48:1c:67:ee:7e:a9: 81:d4:70:70:13:ef:77:4b:bf:f0:f1:0d:f0:6c:d2: fb:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:6C:7C:5B:A1:60:11:4E:11:63:54:2A:3D:AF:0E:35:A7:A0:30:E0 X509v3 Authority Key Identifier: keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/iWx8W6FgEU4RY1QqPa8ONaegMOA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 163.32.200.0/22 Signature Algorithm: sha256WithRSAEncryption ac:af:5e:86:b1:d4:07:ea:09:f5:c8:7c:7e:23:27:d4:33:27: dc:4b:17:06:6e:4d:09:a5:4f:61:8a:95:8d:a4:bf:32:6b:d8: 54:94:89:42:74:6d:c3:f7:b5:b0:fd:74:d6:12:c6:83:77:ff: cd:5d:e4:7f:88:52:31:25:0f:75:a1:e2:d7:b9:25:a0:18:98: da:78:9c:3c:96:49:1b:c1:38:ff:e0:07:77:32:60:8c:86:48: e2:5e:db:c0:c5:9d:79:5b:c4:bb:9f:9d:d0:72:3b:bd:4a:7f: a8:30:84:82:7a:cb:71:84:66:83:23:00:20:17:0d:84:36:0b: 38:57:15:22:c1:87:de:f0:5b:5d:5c:bf:d4:3a:20:37:95:5c: 05:48:8b:75:3b:9d:ba:af:77:c2:2a:91:e3:96:60:13:fe:ab: 5d:b3:a8:0f:be:2f:09:a9:68:61:bc:42:48:f7:03:1a:0e:49: e0:b5:67:96:28:8e:c5:01:48:40:b6:0b:db:07:bc:a5:60:62: 22:a4:a6:96:91:e8:5d:56:c8:a8:c4:11:c9:c5:f2:9f:d7:c7: 8f:b9:31:58:8f:26:fa:89:f4:7b:0a:19:c5:ae:02:25:43:75: d8:53:8a:0c:6d:03:af:39:82:4f:c2:27:5b:5b:56:ed:3d:72: ae:1b:3b:e2 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDkYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNDA4MjYw NTI3MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5NkM3QzVCQTE2MDEx NEUxMTYzNTQyQTNEQUYwRTM1QTdBMDMwRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHu9fzWQqWzo/Z9ndXV8vfHtCfY8wb0C2O3/MgMQqMTjoIkD00 4LyxyBXvFd+h9g9loo2AmPpAVbrc80ZqnPjyt63mux2zQ7jcGwrGCWv/+2K4GOlf EZ8I5Kkz2dm94KN9J1x7OQf2wnL+ybkO/ZmBXtTM57cuZabx50Y8Jnus3ElYBJ29 HAMw9SG4IdRz0y9/EJaES8KDYxzl0b2yMY1CEmGz9QTUikks76RepgvR2iQcLmjd Vew0vcr8CZ2NH7jq37Wdp/phv1QsBQ3vugM4279vn90FgPrUv/22MHCvVSd3eQoz yfW4hEgcZ+5+qYHUcHAT73dLv/DxDfBs0vsNAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUiWx8W6FgEU4RY1QqPa8ONaegMOAwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF /peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9pV3g4VzZGZ0VVNFJZMVFxUGE4 T05hZWdNT0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoyDI MA0GCSqGSIb3DQEBCwUAA4IBAQCsr16GsdQH6gn1yHx+IyfUMyfcSxcGbk0JpU9h ipWNpL8ya9hUlIlCdG3D97Ww/XTWEsaDd//NXeR/iFIxJQ91oeLXuSWgGJjaeJw8 lkkbwTj/4Ad3MmCMhkjiXtvAxZ15W8S7n53Qcju9Sn+oMISCestxhGaDIwAgFw2E Ngs4VxUiwYfe8FtdXL/UOiA3lVwFSIt1O526r3fCKpHjlmAT/qtds6gPvi8JqWhh vEJI9wMaDkngtWeWKI7FAUhAtgvbB7ylYGIipKaWkehdVsioxBHJxfKf18ePuTFY jyb6ifR7ChnFrgIlQ3XYU4oMbQOvOYJPwidbW1btPXKuGzvi -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:44 2024 by rpki-client on console-fra.rpki-client.org