$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/YDQQq7SvpLrjZPwW3ZlIWhYrgc8.roa File: YDQQq7SvpLrjZPwW3ZlIWhYrgc8.roa (raw, json) Hash identifier: yeOY8p4Qk90S7QTdiuQ1GJDPULAHO50VGUhFX73CUaI= Subject key identifier: 60:34:10:AB:B4:AF:A4:BA:E3:64:FC:16:DD:99:48:5A:16:2B:81:CF Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 32C3 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/YDQQq7SvpLrjZPwW3ZlIWhYrgc8.roa Signing time: Mon 26 Aug 2024 05:31:59 +0000 ROA not before: Mon 26 Aug 2024 05:31:59 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38841 IP address blocks: 118.232.248.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12995 (0x32c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Aug 26 05:31:59 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=603410ABB4AFA4BAE364FC16DD99485A162B81CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:df:c4:ba:09:4e:6c:03:69:43:ed:98:26:19: 94:9e:da:28:c1:d9:d8:d3:d6:fa:41:19:30:43:bc: ef:45:6c:35:87:46:b6:4c:8e:c1:6c:f5:19:c9:fc: 0d:b7:1e:76:2b:f8:91:6f:35:3d:1b:3a:31:b4:d4: c2:a3:65:ea:c7:f4:3c:d4:b9:1d:3d:ba:6f:2a:5b: 7f:b6:e6:2d:b2:35:be:2f:a1:07:04:8c:c7:5e:d5: 4a:8b:58:89:ce:c9:d3:e9:c6:08:d1:9d:fc:05:d6: bd:b9:67:70:5f:45:f3:05:c5:37:f3:be:7f:7b:c1: b3:7e:bf:4f:ba:7e:db:c6:f4:50:07:07:91:01:be: d3:3c:26:46:6c:e0:7e:d4:62:bb:97:22:fd:08:ed: de:c9:fb:02:ec:f9:b2:d4:ed:8e:6f:cd:5e:bf:d3: e8:92:fd:00:75:1f:fc:3e:7f:82:6c:2d:ff:c2:57: 75:00:af:51:2b:0a:16:39:d7:b4:51:b4:dc:99:c2: ff:a2:fe:5b:2d:83:f4:9c:ee:25:d1:c3:03:cf:0e: 4e:25:d2:d9:19:df:a7:7a:49:97:bf:d3:c8:fa:2a: 4b:67:30:85:f2:6b:d8:4a:30:81:ed:a4:d5:b6:be: c5:50:dd:19:4d:99:c2:0c:3c:72:c8:27:f7:6d:d0: 19:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:34:10:AB:B4:AF:A4:BA:E3:64:FC:16:DD:99:48:5A:16:2B:81:CF X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/YDQQq7SvpLrjZPwW3ZlIWhYrgc8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.232.248.0/21 Signature Algorithm: sha256WithRSAEncryption 1b:98:99:bd:14:96:46:0a:87:81:13:9c:22:96:1f:11:75:4c: 77:06:aa:18:31:d3:60:15:11:0d:23:b1:f9:56:44:00:4c:23: c7:60:9b:12:a3:69:96:f3:9b:71:dc:d4:48:a6:4c:f1:34:23: 3e:56:1c:01:96:30:87:28:ae:50:e7:77:ac:f3:9d:d4:11:f6: 25:6b:9e:d6:5d:df:46:a0:96:2a:c3:32:23:52:55:39:e6:70: bb:a8:31:20:ce:86:bc:f0:6a:5b:f5:d5:07:39:50:c9:ad:5f: e8:2c:d3:6a:71:ba:2a:78:26:ab:1d:1b:e7:88:59:7c:49:ae: d3:01:dc:7b:d1:15:b3:09:a5:2f:2f:3c:51:8c:04:47:13:6e: ed:ba:3c:d9:29:fe:9a:6b:c5:71:3f:5a:c5:7c:8a:d7:83:0e: fc:60:04:21:bf:8c:a2:84:5b:14:07:00:d0:ee:d0:06:da:8d: 88:3d:21:9d:5b:0e:73:0a:61:ea:55:17:80:77:5c:4c:d8:d5: fe:46:dc:fc:25:ca:4c:77:3a:d9:f1:94:4f:13:50:98:7d:67: b6:1a:8a:33:a2:67:cf:e2:bb:74:49:fe:05:7a:f0:77:f9:78: 56:6f:e6:63:34:c2:52:42:be:8b:a6:ba:71:48:5a:a1:dc:82: f3:62:5b:5e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICMsMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw NTMxNTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYwMzQxMEFCQjRBRkE0 QkFFMzY0RkMxNkREOTk0ODVBMTYyQjgxQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZ38S6CU5sA2lD7ZgmGZSe2ijB2djT1vpBGTBDvO9FbDWHRrZM jsFs9RnJ/A23HnYr+JFvNT0bOjG01MKjZerH9DzUuR09um8qW3+25i2yNb4voQcE jMde1UqLWInOydPpxgjRnfwF1r25Z3BfRfMFxTfzvn97wbN+v0+6ftvG9FAHB5EB vtM8JkZs4H7UYruXIv0I7d7J+wLs+bLU7Y5vzV6/0+iS/QB1H/w+f4JsLf/CV3UA r1ErChY517RRtNyZwv+i/lstg/Sc7iXRwwPPDk4l0tkZ36d6SZe/08j6KktnMIXy a9hKMIHtpNW2vsVQ3RlNmcIMPHLIJ/dt0BkDAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUYDQQq7SvpLrjZPwW3ZlIWhYrgc8wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1lEUVFxN1N2cExyalpQd1cz WmxJV2hZcmdjOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2 6PgwDQYJKoZIhvcNAQELBQADggEBABuYmb0UlkYKh4ETnCKWHxF1THcGqhgx02AV EQ0jsflWRABMI8dgmxKjaZbzm3Hc1EimTPE0Iz5WHAGWMIcorlDnd6zzndQR9iVr ntZd30aglirDMiNSVTnmcLuoMSDOhrzwalv11Qc5UMmtX+gs02pxuip4JqsdG+eI WXxJrtMB3HvRFbMJpS8vPFGMBEcTbu26PNkp/pprxXE/WsV8iteDDvxgBCG/jKKE WxQHANDu0AbajYg9IZ1bDnMKYepVF4B3XEzY1f5G3Pwlykx3OtnxlE8TUJh9Z7Ya ijOiZ8/iu3RJ/gV68Hf5eFZv5mM0wlJCvoumunFIWqHcgvNiW14= -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:20 2024 by rpki-client on console-ams.rpki-client.org