$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/IDg_a8NA3AVh_cg41_TJpvTwr5M.roa File: IDg_a8NA3AVh_cg41_TJpvTwr5M.roa (raw, json) Hash identifier: yLjnyV33aQegjecSrcGKlIUQoyRs1FjOX6G1MkGiWiY= Subject key identifier: 20:38:3F:6B:C3:40:DC:05:61:FD:C8:38:D7:F4:C9:A6:F4:F0:AF:93 Certificate issuer: /CN=C28F57324E766BC5E9FA99C4D7AD4C40D3958FC6 Certificate serial: 0BE9 Authority key identifier: C2:8F:57:32:4E:76:6B:C5:E9:FA:99:C4:D7:AD:4C:40:D3:95:8F:C6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/IDg_a8NA3AVh_cg41_TJpvTwr5M.roa Signing time: Mon 26 Aug 2024 05:32:22 +0000 ROA not before: Mon 26 Aug 2024 05:32:22 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 133955 IP address blocks: 223.165.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3049 (0xbe9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C28F57324E766BC5E9FA99C4D7AD4C40D3958FC6 Validity Not Before: Aug 26 05:32:22 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=20383F6BC340DC0561FDC838D7F4C9A6F4F0AF93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:21:e3:6f:de:b4:9e:ed:8f:fa:ad:01:13:67: c4:84:a7:17:f8:a7:3a:1a:b8:24:23:28:64:9a:d5: 85:4d:73:ff:dc:04:a0:14:a6:ba:50:52:29:32:f5: 2c:9a:90:50:74:87:1a:c5:91:00:0c:d3:83:f9:25: 3e:f5:e0:75:f5:4f:21:ef:7c:ce:77:34:31:cd:ef: 59:26:a6:b3:44:44:f0:b3:09:2e:3f:06:5c:7c:44: bd:70:b1:8e:9f:02:d7:9a:07:e3:ef:13:a2:a6:08: ec:54:9b:74:76:b5:b3:b8:16:ca:5a:39:4a:14:02: af:0f:f4:94:d1:07:ab:96:5e:da:b9:b6:2c:fb:6d: f9:7e:33:78:16:3f:1b:27:c5:f4:f0:5d:a8:de:be: f7:dc:60:c8:06:95:6e:de:62:e4:68:d2:14:e1:be: 25:e1:9c:e4:c6:8f:cb:6a:b2:7f:7e:d5:03:9a:c2: e9:27:b3:a6:2f:8f:eb:97:6d:4e:17:06:c0:df:be: a9:97:1c:0c:e2:67:0b:a5:90:f8:a8:a2:d6:d6:fa: f8:ac:85:e4:51:ba:bd:11:3e:25:4d:8b:28:0b:69: 75:0a:50:6e:b6:be:00:b6:7d:d2:82:aa:2c:1e:6e: d9:17:de:d3:64:22:1e:e2:bc:11:f7:2d:d7:89:5a: 27:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:38:3F:6B:C3:40:DC:05:61:FD:C8:38:D7:F4:C9:A6:F4:F0:AF:93 X509v3 Authority Key Identifier: keyid:C2:8F:57:32:4E:76:6B:C5:E9:FA:99:C4:D7:AD:4C:40:D3:95:8F:C6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/IDg_a8NA3AVh_cg41_TJpvTwr5M.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.165.9.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:dd:48:c6:9c:0c:d1:9c:8a:54:b9:09:fd:3c:87:39:96:17: 1b:44:5e:6b:95:f6:d3:a4:4d:18:a5:d4:ad:31:2a:9b:14:39: 69:b5:0c:bb:e3:b6:6b:4b:72:4c:d2:09:30:16:64:89:c7:12: 2e:9d:72:d9:e8:9d:71:44:ae:48:5f:83:61:60:92:f5:4c:1a: 7a:19:3a:d6:c3:ea:24:31:02:4b:de:c2:95:46:40:5e:66:b7: d1:20:4e:12:dc:ae:3a:54:70:79:36:4e:bd:4c:d3:eb:a0:27: b9:f0:8b:2b:06:51:16:1c:8f:a5:89:75:d7:65:55:39:2e:d8: dc:97:0a:cb:e7:6b:4e:91:e7:5c:34:a1:dd:1f:02:9a:51:09: 37:7a:c5:78:ae:5b:20:1f:6b:19:d4:54:67:f0:8d:89:bf:f4: 28:4b:70:87:ac:fc:a6:db:59:3d:c1:85:1a:3e:b8:5f:dd:69: 9a:ad:f5:fa:ba:9e:12:a6:24:ad:41:f9:8b:11:80:c7:d1:c6: 66:07:68:d6:d5:ad:54:73:af:a8:65:3a:f9:2f:d7:a2:5b:aa: dc:4d:54:cc:97:b2:42:90:b2:28:c7:cf:d8:c8:bb:8f:27:0b: a0:b4:0d:e2:cc:40:94:3f:36:a8:ad:9f:97:42:fe:5e:9f:c2: 0b:10:67:b7 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICC+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzI4 RjU3MzI0RTc2NkJDNUU5RkE5OUM0RDdBRDRDNDBEMzk1OEZDNjAeFw0yNDA4MjYw NTMyMjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIwMzgzRjZCQzM0MERD MDU2MUZEQzgzOEQ3RjRDOUE2RjRGMEFGOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCYIeNv3rSe7Y/6rQETZ8SEpxf4pzoauCQjKGSa1YVNc//cBKAU prpQUiky9SyakFB0hxrFkQAM04P5JT714HX1TyHvfM53NDHN71kmprNERPCzCS4/ Blx8RL1wsY6fAteaB+PvE6KmCOxUm3R2tbO4FspaOUoUAq8P9JTRB6uWXtq5tiz7 bfl+M3gWPxsnxfTwXajevvfcYMgGlW7eYuRo0hThviXhnOTGj8tqsn9+1QOawukn s6Yvj+uXbU4XBsDfvqmXHAziZwulkPiootbW+visheRRur0RPiVNiygLaXUKUG62 vgC2fdKCqiwebtkX3tNkIh7ivBH3LdeJWifLAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUIDg/a8NA3AVh/cg41/TJpvTwr5MwHwYDVR0jBBgwFoAUwo9XMk52a8Xp+pnE 161MQNOVj8YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdELUNP TS1UVy93bzlYTWs1MmE4WHAtcG5FMTYxTVFOT1ZqOFkuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL3dvOVhNazUyYThYcC1wbkUxNjFNUU5PVmo4WS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXRC1DT00tVFcvSURnX2E4TkEz QVZoX2NnNDFfVEpwdlR3cjVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAN+lCTANBgkqhkiG9w0BAQsFAAOCAQEAXt1IxpwM0ZyKVLkJ/TyHOZYX G0Rea5X206RNGKXUrTEqmxQ5abUMu+O2a0tyTNIJMBZkiccSLp1y2eidcUSuSF+D YWCS9Uwaehk61sPqJDECS97ClUZAXma30SBOEtyuOlRweTZOvUzT66AnufCLKwZR FhyPpYl112VVOS7Y3JcKy+drTpHnXDSh3R8CmlEJN3rFeK5bIB9rGdRUZ/CNib/0 KEtwh6z8pttZPcGFGj64X91pmq31+rqeEqYkrUH5ixGAx9HGZgdo1tWtVHOvqGU6 +S/Xoluq3E1UzJeyQpCyKMfP2Mi7jycLoLQN4sxAlD82qK2fl0L+Xp/CCxBntw== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:59 2024 by rpki-client on console-fra.rpki-client.org