$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ffIa2KR6Aj7h7s3-w4bbu4GZBkc.roa File: ffIa2KR6Aj7h7s3-w4bbu4GZBkc.roa (raw, json) Hash identifier: UvUKUBMCmw9ceAa5jndy1iefdmUmheb1aePDK8Nba7s= Subject key identifier: 7D:F2:1A:D8:A4:7A:02:3E:E1:EE:CD:FE:C3:86:DB:BB:81:99:06:47 Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 12CC Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ffIa2KR6Aj7h7s3-w4bbu4GZBkc.roa Signing time: Mon 26 Aug 2024 05:32:34 +0000 ROA not before: Mon 26 Aug 2024 05:32:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9311 IP address blocks: 203.119.94.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4812 (0x12cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Aug 26 05:32:34 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=7DF21AD8A47A023EE1EECDFEC386DBBB81990647 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fe:42:37:8f:84:66:dc:6b:a0:76:9e:e4:0e:79: c2:94:ee:c5:a2:a2:02:3e:4d:0e:a5:a4:22:47:d5: 10:4c:2d:8f:ed:4e:e2:36:98:aa:05:26:3f:5a:1d: 56:ee:6c:66:9d:db:37:ac:a5:41:71:43:5b:d4:1a: 07:71:eb:c5:67:40:6c:00:4a:a6:64:9e:e3:96:ba: 30:5a:6f:1f:75:fc:38:a1:94:4a:8e:22:6e:bb:70: b3:18:a5:94:ec:1d:54:32:74:72:ad:81:24:29:e9: 21:ec:bc:66:4b:c2:b0:ef:fd:3d:f8:d7:56:74:6f: a1:10:3b:54:41:92:30:bb:5b:bf:75:ad:53:7a:a6: ac:dd:69:06:6e:af:fe:7c:a3:24:98:e1:15:c4:cb: ac:aa:0a:e6:9e:6d:b2:fa:35:33:48:d1:30:4c:05: a3:9f:10:e7:5e:c5:e2:5d:e5:ae:b2:4a:53:26:2f: c4:da:0e:c6:6e:b3:59:de:a6:b1:fc:65:b0:22:1d: 78:00:ec:3f:cd:b7:10:6f:bd:bd:75:c4:83:0a:93: a5:2a:c8:ae:b7:4e:cf:11:19:ff:64:b0:9d:4c:ee: 17:ef:43:01:e7:5b:3e:86:ce:6a:d0:e8:91:31:0b: 3f:16:5e:e1:0f:41:91:f8:e6:a9:4c:67:24:5d:d6: 77:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:F2:1A:D8:A4:7A:02:3E:E1:EE:CD:FE:C3:86:DB:BB:81:99:06:47 X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ffIa2KR6Aj7h7s3-w4bbu4GZBkc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.119.94.0/24 Signature Algorithm: sha256WithRSAEncryption b8:b4:0c:35:5a:ce:39:ad:0c:24:b3:85:2e:da:da:06:36:b1: 90:bc:a6:be:e3:62:1e:37:57:6c:39:61:71:6d:8f:68:5a:4f: 00:2d:69:b4:db:8b:24:6c:b7:d8:18:3c:f8:0f:5e:e6:63:aa: 11:2d:21:e4:8a:1c:2c:f5:0d:4b:db:2d:25:bc:11:a2:68:f1: ca:48:8a:e0:72:fb:89:dc:a0:51:91:45:ac:88:1f:49:10:1a: b3:57:15:98:ef:6a:fb:4a:9c:a3:92:55:9d:c4:fb:4b:15:83: 85:c1:f1:a7:77:e5:db:6b:90:b5:5a:49:92:85:4c:fa:28:b6: 82:ad:79:b5:33:4e:1b:57:15:2a:71:ce:ba:be:8c:6a:1b:44: ce:a1:f0:0b:e9:85:97:68:7a:ad:e5:ce:49:bc:98:39:e6:36: c5:7d:fd:55:80:fc:8b:2a:c4:ec:d6:ab:63:71:a6:ea:cd:77: 30:ae:41:dc:f6:84:c2:67:27:b3:30:ab:43:92:ff:f0:d3:d1: 62:83:e5:31:b9:7f:9f:c8:fc:55:87:a5:fc:0b:bc:7f:a3:37: eb:e6:3f:58:35:1d:b1:a8:b2:b1:cd:ce:d4:0b:11:5d:71:09: cc:f5:2b:28:ba:d4:29:d9:c3:79:7a:65:b0:a5:e1:f7:82:8a: 89:7f:d4:e9 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEswwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDA4MjYw NTMyMzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdERjIxQUQ4QTQ3QTAy M0VFMUVFQ0RGRUMzODZEQkJCODE5OTA2NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD+QjePhGbca6B2nuQOecKU7sWiogI+TQ6lpCJH1RBMLY/tTuI2 mKoFJj9aHVbubGad2zespUFxQ1vUGgdx68VnQGwASqZknuOWujBabx91/DihlEqO Im67cLMYpZTsHVQydHKtgSQp6SHsvGZLwrDv/T3411Z0b6EQO1RBkjC7W791rVN6 pqzdaQZur/58oySY4RXEy6yqCuaebbL6NTNI0TBMBaOfEOdexeJd5a6ySlMmL8Ta DsZus1neprH8ZbAiHXgA7D/NtxBvvb11xIMKk6UqyK63Ts8RGf9ksJ1M7hfvQwHn Wz6GzmrQ6JExCz8WXuEPQZH45qlMZyRd1ndpAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUffIa2KR6Aj7h7s3+w4bbu4GZBkcwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9mZklhMktSNkFqN2g3czMtdzRi YnU0R1pCa2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy3de MA0GCSqGSIb3DQEBCwUAA4IBAQC4tAw1Ws45rQwks4Uu2toGNrGQvKa+42IeN1ds OWFxbY9oWk8ALWm024skbLfYGDz4D17mY6oRLSHkihws9Q1L2y0lvBGiaPHKSIrg cvuJ3KBRkUWsiB9JEBqzVxWY72r7SpyjklWdxPtLFYOFwfGnd+Xba5C1WkmShUz6 KLaCrXm1M04bVxUqcc66voxqG0TOofAL6YWXaHqt5c5JvJg55jbFff1VgPyLKsTs 1qtjcabqzXcwrkHc9oTCZyezMKtDkv/w09Fig+UxuX+fyPxVh6X8C7x/ozfr5j9Y NR2xqLKxzc7UCxFdcQnM9SsoutQp2cN5emWwpeH3goqJf9Tp -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:40 2024 by rpki-client on console-ams.rpki-client.org