$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kxTjUbZ2SvOkWMGddLkPc7xlY0E.roa File: kxTjUbZ2SvOkWMGddLkPc7xlY0E.roa (raw, json) Hash identifier: MG8hX4OnI/l15DTmieSgrOk+6K+5AO8V8yQ1EKUR8+g= Subject key identifier: 93:14:E3:51:B6:76:4A:F3:A4:58:C1:9D:74:B9:0F:73:BC:65:63:41 Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 12CD Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kxTjUbZ2SvOkWMGddLkPc7xlY0E.roa Signing time: Mon 26 Aug 2024 05:32:34 +0000 ROA not before: Mon 26 Aug 2024 05:32:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131644 IP address blocks: 101.101.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4813 (0x12cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Aug 26 05:32:34 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9314E351B6764AF3A458C19D74B90F73BC656341 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:59:ef:18:9b:97:92:4d:9e:c1:a5:a1:17:c0: 51:a8:9f:17:63:82:fb:85:5b:b7:bc:c6:1c:61:1b: c9:89:9b:1a:06:64:e5:95:b0:73:bf:c7:a2:17:bf: f8:34:8b:6e:3d:a7:6c:d9:44:18:fb:44:ac:29:3e: 36:8e:96:3e:7d:7a:c2:cd:99:04:50:e2:9f:9d:72: fc:7b:19:d5:fa:ee:de:b5:e8:56:41:b0:4f:7f:c7: 7d:b5:93:8b:85:24:68:65:9d:ab:d5:62:91:8e:2d: 52:12:67:6c:84:98:93:b5:64:79:aa:bd:37:ea:30: 59:c9:be:5b:15:64:85:3e:64:a3:a1:ac:63:ee:f9: ef:0e:9d:af:74:f7:4c:9d:c8:e2:d1:cd:9f:17:3a: 09:c7:48:3b:56:e1:5b:c3:12:08:5a:c0:17:f8:51: 46:24:0d:00:24:1a:50:c6:ce:a2:21:81:3e:3e:5a: 4d:d6:f0:c0:eb:50:e6:90:d3:99:be:00:e4:5d:5f: b5:2d:af:35:b5:73:84:ef:3e:f0:cf:50:84:3b:d8: 6e:97:a2:9b:52:ea:81:8a:4e:21:7e:83:0e:ac:31: 2a:42:3a:31:a2:13:7f:ba:15:69:4f:79:5c:fb:67: 35:60:f4:36:da:27:07:3f:01:f3:21:96:0c:1b:ea: 2b:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:14:E3:51:B6:76:4A:F3:A4:58:C1:9D:74:B9:0F:73:BC:65:63:41 X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kxTjUbZ2SvOkWMGddLkPc7xlY0E.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.101.101.0/24 Signature Algorithm: sha256WithRSAEncryption 0d:c1:2c:f5:06:e4:d5:86:87:0b:37:83:54:69:be:0e:cd:d6: 06:2c:81:5a:a3:32:69:11:9e:57:e3:dc:60:61:a8:e7:2d:a9: b9:d6:cc:80:97:fb:90:ca:87:2d:ac:7b:c6:40:c8:af:12:dc: 47:d9:d8:d9:1d:90:53:e6:67:fe:f5:35:89:d4:79:10:4c:15: 39:b5:c9:df:bc:d5:f1:94:82:22:f5:28:71:91:a0:64:51:e0: 97:5a:19:76:46:96:70:0b:9f:db:b3:ae:98:bb:f0:68:ec:37: 14:32:08:c1:61:da:95:dc:a4:f0:e3:ba:10:95:cd:d8:e1:90: d8:f4:cc:f4:02:0b:44:79:31:6f:3f:bc:78:80:15:0d:ca:64: 83:8e:b5:12:b7:62:4f:5e:e6:fb:7c:d0:2b:f4:21:b2:de:bc: 90:69:8a:74:db:67:ab:d5:5b:d9:1a:da:56:42:e0:e0:e8:0d: c6:b7:f9:73:3b:ae:90:18:cc:05:53:85:33:b7:31:85:61:c2: c2:74:5f:df:05:1b:fa:98:bc:50:3b:d3:71:1d:a4:d8:34:b3: 79:4d:7f:68:46:20:e4:e3:2c:9c:1d:eb:38:ae:4c:45:95:7e: 19:60:b4:f5:62:14:0f:ff:90:1a:ed:f0:a5:6b:ae:d2:8b:8b: 5f:4f:4a:eb -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEs0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDA4MjYw NTMyMzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkzMTRFMzUxQjY3NjRB RjNBNDU4QzE5RDc0QjkwRjczQkM2NTYzNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKWe8Ym5eSTZ7BpaEXwFGonxdjgvuFW7e8xhxhG8mJmxoGZOWV sHO/x6IXv/g0i249p2zZRBj7RKwpPjaOlj59esLNmQRQ4p+dcvx7GdX67t616FZB sE9/x321k4uFJGhlnavVYpGOLVISZ2yEmJO1ZHmqvTfqMFnJvlsVZIU+ZKOhrGPu +e8Ona9090ydyOLRzZ8XOgnHSDtW4VvDEghawBf4UUYkDQAkGlDGzqIhgT4+Wk3W 8MDrUOaQ05m+AORdX7UtrzW1c4TvPvDPUIQ72G6XoptS6oGKTiF+gw6sMSpCOjGi E3+6FWlPeVz7ZzVg9DbaJwc/AfMhlgwb6isvAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUkxTjUbZ2SvOkWMGddLkPc7xlY0EwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9reFRqVWJaMlN2T2tXTUdkZExr UGM3eGxZMEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZWVl MA0GCSqGSIb3DQEBCwUAA4IBAQANwSz1BuTVhocLN4NUab4OzdYGLIFaozJpEZ5X 49xgYajnLam51syAl/uQyoctrHvGQMivEtxH2djZHZBT5mf+9TWJ1HkQTBU5tcnf vNXxlIIi9ShxkaBkUeCXWhl2RpZwC5/bs66Yu/Bo7DcUMgjBYdqV3KTw47oQlc3Y 4ZDY9Mz0AgtEeTFvP7x4gBUNymSDjrUSt2JPXub7fNAr9CGy3ryQaYp022er1VvZ GtpWQuDg6A3Gt/lzO66QGMwFU4UztzGFYcLCdF/fBRv6mLxQO9NxHaTYNLN5TX9o RiDk4yycHes4rkxFlX4ZYLT1YhQP/5Aa7fCla67Si4tfT0rr -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:40 2024 by rpki-client on console-ams.rpki-client.org