$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QwifIbnD-l7ntYCUEPNu8iB1DpU.roa File: QwifIbnD-l7ntYCUEPNu8iB1DpU.roa (raw, json) Hash identifier: 72ZAEqryWXxjoEq/hKPQUwetLZch8PDPa3BtEmasPvs= Subject key identifier: 43:08:9F:21:B9:C3:FA:5E:E7:B5:80:94:10:F3:6E:F2:20:75:0E:95 Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A Certificate serial: 21D5 Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QwifIbnD-l7ntYCUEPNu8iB1DpU.roa Signing time: Mon 26 Aug 2024 05:33:23 +0000 ROA not before: Mon 26 Aug 2024 05:33:23 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24164 IP address blocks: 49.159.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8661 (0x21d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08469E113701815993013E13E548A2B340E44E0A Validity Not Before: Aug 26 05:33:23 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=43089F21B9C3FA5EE7B5809410F36EF220750E95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:20:86:8e:03:2c:7b:37:d8:d1:4c:db:8f:f0: 83:73:d6:30:82:a8:d4:e5:89:ba:6c:f0:12:4a:a6: 25:e1:03:5f:f9:d3:26:d0:e2:da:ee:40:91:5f:93: b5:e3:c4:49:23:d1:3f:03:b1:c2:21:31:31:6f:94: eb:a4:43:88:d1:7e:fe:fe:56:6b:70:ba:b8:db:0a: ec:d3:d1:77:97:c8:cc:cf:78:5c:e5:c1:27:26:72: 7a:49:4b:49:95:0d:a0:34:4c:bc:d1:13:ac:0c:ab: 1a:12:be:0b:41:f0:83:cb:43:ca:b5:7e:37:5c:77: 28:61:28:4f:79:2e:6f:92:28:19:94:9f:02:9e:99: 6c:9f:60:6f:78:f6:d2:d4:9d:9c:29:3a:a2:90:66: 01:8a:14:31:a2:f0:52:f7:f4:e0:7a:4e:9f:71:25: a6:7f:b2:e9:38:4a:4d:3c:88:e1:10:46:d5:32:29: d0:9d:7c:9a:fa:9b:78:f9:e9:29:a6:f6:ec:8f:43: 06:f2:5d:4d:ad:d4:11:ae:52:cb:5a:b9:04:75:2f: 3f:65:2d:47:af:a0:16:bd:1d:20:27:b2:d4:ae:17: e8:bc:b3:09:ab:e6:b3:5a:ac:b2:f3:ba:8b:b0:12: 99:a4:f5:cf:1b:ee:48:44:5e:14:88:83:78:b8:58: ba:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:08:9F:21:B9:C3:FA:5E:E7:B5:80:94:10:F3:6E:F2:20:75:0E:95 X509v3 Authority Key Identifier: keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/QwifIbnD-l7ntYCUEPNu8iB1DpU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.159.224.0/21 Signature Algorithm: sha256WithRSAEncryption 9a:91:6c:63:86:d7:70:99:88:79:14:af:50:a3:60:50:a8:80: b3:21:57:f3:71:54:a7:da:25:71:3b:05:99:11:d5:8a:2a:a2: a2:5e:3a:3e:db:52:9d:e7:48:21:3c:67:9e:6c:bd:ce:83:77: fe:4e:f9:e5:66:98:24:06:27:02:08:66:10:fe:15:d5:39:df: 64:5f:a2:b1:c3:c9:f9:bd:74:03:4d:76:c6:57:2b:79:b9:ba: c6:77:52:15:77:a2:63:87:06:ec:28:10:dd:a2:14:d3:42:4f: ff:87:ae:d6:2a:43:49:cf:d5:48:21:3d:a3:5d:9b:17:95:73: 2c:33:27:83:01:40:36:ab:b5:cd:d3:a7:76:03:35:9a:9d:20: 90:5c:6c:f4:12:6c:56:ee:24:cf:30:e1:e7:ca:5c:92:b6:c5: 24:5e:bb:8d:7c:96:bf:b6:a4:a0:c6:dc:e5:65:16:5a:9d:e1: 4d:6f:f3:19:7b:fc:3c:34:65:88:a5:bb:8f:16:15:41:1b:1f: d7:5b:0d:1a:72:d6:7a:ed:f6:bd:69:be:f1:0c:41:a1:14:ab: 49:e9:74:e3:8a:64:63:2f:f4:cc:37:ed:72:74:90:81:f2:06: bb:15:75:b2:ea:2b:da:fc:31:93:47:5a:22:14:36:db:7d:47: 16:8f:46:88 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICIdUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0 NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNDA4MjYw NTMzMjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQzMDg5RjIxQjlDM0ZB NUVFN0I1ODA5NDEwRjM2RUYyMjA3NTBFOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAIIaOAyx7N9jRTNuP8INz1jCCqNTlibps8BJKpiXhA1/50ybQ 4truQJFfk7XjxEkj0T8DscIhMTFvlOukQ4jRfv7+VmtwurjbCuzT0XeXyMzPeFzl wScmcnpJS0mVDaA0TLzRE6wMqxoSvgtB8IPLQ8q1fjdcdyhhKE95Lm+SKBmUnwKe mWyfYG949tLUnZwpOqKQZgGKFDGi8FL39OB6Tp9xJaZ/suk4Sk08iOEQRtUyKdCd fJr6m3j56Smm9uyPQwbyXU2t1BGuUstauQR1Lz9lLUevoBa9HSAnstSuF+i8swmr 5rNarLLzuouwEpmk9c8b7khEXhSIg3i4WLr1AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUQwifIbnD+l7ntYCUEPNu8iB1DpUwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T 5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL1F3aWZJYm5ELWw3bnRZQ1VF UE51OGlCMURwVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx n+AwDQYJKoZIhvcNAQELBQADggEBAJqRbGOG13CZiHkUr1CjYFCogLMhV/NxVKfa JXE7BZkR1YoqoqJeOj7bUp3nSCE8Z55svc6Dd/5O+eVmmCQGJwIIZhD+FdU532Rf orHDyfm9dANNdsZXK3m5usZ3UhV3omOHBuwoEN2iFNNCT/+HrtYqQ0nP1UghPaNd mxeVcywzJ4MBQDartc3Tp3YDNZqdIJBcbPQSbFbuJM8w4efKXJK2xSReu418lr+2 pKDG3OVlFlqd4U1v8xl7/Dw0ZYilu48WFUEbH9dbDRpy1nrt9r1pvvEMQaEUq0np dOOKZGMv9Mw37XJ0kIHyBrsVdbLqK9r8MZNHWiIUNtt9RxaPRog= -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:25 2024 by rpki-client on console-ams.rpki-client.org