$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/iaQWkeV56utiReCvcK9sL-LsHRk.cer File: iaQWkeV56utiReCvcK9sL-LsHRk.cer (raw, json) Hash identifier: yRHVRxyUp5FtHEySUcPcSww61c3sCyQS06Ard2VSJKY= Subject key identifier: 89:A4:16:91:E5:79:EA:EB:62:45:E0:AF:70:AF:6C:2F:E2:EC:1D:19 Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Certificate serial: 2DDF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCORE/iaQWkeV56utiReCvcK9sL-LsHRk.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCORE/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Mon 26 Aug 2024 01:57:21 +0000 Certificate not after: Tue 26 Aug 2025 01:57:03 +0000 Subordinate resources: IP: 103.28.18.0/23 IP: 2400:bb20::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 11:24:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11743 (0x2ddf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Validity Not Before: Aug 26 01:57:21 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=89A41691E579EAEB6245E0AF70AF6C2FE2EC1D19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e9:33:63:12:90:83:48:c8:8b:7f:e8:30:f5: 53:2b:a4:cb:9c:8d:b0:e7:29:02:f4:a5:db:9c:93: bb:39:91:22:86:06:c8:3a:2c:05:b2:e3:71:5a:29: ac:46:a3:5b:8d:04:c0:88:93:d4:28:0f:3c:16:99: bf:c8:c4:fb:d8:ec:d9:4d:4a:85:c5:cd:b4:b8:b5: 05:19:fd:1f:92:08:79:11:dc:2c:3a:6a:84:70:85: 8a:46:83:26:75:89:1d:fb:04:f3:17:9c:c0:94:d2: c0:db:76:bc:8d:e4:42:65:0e:22:6b:ee:fb:53:24: fb:7c:10:11:2e:a6:b7:96:bc:ba:cf:0b:39:cd:3e: 15:22:ae:64:61:45:02:46:05:18:4c:7b:8c:79:2c: 98:1a:7e:9f:34:6a:27:73:d1:fe:97:72:32:f4:a7: c6:ec:db:d9:ca:3a:65:ee:76:3f:53:6f:19:5e:84: bc:fd:d4:43:73:63:3a:04:79:61:24:42:dc:a4:07: 95:f4:e4:a5:c8:ef:0f:98:ff:ca:70:ba:bf:ea:93: 79:aa:4e:e4:63:35:ca:93:65:3e:69:2e:28:30:8d: b1:54:cd:15:5a:d9:d8:33:e1:a1:b5:f0:5e:02:2c: 25:95:83:ce:d8:67:87:5e:01:2f:54:25:5f:db:46: 69:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:A4:16:91:E5:79:EA:EB:62:45:E0:AF:70:AF:6C:2F:E2:EC:1D:19 X509v3 Authority Key Identifier: keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCORE/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CYCORE/iaQWkeV56utiReCvcK9sL-LsHRk.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.28.18.0/23 IPv6: 2400:bb20::/32 Signature Algorithm: sha256WithRSAEncryption 9b:65:70:d9:21:f8:19:47:6e:73:1c:60:e0:4b:5c:62:91:dd: 1c:27:3e:1d:b3:c0:2b:e5:71:21:e0:d3:8b:81:c3:98:8e:c4: 3e:29:01:df:2f:32:4f:9c:fd:3e:fc:04:60:d7:f8:f1:d6:4d: 6f:27:5a:3d:0a:c8:b4:4a:25:4f:71:ea:36:ce:c8:83:96:64: 6a:93:0c:c2:82:6b:72:2c:9f:7f:47:88:83:1a:96:9e:9b:f9: 35:86:57:da:b3:2a:57:09:6b:aa:11:a8:f2:6c:0a:02:af:14: 28:4f:1b:fd:bc:0e:61:7e:19:c9:b0:18:85:f1:d0:24:f1:10: e6:0a:08:f2:fc:24:3d:f8:ee:dc:b7:7f:39:75:7b:0b:cd:95: 87:3d:0e:76:16:f5:38:71:80:34:07:9a:67:22:7c:c3:bc:32: 87:8d:c2:b4:b3:09:28:6d:eb:b9:d5:f5:bd:75:e7:89:5c:59: 42:f2:bf:54:5f:16:42:09:b7:e1:c0:84:62:77:91:2c:17:60: 85:f5:53:6f:42:b6:db:84:4a:7a:ff:fd:f7:a7:6e:f0:83:3f: c0:5c:4c:cc:ff:d3:73:06:48:d8:a5:51:8e:46:51:bc:d1:93: e8:3c:86:d4:49:36:97:dc:ff:66:db:d9:9e:25:f6:b6:6e:43: 62:c2:49:70 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgICLd8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy MUM5NkFCMzQ1NDdFMB4XDTI0MDgyNjAxNTcyMVoXDTI1MDgyNjAxNTcwM1owMzEx MC8GA1UEAxMoODlBNDE2OTFFNTc5RUFFQjYyNDVFMEFGNzBBRjZDMkZFMkVDMUQx OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPpM2MSkINIyIt/6DD1 Uyuky5yNsOcpAvSl25yTuzmRIoYGyDosBbLjcVoprEajW40EwIiT1CgPPBaZv8jE +9js2U1KhcXNtLi1BRn9H5IIeRHcLDpqhHCFikaDJnWJHfsE8xecwJTSwNt2vI3k QmUOImvu+1Mk+3wQES6mt5a8us8LOc0+FSKuZGFFAkYFGEx7jHksmBp+nzRqJ3PR /pdyMvSnxuzb2co6Ze52P1NvGV6EvP3UQ3NjOgR5YSRC3KQHlfTkpcjvD5j/ynC6 v+qTeapO5GM1ypNlPmkuKDCNsVTNFVrZ2DPhobXwXgIsJZWDzthnh14BL1QlX9tG aZsCAwEAAaOCAl8wggJbMB0GA1UdDgQWBBSJpBaR5Xnq62JF4K9wr2wv4uwdGTAf BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUFBzAF hixyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1lDT1JFLzBX BggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0NZQ09SRS9pYVFXa2VWNTZ1dGlSZUN2Y0s5c0wtTHNIUmsubWZ0MDEGCCsGAQUF BzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMC4GCCsG AQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZxwSMA0EAgACMAcDBQAkALsgMA0GCSqG SIb3DQEBCwUAA4IBAQCbZXDZIfgZR25zHGDgS1xikd0cJz4ds8Ar5XEh4NOLgcOY jsQ+KQHfLzJPnP0+/ARg1/jx1k1vJ1o9Csi0SiVPceo2zsiDlmRqkwzCgmtyLJ9/ R4iDGpaem/k1hlfasypXCWuqEajybAoCrxQoTxv9vA5hfhnJsBiF8dAk8RDmCgjy /CQ9+O7ct385dXsLzZWHPQ52FvU4cYA0B5pnInzDvDKHjcK0swkobeu51fW9deeJ XFlC8r9UXxZCCbfhwIRid5EsF2CF9VNvQrbbhEp6//33p27wgz/AXEzM/9NzBkjY pVGORlG80ZPoPIbUSTaX3P9m29meJfa2bkNiwklw -----END CERTIFICATE-----Generated at Fri Nov 22 07:03:44 2024 by rpki-client on console-fra.rpki-client.org