$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCT/nrQ8i43hOjw8Sg5hPqSoo6R2jPQ.roa File: nrQ8i43hOjw8Sg5hPqSoo6R2jPQ.roa (raw, json) Hash identifier: FFTq8edd29K3DA6Hi4zcKh5wjPOdsfcZJxeIguxDZAM= Subject key identifier: 9E:B4:3C:8B:8D:E1:3A:3C:3C:4A:0E:61:3E:A4:A8:A3:A4:76:8C:F4 Certificate issuer: /CN=9B062D74C7F512F04AE60955C5456FC19755337F Certificate serial: 0C24 Authority key identifier: 9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/nrQ8i43hOjw8Sg5hPqSoo6R2jPQ.roa Signing time: Mon 26 Aug 2024 05:12:14 +0000 ROA not before: Mon 26 Aug 2024 05:12:14 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131601 IP address blocks: 114.29.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3108 (0xc24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9B062D74C7F512F04AE60955C5456FC19755337F Validity Not Before: Aug 26 05:12:14 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9EB43C8B8DE13A3C3C4A0E613EA4A8A3A4768CF4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:67:fd:61:ff:e6:9f:d8:84:71:57:79:ce:9d: 85:80:27:7c:53:87:f5:0d:9e:9c:02:07:96:0f:13: a6:fa:61:a8:67:cd:a9:b7:26:1a:3f:2b:17:47:ab: a9:a5:9b:84:43:3c:cf:f5:5d:01:e9:f1:c3:49:6e: aa:73:cb:66:46:e3:dd:01:c5:f3:ed:28:8e:ea:0d: 58:98:dd:9f:b0:75:c9:c1:ca:b3:cd:d4:24:b1:1f: b7:a2:1e:4f:35:fd:af:cc:ab:89:29:38:48:ec:e1: cb:0c:47:31:9f:4f:d1:91:d0:23:15:71:e7:97:f5: c8:8b:51:61:f8:d3:91:64:0d:8a:ef:c4:78:94:9a: e8:3a:96:4b:04:48:c7:0e:32:2e:a4:45:bf:05:4a: d3:87:90:f7:89:ad:98:06:93:40:94:ff:9b:64:0d: f0:96:af:3a:b3:82:e2:7a:54:da:45:f7:08:bb:cf: 68:6a:3e:b1:be:f9:ca:ee:a2:68:56:ae:bf:8c:fd: 1a:13:63:71:27:55:2c:fb:c6:a0:e4:02:18:75:5e: 52:63:fe:8a:7a:be:93:d1:d4:f4:e0:9c:7a:ed:04: 52:f8:a0:0e:2a:bd:af:03:84:9f:48:e4:fb:eb:ac: db:15:ba:df:be:70:d0:6f:14:f5:19:65:4e:d6:00: 1c:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:B4:3C:8B:8D:E1:3A:3C:3C:4A:0E:61:3E:A4:A8:A3:A4:76:8C:F4 X509v3 Authority Key Identifier: keyid:9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/nrQ8i43hOjw8Sg5hPqSoo6R2jPQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.29.244.0/22 Signature Algorithm: sha256WithRSAEncryption a1:f6:03:c8:45:aa:bb:b1:c4:df:cf:ad:1c:26:1e:fb:af:2d: 67:b8:db:13:f4:c7:ae:42:c7:2a:73:1e:ae:9e:87:e8:db:14: 3d:49:86:a2:4e:c7:2b:c5:86:19:ff:13:f6:b5:ad:27:45:06: c9:58:78:62:e2:9c:d7:76:cd:a8:14:22:45:28:29:1a:4e:f7: 22:e9:91:e4:a4:30:b4:d8:1a:76:ad:10:a9:c9:b8:0b:ee:36: 99:73:cb:fb:8d:92:48:9b:40:93:e1:fd:c4:82:4b:9f:52:4d: 3d:31:3f:7c:75:51:7b:cf:17:79:fb:b9:67:5a:ba:67:dc:dd: 22:7c:6a:98:dc:f8:7f:02:0f:4e:34:51:13:35:1c:da:95:c7: c2:ac:f3:42:a7:71:ee:f2:89:0b:57:5c:ee:7f:6d:6f:e3:4d: ad:9f:70:21:0d:5b:e8:03:73:93:75:55:05:e4:9d:b0:7c:cf: ad:26:cd:1c:95:21:f9:80:0d:df:10:d8:1e:a5:dd:f7:4f:0b: a7:83:00:5a:91:70:48:d7:fc:a7:68:5f:6f:52:b4:4f:bf:9e: 97:49:ae:2d:ab:d5:b7:42:3f:13:c5:cb:85:98:11:4b:d8:c7: b7:8a:2b:9c:22:d1:a6:3a:4a:bc:8d:20:f1:6a:25:76:48:c9: 13:90:16:8f -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDCQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUIw NjJENzRDN0Y1MTJGMDRBRTYwOTU1QzU0NTZGQzE5NzU1MzM3RjAeFw0yNDA4MjYw NTEyMTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlFQjQzQzhCOERFMTNB M0MzQzRBMEU2MTNFQTRBOEEzQTQ3NjhDRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHZ/1h/+af2IRxV3nOnYWAJ3xTh/UNnpwCB5YPE6b6Yahnzam3 Jho/KxdHq6mlm4RDPM/1XQHp8cNJbqpzy2ZG490BxfPtKI7qDViY3Z+wdcnByrPN 1CSxH7eiHk81/a/Mq4kpOEjs4csMRzGfT9GR0CMVceeX9ciLUWH405FkDYrvxHiU mug6lksESMcOMi6kRb8FStOHkPeJrZgGk0CU/5tkDfCWrzqzguJ6VNpF9wi7z2hq PrG++cruomhWrr+M/RoTY3EnVSz7xqDkAhh1XlJj/op6vpPR1PTgnHrtBFL4oA4q va8DhJ9I5PvrrNsVut++cNBvFPUZZU7WABwPAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUnrQ8i43hOjw8Sg5hPqSoo6R2jPQwHwYDVR0jBBgwFoAUmwYtdMf1EvBK5glV xUVvwZdVM38wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL213 WXRkTWYxRXZCSzVnbFZ4VVZ2d1pkVk0zOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev bXdZdGRNZjFFdkJLNWdsVnhVVnZ3WmRWTTM4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL25yUThpNDNoT2p3OFNnNWhQcVNvbzZS MmpQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfQwDQYJ KoZIhvcNAQELBQADggEBAKH2A8hFqruxxN/PrRwmHvuvLWe42xP0x65CxypzHq6e h+jbFD1JhqJOxyvFhhn/E/a1rSdFBslYeGLinNd2zagUIkUoKRpO9yLpkeSkMLTY GnatEKnJuAvuNplzy/uNkkibQJPh/cSCS59STT0xP3x1UXvPF3n7uWdaumfc3SJ8 apjc+H8CD040URM1HNqVx8Ks80Knce7yiQtXXO5/bW/jTa2fcCENW+gDc5N1VQXk nbB8z60mzRyVIfmADd8Q2B6l3fdPC6eDAFqRcEjX/KdoX29StE+/npdJri2r1bdC PxPFy4WYEUvYx7eKK5wi0aY6SryNIPFqJXZIyROQFo8= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:49 2024 by rpki-client on console-fra.rpki-client.org