$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/1zAwsl9ExxWfhsQiSrxWKUyqy_o.roa File: 1zAwsl9ExxWfhsQiSrxWKUyqy_o.roa (raw, json) Hash identifier: m2iEPMHnqy/lFwzoLAYr5eeq0xsLhSpqjCrccozZrMo= Subject key identifier: D7:30:30:B2:5F:44:C7:15:9F:86:C4:22:4A:BC:56:29:4C:AA:CB:FA Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Certificate serial: 014E Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/1zAwsl9ExxWfhsQiSrxWKUyqy_o.roa Signing time: Mon 26 Aug 2024 05:12:24 +0000 ROA not before: Mon 26 Aug 2024 05:12:24 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38842 IP address blocks: 103.160.226.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 334 (0x14e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Validity Not Before: Aug 26 05:12:24 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D73030B25F44C7159F86C4224ABC56294CAACBFA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:34:62:88:93:20:7c:9b:27:8f:e1:2a:2b:74: aa:82:76:6b:08:f9:a2:ff:f3:41:6c:39:79:f7:db: f3:37:f0:6b:3d:4b:68:90:eb:0e:87:9c:81:ab:2f: c3:97:b3:20:f6:d6:85:b6:4d:1a:01:c8:97:cb:5c: cc:8d:55:b8:4d:45:86:d1:55:47:69:95:75:fd:a9: 79:62:2d:2c:2b:2b:7f:0f:e4:0f:23:0c:16:03:90: 93:5a:f0:52:bd:3e:b4:31:05:8f:1e:df:55:43:f2: 4b:ed:33:3e:bb:41:18:10:ec:41:1b:1f:9f:5b:31: d6:2f:ad:aa:21:3d:58:da:d3:03:5d:1b:87:a1:ee: d5:1f:27:69:f6:7e:ee:96:9a:5e:db:d8:bf:0e:61: b6:2c:e5:7b:63:96:72:30:66:40:f8:55:87:17:25: 52:1b:d4:16:24:d1:06:c0:76:99:99:2a:3a:0e:7d: 26:4e:1d:38:bc:ab:57:63:73:41:22:d1:86:fe:21: 78:d6:e8:6b:df:de:a9:0c:6c:b3:32:c2:b7:f1:41: c2:44:aa:14:72:d6:74:50:1e:b0:a2:44:85:f5:96: d5:ac:b7:b4:91:e7:17:af:90:d6:26:da:a7:8b:ad: 17:35:00:35:bd:2a:56:1b:6b:81:fe:a2:1f:f5:63: 82:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:30:30:B2:5F:44:C7:15:9F:86:C4:22:4A:BC:56:29:4C:AA:CB:FA X509v3 Authority Key Identifier: keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/1zAwsl9ExxWfhsQiSrxWKUyqy_o.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.160.226.0/23 Signature Algorithm: sha256WithRSAEncryption 83:3c:d4:7f:61:ea:c8:56:84:2e:15:60:1a:ef:33:58:62:ba: a7:04:99:3a:e1:c5:4f:45:17:70:8c:c4:82:d3:9c:f9:65:82: 71:d1:2e:62:c2:ef:c0:ce:b1:57:cc:82:31:bc:8a:b5:e2:cb: 44:89:76:4f:1c:5b:32:48:bf:42:73:27:10:ca:d7:bd:6d:e5: 3f:a7:21:05:87:6d:bb:70:ed:1c:3c:b2:07:fa:f0:17:54:24: 40:41:cb:d8:fb:56:53:56:5a:dd:e2:8c:a5:e4:00:29:d3:2d: 5d:f9:4f:3f:8d:46:c6:3f:5e:f7:99:71:24:dd:21:31:8c:5e: e4:6d:94:40:36:53:b5:83:53:d8:eb:8f:40:bb:00:f6:77:c5: a4:cb:ae:b5:9b:67:3b:27:a1:1b:9f:76:a6:35:1b:2d:87:29: 22:49:1e:62:9f:04:0c:2d:41:39:9e:77:d4:36:e5:d8:3e:c3: b4:49:a5:ae:26:1b:85:ae:8a:b8:84:94:f7:86:04:2f:bb:97: 93:01:50:4b:af:42:06:40:4e:0d:1a:9e:f7:af:6c:ef:ba:6c: 9a:8c:da:1a:2e:04:f5:e0:b2:48:24:1d:d0:c8:78:04:02:b8: 7b:d2:28:ec:3d:89:88:ec:64:5a:ff:92:c0:a6:d0:c6:b2:f7: 4d:24:fe:dd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICAU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjc3 ODk1RTY0QkU0MUI3MTgyNjY0RTEzNDVDRDU3RTVEMzZBMUFGMjAeFw0yNDA4MjYw NTEyMjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ3MzAzMEIyNUY0NEM3 MTU5Rjg2QzQyMjRBQkM1NjI5NENBQUNCRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFNGKIkyB8myeP4SordKqCdmsI+aL/80FsOXn32/M38Gs9S2iQ 6w6HnIGrL8OXsyD21oW2TRoByJfLXMyNVbhNRYbRVUdplXX9qXliLSwrK38P5A8j DBYDkJNa8FK9PrQxBY8e31VD8kvtMz67QRgQ7EEbH59bMdYvraohPVja0wNdG4eh 7tUfJ2n2fu6Wml7b2L8OYbYs5XtjlnIwZkD4VYcXJVIb1BYk0QbAdpmZKjoOfSZO HTi8q1djc0Ei0Yb+IXjW6Gvf3qkMbLMywrfxQcJEqhRy1nRQHrCiRIX1ltWst7SR 5xevkNYm2qeLrRc1ADW9KlYba4H+oh/1Y4LVAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU1zAwsl9ExxWfhsQiSrxWKUyqy/owHwYDVR0jBBgwFoAUJ3iV5kvkG3GCZk4T Rc1X5dNqGvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVU L0ozaVY1a3ZrRzNHQ1prNFRSYzFYNWROcUd2SS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVULzF6QXdzbDlFeHhXZmhzUWlT cnhXS1V5cXlfby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn oOIwDQYJKoZIhvcNAQELBQADggEBAIM81H9h6shWhC4VYBrvM1hiuqcEmTrhxU9F F3CMxILTnPllgnHRLmLC78DOsVfMgjG8irXiy0SJdk8cWzJIv0JzJxDK171t5T+n IQWHbbtw7Rw8sgf68BdUJEBBy9j7VlNWWt3ijKXkACnTLV35Tz+NRsY/XveZcSTd ITGMXuRtlEA2U7WDU9jrj0C7APZ3xaTLrrWbZzsnoRufdqY1Gy2HKSJJHmKfBAwt QTmed9Q25dg+w7RJpa4mG4WuiriElPeGBC+7l5MBUEuvQgZATg0anvevbO+6bJqM 2houBPXgskgkHdDIeAQCuHvSKOw9iYjsZFr/ksCm0May900k/t0= -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:03 2024 by rpki-client on console-ams.rpki-client.org