$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/2HkOljt6PitKWNiSGTEpEraUVVY.roa File: 2HkOljt6PitKWNiSGTEpEraUVVY.roa (raw, json) Hash identifier: xnoYuT+fGYB3RO6jLzZmUPbJ4uWglUHFNe5S398UZLU= Subject key identifier: D8:79:0E:96:3B:7A:3E:2B:4A:58:D8:92:19:31:29:12:B6:94:55:56 Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB Certificate serial: 0C99 Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/2HkOljt6PitKWNiSGTEpEraUVVY.roa Signing time: Mon 26 Aug 2024 05:12:27 +0000 ROA not before: Mon 26 Aug 2024 05:12:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 198949 IP address blocks: 61.65.237.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 02:24:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3225 (0xc99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB Validity Not Before: Aug 26 05:12:27 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D8790E963B7A3E2B4A58D89219312912B6945556 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:cc:2b:71:86:ae:4b:81:27:cc:51:a2:c9:13: 36:5b:a8:8b:54:79:f1:bd:fc:e3:38:c4:62:0f:9e: 01:a6:30:d6:87:f9:5f:54:ab:4e:6d:8c:dc:3e:e1: 6c:c7:00:5a:47:a1:c3:ac:71:cf:c8:cc:1e:34:e5: 82:c0:3d:51:13:89:fd:18:08:62:d7:fd:c5:45:6d: 4b:f8:02:bb:1a:e1:c1:67:f5:9f:0d:c2:c2:db:c2: 5a:c1:81:d2:77:d2:3e:2e:f1:1f:ec:43:ca:95:09: 0c:de:db:c0:19:7e:36:c1:d8:44:ee:bc:08:c4:03: ff:c5:f9:72:21:1e:72:60:6d:4f:d8:4d:1d:75:c4: a3:be:d5:9f:f5:18:d6:89:6a:61:1c:e6:8c:6a:8f: 32:71:cc:ec:98:61:bb:df:80:20:cb:f1:89:fa:4c: c0:9d:f2:b6:a3:93:28:8d:0d:e0:af:11:2b:8c:03: b1:24:ad:20:50:4b:e7:13:22:8c:d0:51:01:38:15: 26:fa:e3:c5:00:0d:e8:a8:e2:05:40:67:31:c9:fc: b6:74:bd:9a:65:b7:af:37:a8:00:c2:c8:af:6f:06: d8:bf:26:27:f8:95:99:44:ba:e2:df:38:50:c5:52: 6b:f0:8c:8f:b0:f8:56:15:79:d1:56:04:a4:0d:31: 73:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:79:0E:96:3B:7A:3E:2B:4A:58:D8:92:19:31:29:12:B6:94:55:56 X509v3 Authority Key Identifier: keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/2HkOljt6PitKWNiSGTEpEraUVVY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.65.237.0/24 Signature Algorithm: sha256WithRSAEncryption 43:29:e3:b9:37:63:c7:2b:71:dd:b5:ac:f0:43:7b:c8:15:c6: 43:af:5c:15:b5:91:37:f1:6b:5e:37:92:0a:76:f6:df:7b:0e: e5:cf:bb:15:11:bd:ce:f4:a6:83:1f:a3:a6:6e:fb:96:03:13: 5c:37:b2:fd:a1:fa:ce:70:85:3e:50:96:95:d4:a5:48:5b:d9: ea:0b:21:ab:f7:0d:59:4f:5e:04:08:a8:a1:56:08:6b:64:a0: 6a:37:bf:cf:e0:91:5f:02:1d:33:ee:30:d1:47:e0:dd:ba:ca: fa:67:a4:cf:60:fb:b1:1f:ca:c8:b7:c8:18:18:8f:e7:5b:b2: 24:10:58:4b:89:94:ab:5c:8b:6a:d0:fe:05:d8:9d:59:6b:ae: 57:00:a6:3b:da:8d:89:eb:6b:25:f0:50:fe:51:cb:d0:0c:9f: 7d:40:19:1b:f1:26:42:ec:7c:ed:3b:13:c9:96:7d:ad:36:4d: 82:e9:02:52:8c:87:c3:8b:45:f5:8a:bf:94:38:c9:89:ab:e9: e3:b1:da:a9:fb:df:0d:ad:3f:12:29:69:c1:03:0a:44:2b:01: ff:83:77:62:f7:1e:06:5b:fa:9e:0f:fc:d2:e7:0e:69:88:f3: 93:d7:f9:4b:c5:f3:cb:50:86:6f:cf:1e:8c:5b:32:17:46:ae: 6b:54:c4:9e -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3 ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNDA4MjYw NTEyMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ4NzkwRTk2M0I3QTNF MkI0QTU4RDg5MjE5MzEyOTEyQjY5NDU1NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvzCtxhq5LgSfMUaLJEzZbqItUefG9/OM4xGIPngGmMNaH+V9U q05tjNw+4WzHAFpHocOscc/IzB405YLAPVETif0YCGLX/cVFbUv4Arsa4cFn9Z8N wsLbwlrBgdJ30j4u8R/sQ8qVCQze28AZfjbB2ETuvAjEA//F+XIhHnJgbU/YTR11 xKO+1Z/1GNaJamEc5oxqjzJxzOyYYbvfgCDL8Yn6TMCd8rajkyiNDeCvESuMA7Ek rSBQS+cTIozQUQE4FSb648UADeio4gVAZzHJ/LZ0vZplt683qADCyK9vBti/Jif4 lZlEuuLfOFDFUmvwjI+w+FYVedFWBKQNMXN9AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU2HkOljt6PitKWNiSGTEpEraUVVYwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy8ySGtPbGp0NlBpdEtX TmlTR1RFcEVyYVVWVlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAPUHtMA0GCSqGSIb3DQEBCwUAA4IBAQBDKeO5N2PHK3HdtazwQ3vIFcZDr1wV tZE38WteN5IKdvbfew7lz7sVEb3O9KaDH6OmbvuWAxNcN7L9ofrOcIU+UJaV1KVI W9nqCyGr9w1ZT14ECKihVghrZKBqN7/P4JFfAh0z7jDRR+Ddusr6Z6TPYPuxH8rI t8gYGI/nW7IkEFhLiZSrXItq0P4F2J1Za65XAKY72o2J62sl8FD+UcvQDJ99QBkb 8SZC7HztOxPJln2tNk2C6QJSjIfDi0X1ir+UOMmJq+njsdqp+98NrT8SKWnBAwpE KwH/g3di9x4GW/qeD/zS5w5piPOT1/lLxfPLUIZvzx6MWzIXRq5rVMSe -----END CERTIFICATE-----Generated at Sun Nov 24 21:50:11 2024 by rpki-client on console-ams.rpki-client.org