$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/BrFlO8WQselaYPNxu97POxrpucs.roa File: BrFlO8WQselaYPNxu97POxrpucs.roa (raw, json) Hash identifier: KF8zXAtSY2gEqZOY6db+hgWM4AXQQLg3uMga/L7PpsA= Subject key identifier: 06:B1:65:3B:C5:90:B1:E9:5A:60:F3:71:BB:DE:CF:3B:1A:E9:B9:CB Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB Certificate serial: 0C96 Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/BrFlO8WQselaYPNxu97POxrpucs.roa Signing time: Mon 26 Aug 2024 05:12:27 +0000 ROA not before: Mon 26 Aug 2024 05:12:27 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38851 IP address blocks: 61.65.240.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3222 (0xc96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB Validity Not Before: Aug 26 05:12:27 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=06B1653BC590B1E95A60F371BBDECF3B1AE9B9CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f4:36:f3:d4:72:7c:e7:48:7b:6f:8f:36:ca: 94:53:da:cc:08:91:14:70:70:91:9c:e1:96:02:a9: 8b:8c:a4:41:db:93:f7:04:4e:ed:85:59:ff:65:0d: dd:50:89:f3:c4:3f:b7:62:40:3d:da:6b:c9:bd:00: 1e:0a:61:51:71:f3:dd:08:88:a3:d6:c1:be:c2:14: 1f:7a:7f:71:5b:d7:37:8b:ad:88:4b:b3:ac:5a:31: 5e:2a:e5:03:93:67:b3:b6:bd:4b:eb:9d:fd:fb:55: 23:3e:f8:39:82:25:89:b2:ae:a6:72:e4:06:a1:e3: ad:e7:b2:aa:c6:d3:3c:8a:ff:94:69:07:80:48:cc: f2:1c:fc:7c:1c:00:ce:1b:d0:77:de:49:26:1c:77: b6:c7:fe:08:32:b6:f2:82:8f:e9:b8:3d:6c:d7:1a: 32:0b:15:67:fd:32:ec:f3:94:2f:8e:38:a7:7f:d2: 08:44:d6:3c:be:bf:01:51:3f:52:29:66:7a:fa:34: c3:32:c7:c3:21:57:fd:ce:2f:79:4d:58:98:2d:ec: 3d:bb:0d:1e:fc:a6:1f:4b:2a:68:97:d1:32:cc:3d: 26:1a:79:d8:1d:df:aa:4b:15:73:cc:8d:e4:2e:a5: 26:27:0b:10:1d:78:d3:69:21:44:f0:04:62:7c:8e: 8c:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:B1:65:3B:C5:90:B1:E9:5A:60:F3:71:BB:DE:CF:3B:1A:E9:B9:CB X509v3 Authority Key Identifier: keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/BrFlO8WQselaYPNxu97POxrpucs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.65.240.0/20 Signature Algorithm: sha256WithRSAEncryption 4c:42:ab:ff:6a:79:9a:34:30:ba:4e:d3:a1:a8:05:de:70:b1: ef:dd:91:bc:06:e9:ad:37:b3:96:d4:31:e9:c8:61:78:c6:14: d6:13:b0:bc:1f:ec:db:79:05:35:44:af:24:a1:ea:d8:f2:7d: e2:9d:76:57:b3:86:ee:db:96:b1:a3:9b:86:93:98:ee:28:e3: 69:d7:87:b4:d8:fa:c3:ca:e4:c7:63:54:e9:b9:5e:06:f3:05: 4a:c5:47:a1:03:4a:21:ad:2a:6f:d7:26:a2:5d:5a:c8:70:d4: 5f:f3:fc:b1:dd:d1:1b:51:fa:31:a6:19:31:4e:c2:ee:96:19: 22:44:d1:65:60:ab:d6:00:1d:47:58:06:11:f9:d4:0b:7f:ec: 6e:a9:bb:83:3e:3d:d6:c4:6c:db:33:6e:d6:2a:12:87:ab:f7: 39:e0:14:8a:1c:60:1c:51:c2:70:ad:98:81:b0:86:12:87:58: 33:14:f5:bc:99:a7:55:7c:7d:06:d5:d1:23:ab:5d:7d:7b:0c: 14:77:d4:2e:9b:92:4d:9f:b4:c6:2b:54:2b:5c:68:15:f2:cd: 5e:31:87:d7:1e:ea:b5:2c:24:df:f5:9b:04:bd:61:22:82:ca: d3:70:14:b1:53:5b:43:6b:03:18:af:89:a1:4a:96:b5:bb:88: ca:13:fe:39 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3 ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNDA4MjYw NTEyMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA2QjE2NTNCQzU5MEIx RTk1QTYwRjM3MUJCREVDRjNCMUFFOUI5Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC39Dbz1HJ850h7b482ypRT2swIkRRwcJGc4ZYCqYuMpEHbk/cE Tu2FWf9lDd1QifPEP7diQD3aa8m9AB4KYVFx890IiKPWwb7CFB96f3Fb1zeLrYhL s6xaMV4q5QOTZ7O2vUvrnf37VSM++DmCJYmyrqZy5Aah463nsqrG0zyK/5RpB4BI zPIc/HwcAM4b0HfeSSYcd7bH/ggytvKCj+m4PWzXGjILFWf9MuzzlC+OOKd/0ghE 1jy+vwFRP1IpZnr6NMMyx8MhV/3OL3lNWJgt7D27DR78ph9LKmiX0TLMPSYaedgd 36pLFXPMjeQupSYnCxAdeNNpIUTwBGJ8jow7AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUBrFlO8WQselaYPNxu97POxrpucswHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9CckZsTzhXUXNlbGFZ UE54dTk3UE94cnB1Y3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQEPUHwMA0GCSqGSIb3DQEBCwUAA4IBAQBMQqv/anmaNDC6TtOhqAXecLHv3ZG8 BumtN7OW1DHpyGF4xhTWE7C8H+zbeQU1RK8koerY8n3inXZXs4bu25axo5uGk5ju KONp14e02PrDyuTHY1TpuV4G8wVKxUehA0ohrSpv1yaiXVrIcNRf8/yx3dEbUfox phkxTsLulhkiRNFlYKvWAB1HWAYR+dQLf+xuqbuDPj3WxGzbM27WKhKHq/c54BSK HGAcUcJwrZiBsIYSh1gzFPW8madVfH0G1dEjq119ewwUd9Qum5JNn7TGK1QrXGgV 8s1eMYfXHuq1LCTf9ZsEvWEigsrTcBSxU1tDawMYr4mhSpa1u4jKE/45 -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:03 2024 by rpki-client on console-ams.rpki-client.org