$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/hRfFDV4JacQzCI2EgL4Z9zNcHxY.roa File: hRfFDV4JacQzCI2EgL4Z9zNcHxY.roa (raw, json) Hash identifier: y1KZcDP1QHBj/+6kIeTDJxlcXnKUW8GumZ/c5SCbg/A= Subject key identifier: 85:17:C5:0D:5E:09:69:C4:33:08:8D:84:80:BE:19:F7:33:5C:1F:16 Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB Certificate serial: 0C9E Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/hRfFDV4JacQzCI2EgL4Z9zNcHxY.roa Signing time: Mon 26 Aug 2024 05:12:29 +0000 ROA not before: Mon 26 Aug 2024 05:12:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 198949 IP address blocks: 61.65.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:24:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3230 (0xc9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB Validity Not Before: Aug 26 05:12:29 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8517C50D5E0969C433088D8480BE19F7335C1F16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fa:47:c6:0a:f9:8b:2b:24:05:d9:a1:d2:99: 48:49:56:71:48:5b:6d:79:2a:8a:26:1d:d1:4b:76: 3e:d6:37:d5:14:24:56:51:d2:87:df:f6:6d:5e:62: 08:9d:c6:2c:88:6f:45:49:ca:9b:6d:36:f0:f5:af: ea:95:52:16:6a:ff:81:4c:ed:ec:20:36:47:a8:b0: 34:ed:80:42:e2:d6:b6:0d:9e:d7:4f:f8:58:a6:55: 03:75:61:d7:1d:b3:ee:09:60:b8:5c:6f:ee:35:27: f2:6f:a8:0a:92:43:cf:46:db:70:e2:c9:d4:77:d7: 4d:ad:36:21:ee:67:70:cf:9c:be:5f:bc:c8:24:1b: ed:94:18:7d:f7:c8:b6:f7:51:a4:8d:84:a7:23:9c: 31:f3:89:f9:a1:39:e1:3c:9e:01:b3:e8:fa:6c:b6: ef:a1:f1:79:5c:e1:89:aa:83:fd:05:6b:7d:18:cf: af:d4:46:39:ab:20:43:d5:97:b2:9c:0d:50:77:09: ae:9a:cf:6d:d8:70:83:82:7a:f4:dd:8b:6a:64:23: 90:52:1f:79:e4:ac:e8:79:91:3a:0a:b3:aa:e2:08: d8:85:76:28:aa:0c:e6:ca:6f:98:c3:7f:00:77:2f: 91:e7:55:a0:34:50:62:69:28:48:26:38:e0:36:26: c0:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:17:C5:0D:5E:09:69:C4:33:08:8D:84:80:BE:19:F7:33:5C:1F:16 X509v3 Authority Key Identifier: keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/hRfFDV4JacQzCI2EgL4Z9zNcHxY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.65.238.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:c2:93:0e:23:24:c4:6b:ae:ae:7a:5a:6a:4f:24:53:46:cb: 37:b6:23:c1:77:4b:9e:b6:53:ff:bd:94:db:f4:b1:18:83:e2: c0:19:be:82:76:23:82:22:b1:04:d0:26:4e:f3:c9:15:fd:a1: 8f:dc:95:c7:e8:84:44:9d:f6:4d:7e:81:01:e7:3d:d4:1d:82: 23:27:24:7d:bf:69:29:ca:91:a2:78:24:c5:25:57:f4:74:56: ce:0b:9f:33:56:c9:c5:aa:1f:df:f8:67:f0:34:44:bf:5f:0a: 5d:1e:cd:5b:cd:d4:06:9e:69:64:e1:4f:fd:e7:73:d3:1e:c0: b5:3a:ce:3e:d6:97:0e:a1:e7:2c:a9:c2:d3:05:b8:45:44:4c: 6c:97:95:35:06:7a:07:56:e4:a9:04:70:77:f3:c9:6c:48:b1: 40:df:95:92:ab:48:cc:0e:e5:17:9e:d7:84:d2:51:bf:81:8b: 4c:81:04:cc:a5:86:1e:49:ff:84:02:b1:cc:fc:12:ad:14:c4: 99:ab:fe:a0:bc:f3:58:91:3f:d1:cc:af:9b:75:18:c0:32:d3: 39:58:e2:d2:61:91:6c:c6:13:2a:17:50:6b:4d:a6:5d:a0:3d: 58:76:f2:2b:75:d0:90:e5:e5:32:8f:67:97:d9:db:9c:bc:6c: 7a:cf:c8:62 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3 ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNDA4MjYw NTEyMjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg1MTdDNTBENUUwOTY5 QzQzMzA4OEQ4NDgwQkUxOUY3MzM1QzFGMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC++kfGCvmLKyQF2aHSmUhJVnFIW215KoomHdFLdj7WN9UUJFZR 0off9m1eYgidxiyIb0VJypttNvD1r+qVUhZq/4FM7ewgNkeosDTtgELi1rYNntdP +FimVQN1Ydcds+4JYLhcb+41J/JvqAqSQ89G23DiydR3102tNiHuZ3DPnL5fvMgk G+2UGH33yLb3UaSNhKcjnDHzifmhOeE8ngGz6Ppstu+h8Xlc4Ymqg/0Fa30Yz6/U RjmrIEPVl7KcDVB3Ca6az23YcIOCevTdi2pkI5BSH3nkrOh5kToKs6riCNiFdiiq DObKb5jDfwB3L5HnVaA0UGJpKEgmOOA2JsAXAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUhRfFDV4JacQzCI2EgL4Z9zNcHxYwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9oUmZGRFY0SmFjUXpD STJFZ0w0Wjl6TmNIeFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAPUHuMA0GCSqGSIb3DQEBCwUAA4IBAQAKwpMOIyTEa66uelpqTyRTRss3tiPB d0uetlP/vZTb9LEYg+LAGb6CdiOCIrEE0CZO88kV/aGP3JXH6IREnfZNfoEB5z3U HYIjJyR9v2kpypGieCTFJVf0dFbOC58zVsnFqh/f+GfwNES/XwpdHs1bzdQGnmlk 4U/953PTHsC1Os4+1pcOoecsqcLTBbhFRExsl5U1BnoHVuSpBHB388lsSLFA35WS q0jMDuUXnteE0lG/gYtMgQTMpYYeSf+EArHM/BKtFMSZq/6gvPNYkT/RzK+bdRjA MtM5WOLSYZFsxhMqF1BrTaZdoD1YdvIrddCQ5eUyj2eX2ducvGx6z8hi -----END CERTIFICATE-----Generated at Fri Nov 22 00:15:13 2024 by rpki-client on console-ams.rpki-client.org