$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/MZVEOiCJtAjH-wPcbO5vlNcMZSI.roa File: MZVEOiCJtAjH-wPcbO5vlNcMZSI.roa (raw, json) Hash identifier: MV1iL59xu4nm9REJGZgbXbyvpcrImjFpM8eVsBgdPkE= Subject key identifier: 31:95:44:3A:20:89:B4:08:C7:FB:03:DC:6C:EE:6F:94:D7:0C:65:22 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1015 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/MZVEOiCJtAjH-wPcbO5vlNcMZSI.roa Signing time: Mon 26 Aug 2024 05:16:02 +0000 ROA not before: Mon 26 Aug 2024 05:16:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 211.76.96.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:55:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4117 (0x1015) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:02 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=3195443A2089B408C7FB03DC6CEE6F94D70C6522 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f2:ba:b4:82:b2:11:12:fb:ff:ab:06:2e:d2: 78:10:a6:70:2f:10:c4:2e:5d:5c:b2:7b:c6:76:fe: 50:63:1b:69:e2:49:0a:e4:9e:fb:05:69:78:ca:bf: 91:d7:6c:c3:50:59:ea:7a:54:46:68:e6:6c:6e:b0: bf:de:f6:95:24:25:db:98:9a:87:db:9f:9a:aa:c0: b1:48:4a:29:eb:5e:64:96:da:b3:d6:d2:ae:37:80: bf:57:b9:40:96:f3:32:38:bd:d3:f4:b4:cd:30:72: d6:c5:a8:f6:ff:59:ed:56:6f:1e:e7:3d:1e:66:f4: b5:58:bc:42:58:1a:e5:2b:44:00:53:a1:5b:4f:de: 1d:f8:a2:65:db:60:67:44:29:25:e5:81:0a:88:00: 78:1c:e4:b3:39:2f:97:f0:90:19:c3:8d:7c:2d:92: 13:18:a1:0f:f8:61:5a:9b:7c:7c:8f:bb:c9:43:f2: 29:91:dc:40:29:37:7c:49:ee:b4:c4:7e:b0:92:1c: ae:ee:29:bb:c5:9a:90:35:e9:20:fd:f5:48:d6:cc: b4:23:ce:29:06:43:bf:60:37:5d:23:76:65:19:28: 4c:40:d0:33:1b:5b:9f:66:0c:11:04:e3:1d:d1:5b: ae:2a:59:73:fa:94:fe:88:6d:aa:c3:f7:5a:be:58: 5e:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:95:44:3A:20:89:B4:08:C7:FB:03:DC:6C:EE:6F:94:D7:0C:65:22 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/MZVEOiCJtAjH-wPcbO5vlNcMZSI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.76.96.0/20 Signature Algorithm: sha256WithRSAEncryption 78:86:44:d2:b5:2b:3e:57:f8:2c:e9:30:85:f8:61:4d:f1:94: d1:b9:5c:55:1e:18:8d:13:de:31:91:d4:8e:77:92:82:03:d9: f7:8b:41:ef:49:af:88:41:e5:01:de:e7:a0:d7:90:c7:6d:cf: 0a:80:f0:a6:5a:42:6b:c0:f8:c1:2b:87:6a:d0:ba:42:ad:ec: 0f:44:6f:6f:60:9d:09:4a:07:53:7c:c0:a4:eb:23:f1:02:fe: 7e:56:61:96:ca:e2:83:80:d2:40:84:10:77:83:a2:49:ea:94: 7f:eb:d4:94:c2:1d:59:14:b7:a0:d1:d3:c2:56:47:49:ae:06: 3f:e7:cb:ee:62:be:43:af:71:db:c7:e2:fe:aa:e0:ed:b1:2f: 39:5f:69:ee:87:b7:20:3f:30:a2:24:8c:21:d7:ff:13:2a:5c: b3:a6:95:97:b1:fc:5d:dc:7d:03:f5:d8:68:54:b3:bb:97:32: 99:e1:ac:26:cb:26:e6:39:41:ae:da:e2:ed:d5:d6:3b:72:24: bf:52:b3:89:cf:0d:00:b5:0e:b4:3f:1f:c9:a3:e8:2b:09:c9: 60:81:bd:a3:51:71:9c:0b:cc:ec:d3:68:38:fe:ce:68:53:53: b3:be:81:ab:3e:4c:15:6b:5d:72:22:c8:25:84:c5:56:fe:37: 93:bb:c5:6f -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEBUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMxOTU0NDNBMjA4OUI0 MDhDN0ZCMDNEQzZDRUU2Rjk0RDcwQzY1MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCo8rq0grIREvv/qwYu0ngQpnAvEMQuXVyye8Z2/lBjG2niSQrk nvsFaXjKv5HXbMNQWep6VEZo5mxusL/e9pUkJduYmofbn5qqwLFISinrXmSW2rPW 0q43gL9XuUCW8zI4vdP0tM0wctbFqPb/We1Wbx7nPR5m9LVYvEJYGuUrRABToVtP 3h34omXbYGdEKSXlgQqIAHgc5LM5L5fwkBnDjXwtkhMYoQ/4YVqbfHyPu8lD8imR 3EApN3xJ7rTEfrCSHK7uKbvFmpA16SD99UjWzLQjzikGQ79gN10jdmUZKExA0DMb W59mDBEE4x3RW64qWXP6lP6IbarD91q+WF4BAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUMZVEOiCJtAjH+wPcbO5vlNcMZSIwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL01aVkVPaUNKdEFqSC13UGNiTzV2bE5j TVpTSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATTTGAwDQYJ KoZIhvcNAQELBQADggEBAHiGRNK1Kz5X+CzpMIX4YU3xlNG5XFUeGI0T3jGR1I53 koID2feLQe9Jr4hB5QHe56DXkMdtzwqA8KZaQmvA+MErh2rQukKt7A9Eb29gnQlK B1N8wKTrI/EC/n5WYZbK4oOA0kCEEHeDoknqlH/r1JTCHVkUt6DR08JWR0muBj/n y+5ivkOvcdvH4v6q4O2xLzlfae6HtyA/MKIkjCHX/xMqXLOmlZex/F3cfQP12GhU s7uXMpnhrCbLJuY5Qa7a4u3V1jtyJL9Ss4nPDQC1DrQ/H8mj6CsJyWCBvaNRcZwL zOzTaDj+zmhTU7O+gas+TBVrXXIiyCWExVb+N5O7xW8= -----END CERTIFICATE-----Generated at Mon Nov 25 20:56:27 2024 by rpki-client on console-fra.rpki-client.org