$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/QOFxLS36FhYCz2dbV1WaRZMYVYk.roa File: QOFxLS36FhYCz2dbV1WaRZMYVYk.roa (raw, json) Hash identifier: NCzSRi+ybShutippmnKz114S69yzSPuIjNlL/0drnDA= Subject key identifier: 40:E1:71:2D:2D:FA:16:16:02:CF:67:5B:57:55:9A:45:93:18:55:89 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 100C Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/QOFxLS36FhYCz2dbV1WaRZMYVYk.roa Signing time: Mon 26 Aug 2024 05:16:00 +0000 ROA not before: Mon 26 Aug 2024 05:16:00 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 203.79.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4108 (0x100c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:00 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=40E1712D2DFA161602CF675B57559A4593185589 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:55:21:38:02:50:da:4c:c8:2e:47:f6:1f:52: 61:a0:34:65:e0:8c:40:a6:8c:cb:00:5c:69:c8:a2: dc:17:90:bc:36:70:1d:d2:be:64:97:da:0a:f2:27: 57:80:8e:a5:25:0f:6a:94:d8:a4:b0:17:4e:be:8e: 11:a7:af:59:19:0f:62:8f:94:7a:fb:08:6c:ea:d8: 4f:bf:86:6c:45:51:55:2f:c0:b9:54:92:d7:5e:32: 02:67:62:f6:76:36:e1:a6:38:93:93:31:4c:34:00: 04:9d:84:05:09:89:f4:f0:18:97:db:6b:ab:58:f3: bc:02:d7:33:ac:94:8c:47:b8:20:22:e9:5e:f9:1e: ee:55:ba:d2:9b:c6:32:95:0a:09:ed:61:13:86:41: 39:ce:91:00:ce:49:b7:51:ca:ab:cd:50:ea:17:cf: 02:25:1b:fc:de:66:7e:cb:2d:6f:19:9e:67:cf:c5: 9e:87:82:9d:0e:5d:d6:e6:48:51:a5:86:79:4b:63: 71:f3:7b:3e:b4:7c:a2:cb:2f:25:93:85:41:da:ca: 4a:95:d1:5e:59:a8:24:0f:34:00:49:fc:5d:5b:fc: 19:ea:53:10:8b:e8:44:93:03:c9:59:cb:e9:4d:ce: b9:f7:ba:1e:0e:82:18:c4:6e:5d:d8:b5:f0:4a:60: db:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:E1:71:2D:2D:FA:16:16:02:CF:67:5B:57:55:9A:45:93:18:55:89 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/QOFxLS36FhYCz2dbV1WaRZMYVYk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.79.251.0/24 Signature Algorithm: sha256WithRSAEncryption a3:86:69:ac:ab:b8:74:b3:56:56:14:f8:11:05:4e:c1:f4:6e: 0e:be:64:59:c3:b3:71:a5:a5:61:90:c6:05:1a:c1:c2:2d:ad: ad:c8:77:64:b2:07:51:b2:72:c2:53:94:e7:bf:8e:57:bb:d1: 38:51:8a:df:45:2d:3e:33:50:28:f0:bd:bc:c5:d4:6c:e9:c9: d9:ce:2f:f2:b4:ec:0e:0c:3e:c1:fe:16:02:de:86:76:45:f4: 54:77:8d:ff:e6:dc:c0:45:b4:14:00:8e:8a:3c:5f:e0:5c:ae: 7e:dc:63:04:be:1f:3f:1c:a5:64:6a:09:f7:7c:0f:d2:07:92: 6b:91:b7:86:18:82:98:9a:08:ed:65:84:bc:31:0f:bb:01:6a: cd:eb:9b:85:c6:f2:e3:7e:63:e7:f3:5f:cd:db:64:2e:3a:a1: fa:f4:19:01:10:a4:71:df:68:6f:d9:12:f2:e8:ae:d1:63:76: 2f:44:37:2b:0f:92:81:f7:84:5d:c8:91:6d:0b:1f:9c:d5:3d: 84:40:cc:bc:dc:db:a5:b5:d2:e9:7b:e6:cf:2c:fc:25:44:da: 46:5b:91:46:f3:33:fd:28:4e:0a:a5:de:f1:5a:b3:8f:88:c7: c5:da:10:61:74:0b:ab:b4:bb:d7:17:91:52:85:ed:1b:95:f5: bd:18:06:8d -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICEAwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQwRTE3MTJEMkRGQTE2 MTYwMkNGNjc1QjU3NTU5QTQ1OTMxODU1ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJVSE4AlDaTMguR/YfUmGgNGXgjECmjMsAXGnIotwXkLw2cB3S vmSX2gryJ1eAjqUlD2qU2KSwF06+jhGnr1kZD2KPlHr7CGzq2E+/hmxFUVUvwLlU ktdeMgJnYvZ2NuGmOJOTMUw0AASdhAUJifTwGJfba6tY87wC1zOslIxHuCAi6V75 Hu5VutKbxjKVCgntYROGQTnOkQDOSbdRyqvNUOoXzwIlG/zeZn7LLW8ZnmfPxZ6H gp0OXdbmSFGlhnlLY3Hzez60fKLLLyWThUHaykqV0V5ZqCQPNABJ/F1b/BnqUxCL 6ESTA8lZy+lNzrn3uh4OghjEbl3YtfBKYNuRAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUQOFxLS36FhYCz2dbV1WaRZMYVYkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1FPRnhMUzM2RmhZQ3oyZGJWMVdhUlpN WVZZay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADLT/swDQYJ KoZIhvcNAQELBQADggEBAKOGaayruHSzVlYU+BEFTsH0bg6+ZFnDs3GlpWGQxgUa wcItra3Id2SyB1GycsJTlOe/jle70ThRit9FLT4zUCjwvbzF1GzpydnOL/K07A4M PsH+FgLehnZF9FR3jf/m3MBFtBQAjoo8X+Bcrn7cYwS+Hz8cpWRqCfd8D9IHkmuR t4YYgpiaCO1lhLwxD7sBas3rm4XG8uN+Y+fzX83bZC46ofr0GQEQpHHfaG/ZEvLo rtFjdi9ENysPkoH3hF3IkW0LH5zVPYRAzLzc26W10ul75s8s/CVE2kZbkUbzM/0o Tgql3vFas4+Ix8XaEGF0C6u0u9cXkVKF7RuV9b0YBo0= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:31 2024 by rpki-client on console-ams.rpki-client.org