$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/nu9uV-Z-ofeegc1MXrrpQU8yAkc.roa File: nu9uV-Z-ofeegc1MXrrpQU8yAkc.roa (raw, json) Hash identifier: 3BvwES0d6jWYvrF0dDYGY8TvK7/vXGGgg+taSbLfZMg= Subject key identifier: 9E:EF:6E:57:E6:7E:A1:F7:9E:81:CD:4C:5E:BA:E9:41:4F:32:02:47 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1099 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nu9uV-Z-ofeegc1MXrrpQU8yAkc.roa Signing time: Mon 26 Aug 2024 05:16:36 +0000 ROA not before: Mon 26 Aug 2024 05:16:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131591 IP address blocks: 223.22.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4249 (0x1099) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 26 05:16:36 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9EEF6E57E67EA1F79E81CD4C5EBAE9414F320247 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:5e:b6:61:00:fc:7c:a8:23:c8:2d:04:fc:d7: 1a:99:5e:c6:7a:18:ed:f5:2c:1c:a5:4f:33:c9:2c: a7:25:b2:d0:32:ed:76:21:f0:05:fa:1b:4e:ef:db: b2:48:78:c6:b1:25:d7:da:69:7e:1b:6c:45:3b:0f: 94:5e:bc:92:fd:17:b3:22:70:fb:1a:04:b9:85:23: 1d:dc:96:17:94:4b:d3:12:3c:0c:b6:28:7f:12:d4: dd:f6:5c:71:5b:ed:a7:53:45:c7:1e:4b:3f:11:7d: d7:2a:be:e8:d5:88:85:33:bf:bb:86:06:3c:73:90: 1f:af:be:a5:8d:3f:dd:4a:25:1f:21:37:c5:8b:ce: 40:52:59:c1:47:a7:3d:ab:5c:5d:e3:66:be:79:3d: fa:e4:3b:b4:e4:15:c6:7f:7b:82:b9:d5:f1:b1:57: be:ca:1b:c5:94:c1:e2:74:cc:41:59:43:d9:a9:cc: 37:54:65:a2:4c:f2:ab:75:55:b9:2e:16:7f:68:1b: a6:2d:97:37:a6:8e:1b:6d:9e:da:58:1e:4a:00:b3: ee:ec:a5:a4:48:df:c0:65:be:c5:b2:2e:14:cd:1f: f9:6d:16:66:15:d7:4d:48:5e:1c:d5:80:f0:88:41: 31:f1:dd:5c:d8:70:3f:39:87:67:67:9c:d4:3f:e0: 04:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:EF:6E:57:E6:7E:A1:F7:9E:81:CD:4C:5E:BA:E9:41:4F:32:02:47 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nu9uV-Z-ofeegc1MXrrpQU8yAkc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.22.0.0/16 Signature Algorithm: sha256WithRSAEncryption 50:2d:09:1b:23:7b:a1:d7:96:22:dd:a8:b6:0c:db:ba:15:0b: ae:da:a7:f0:9d:28:58:f4:2a:30:e6:f3:e5:a0:6b:45:b2:13: a4:33:09:c0:eb:d1:70:e4:7e:c8:70:ee:01:a8:24:82:bb:bf: c2:42:88:68:b4:e5:fe:8c:5e:9c:9f:11:ec:fa:60:a5:b5:e5: 94:b0:68:d1:ac:b7:e6:12:f4:66:25:80:5d:fb:52:20:bc:57: 23:23:63:b5:e1:df:66:22:a5:44:8b:b7:2c:41:82:4e:cb:d6: f5:fc:bb:04:ac:18:53:44:e4:9a:35:fe:e9:a7:80:ad:51:b5: 54:f5:a6:6c:e5:02:06:c3:52:83:cf:1b:a6:e3:96:b2:f6:95: bc:ed:53:da:0c:19:9b:e0:28:9f:8b:fa:da:8c:c3:e2:8d:df: 07:d0:27:b1:e6:76:6f:3b:ac:31:17:fe:1a:2b:b8:b5:bb:79: d5:07:16:30:14:34:ae:ab:7f:80:55:5c:d5:b8:77:62:07:40: ff:54:db:3f:89:b6:cd:c1:84:10:2d:fc:bb:1f:e2:49:39:4e: 7c:5b:68:5a:ee:62:db:5b:ae:6b:5a:13:8e:38:37:f0:1a:26: b8:b3:ed:c0:f9:e7:d0:13:cf:ea:47:5c:e5:be:45:aa:32:5e: 08:ed:7f:7b -----BEGIN CERTIFICATE----- MIIEyzCCA7OgAwIBAgICEJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw NTE2MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlFRUY2RTU3RTY3RUEx Rjc5RTgxQ0Q0QzVFQkFFOTQxNEYzMjAyNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2XrZhAPx8qCPILQT81xqZXsZ6GO31LBylTzPJLKclstAy7XYh 8AX6G07v27JIeMaxJdfaaX4bbEU7D5RevJL9F7MicPsaBLmFIx3clheUS9MSPAy2 KH8S1N32XHFb7adTRcceSz8RfdcqvujViIUzv7uGBjxzkB+vvqWNP91KJR8hN8WL zkBSWcFHpz2rXF3jZr55PfrkO7TkFcZ/e4K51fGxV77KG8WUweJ0zEFZQ9mpzDdU ZaJM8qt1VbkuFn9oG6YtlzemjhttntpYHkoAs+7spaRI38BlvsWyLhTNH/ltFmYV 101IXhzVgPCIQTHx3VzYcD85h2dnnNQ/4AT5AgMBAAGjggHnMIIB4zAdBgNVHQ4E FgQUnu9uV+Z+ofeegc1MXrrpQU8yAkcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL251OXVWLVotb2ZlZWdjMU1YcnJwUVU4 eUFrYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDfFjANBgkq hkiG9w0BAQsFAAOCAQEAUC0JGyN7odeWIt2otgzbuhULrtqn8J0oWPQqMObz5aBr RbITpDMJwOvRcOR+yHDuAagkgru/wkKIaLTl/oxenJ8R7PpgpbXllLBo0ay35hL0 ZiWAXftSILxXIyNjteHfZiKlRIu3LEGCTsvW9fy7BKwYU0TkmjX+6aeArVG1VPWm bOUCBsNSg88bpuOWsvaVvO1T2gwZm+Aon4v62ozD4o3fB9AnseZ2bzusMRf+Giu4 tbt51QcWMBQ0rqt/gFVc1bh3YgdA/1TbP4m2zcGEEC38ux/iSTlOfFtoWu5i21uu a1oTjjg38BomuLPtwPnn0BPP6kdc5b5FqjJeCO1/ew== -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:38 2024 by rpki-client on console-fra.rpki-client.org