$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/m9a-wZannTK8Pjf6cjpFYURq0Rg.roa File: m9a-wZannTK8Pjf6cjpFYURq0Rg.roa (raw, json) Hash identifier: bATt2Jw31kf0TQyWsxLCY1Asws2DCd2vffncJIbIOJc= Subject key identifier: 9B:D6:BE:C1:96:A7:9D:32:BC:3E:37:FA:72:3A:45:61:44:6A:D1:18 Certificate issuer: /CN=8A57D6F0354EA58A149352BF24330D6630702F9B Certificate serial: 85 Authority key identifier: 8A:57:D6:F0:35:4E:A5:8A:14:93:52:BF:24:33:0D:66:30:70:2F:9B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ilfW8DVOpYoUk1K_JDMNZjBwL5s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/m9a-wZannTK8Pjf6cjpFYURq0Rg.roa Signing time: Sat 19 Oct 2024 18:17:58 +0000 ROA not before: Sat 19 Oct 2024 18:17:58 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 399624 IP address blocks: 2401:97e0:a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/ilfW8DVOpYoUk1K_JDMNZjBwL5s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/ilfW8DVOpYoUk1K_JDMNZjBwL5s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ilfW8DVOpYoUk1K_JDMNZjBwL5s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 133 (0x85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8A57D6F0354EA58A149352BF24330D6630702F9B Validity Not Before: Oct 19 18:17:58 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9BD6BEC196A79D32BC3E37FA723A4561446AD118 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b1:5c:ba:7d:b7:5f:56:a8:65:0f:06:55:64: 85:4a:a8:5c:db:e7:d4:ba:9e:65:46:b2:f0:81:fc: 9c:53:60:73:84:20:9c:ca:48:b8:79:84:c4:65:c7: 6b:a4:8d:8a:07:33:43:f7:80:92:17:d3:15:36:55: 02:55:0a:5a:22:6f:b9:0c:44:58:15:a5:3b:b7:69: ec:5b:a5:75:08:99:a3:9b:43:7d:ac:16:ff:f8:6b: 74:5a:64:95:99:3c:b3:e2:f8:39:77:a6:18:7c:3b: e3:17:ef:a7:65:4d:e6:fb:d4:05:5f:c0:97:44:66: 6a:c8:7a:36:ea:b7:01:f2:1c:20:ba:6b:d5:df:3c: e5:03:46:66:a7:72:91:d0:20:73:4a:da:ca:80:83: 56:43:67:a9:8c:d5:7e:e0:07:d1:ae:0b:81:79:40: 64:7f:ba:76:9e:d9:d8:1e:d2:ac:2c:77:b0:5f:a5: f2:c7:07:cd:c5:9f:d6:0f:e4:72:8f:ad:55:9e:8c: fd:45:53:db:33:d1:43:3f:c7:1f:2d:4a:98:bd:2d: c8:a0:2d:c1:94:0f:be:22:a5:34:dc:27:96:b9:93: 20:1c:f0:2b:fa:1e:b2:97:e7:29:4a:29:a4:7e:4f: dc:2e:7c:04:53:88:78:1b:5c:ed:b2:49:b1:ed:0e: 9e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:D6:BE:C1:96:A7:9D:32:BC:3E:37:FA:72:3A:45:61:44:6A:D1:18 X509v3 Authority Key Identifier: keyid:8A:57:D6:F0:35:4E:A5:8A:14:93:52:BF:24:33:0D:66:30:70:2F:9B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/ilfW8DVOpYoUk1K_JDMNZjBwL5s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ilfW8DVOpYoUk1K_JDMNZjBwL5s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/m9a-wZannTK8Pjf6cjpFYURq0Rg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:97e0:a::/48 Signature Algorithm: sha256WithRSAEncryption 3c:0e:93:0b:9c:fe:d3:67:37:ca:35:89:b4:51:98:77:a0:3a: 99:4c:22:e6:02:0f:eb:d1:44:29:66:bf:77:c6:ca:15:d0:4b: 0d:4d:a9:2a:e2:ed:0e:aa:aa:6d:25:58:3c:24:87:f9:08:d4: 3b:21:38:c8:81:a2:8d:76:5e:fd:ba:0d:20:fc:d0:41:49:a5: e8:22:bb:e0:75:8d:50:f2:a2:6e:0b:00:50:03:7e:54:65:f2: 03:5a:0c:4d:b1:f2:ad:46:ab:a4:cc:d7:ec:b5:75:42:7b:ff: 23:80:fa:44:ee:ea:52:60:e1:ec:fa:c9:4c:07:e1:5c:cd:e2: 76:2e:3e:4c:14:1e:f5:1f:23:46:0e:6a:bc:20:64:1f:a3:51: d3:a8:88:81:52:99:8e:62:f2:3f:12:72:a6:25:cc:3a:41:23: 05:88:c9:4e:c0:31:46:e8:d7:c6:fe:f5:e3:3c:b4:64:0e:a3: 72:a5:50:9c:10:84:c6:ee:31:2f:d2:73:18:27:a6:26:a4:07: 13:b9:87:23:82:78:b9:9c:eb:95:55:8c:a4:55:ab:b3:aa:ce: af:72:56:66:48:4c:73:66:08:cf:bc:b8:40:09:56:96:c5:71: 3f:e1:bb:f3:10:50:53:9e:e6:7e:62:d2:ed:54:b7:47:a7:b5: 90:3a:45:d0 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICAIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEE1 N0Q2RjAzNTRFQTU4QTE0OTM1MkJGMjQzMzBENjYzMDcwMkY5QjAeFw0yNDEwMTkx ODE3NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlCRDZCRUMxOTZBNzlE MzJCQzNFMzdGQTcyM0E0NTYxNDQ2QUQxMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrsVy6fbdfVqhlDwZVZIVKqFzb59S6nmVGsvCB/JxTYHOEIJzK SLh5hMRlx2ukjYoHM0P3gJIX0xU2VQJVCloib7kMRFgVpTu3aexbpXUImaObQ32s Fv/4a3RaZJWZPLPi+Dl3phh8O+MX76dlTeb71AVfwJdEZmrIejbqtwHyHCC6a9Xf POUDRmancpHQIHNK2sqAg1ZDZ6mM1X7gB9GuC4F5QGR/unae2dge0qwsd7BfpfLH B83Fn9YP5HKPrVWejP1FU9sz0UM/xx8tSpi9LcigLcGUD74ipTTcJ5a5kyAc8Cv6 HrKX5ylKKaR+T9wufARTiHgbXO2ySbHtDp45AgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUm9a+wZannTK8Pjf6cjpFYURq0RgwHwYDVR0jBBgwFoAUilfW8DVOpYoUk1K/ JDMNZjBwL5swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElSVU4v aWxmVzhEVk9wWW9VazFLX0pETU5aakJ3TDVzLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9pbGZXOERWT3BZb1VrMUtfSkRNTlpqQndMNXMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi9tOWEtd1phbm5USzhQamY2Y2pw RllVUnEwUmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAGX 4AAKMA0GCSqGSIb3DQEBCwUAA4IBAQA8DpMLnP7TZzfKNYm0UZh3oDqZTCLmAg/r 0UQpZr93xsoV0EsNTakq4u0OqqptJVg8JIf5CNQ7ITjIgaKNdl79ug0g/NBBSaXo IrvgdY1Q8qJuCwBQA35UZfIDWgxNsfKtRqukzNfstXVCe/8jgPpE7upSYOHs+slM B+FczeJ2Lj5MFB71HyNGDmq8IGQfo1HTqIiBUpmOYvI/EnKmJcw6QSMFiMlOwDFG 6NfG/vXjPLRkDqNypVCcEITG7jEv0nMYJ6YmpAcTuYcjgni5nOuVVYykVauzqs6v clZmSExzZgjPvLhACVaWxXE/4bvzEFBTnuZ+YtLtVLdHp7WQOkXQ -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:52 2024 by rpki-client on console-fra.rpki-client.org