$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/mCj5xgRuR90ocwJeCnDzLqjH5Eo.roa File: mCj5xgRuR90ocwJeCnDzLqjH5Eo.roa (raw, json) Hash identifier: 6icI4fyxCOJrfnxFMcyxA/H6LZUYhYlY98FQfo2wFmg= Subject key identifier: 98:28:F9:C6:04:6E:47:DD:28:73:02:5E:0A:70:F3:2E:A8:C7:E4:4A Certificate issuer: /CN=8A57D6F0354EA58A149352BF24330D6630702F9B Certificate serial: 83 Authority key identifier: 8A:57:D6:F0:35:4E:A5:8A:14:93:52:BF:24:33:0D:66:30:70:2F:9B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ilfW8DVOpYoUk1K_JDMNZjBwL5s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/mCj5xgRuR90ocwJeCnDzLqjH5Eo.roa Signing time: Fri 18 Oct 2024 11:18:47 +0000 ROA not before: Fri 18 Oct 2024 11:18:47 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131147 IP address blocks: 2401:97e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/ilfW8DVOpYoUk1K_JDMNZjBwL5s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/ilfW8DVOpYoUk1K_JDMNZjBwL5s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ilfW8DVOpYoUk1K_JDMNZjBwL5s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 131 (0x83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8A57D6F0354EA58A149352BF24330D6630702F9B Validity Not Before: Oct 18 11:18:47 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9828F9C6046E47DD2873025E0A70F32EA8C7E44A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:37:9c:a9:86:86:f3:af:26:3d:ba:b9:65:c7: 89:c4:ef:f1:52:e3:aa:44:47:4c:6b:11:c2:c6:3f: 87:d7:6a:1e:80:84:e7:74:42:06:57:b3:e8:c9:bd: 81:25:36:a6:ee:e3:c2:0c:1a:ca:df:12:dc:45:a8: e7:40:bb:45:85:0b:79:58:13:b6:2b:c0:c1:2f:d3: 00:26:bc:14:99:f5:52:27:58:13:17:ad:b0:72:8c: ee:1e:08:53:cd:d4:7b:81:23:c2:b0:75:4a:69:a1: f4:00:82:aa:ce:48:84:81:7b:97:7c:99:7e:87:d2: 45:27:c0:d7:5c:ef:78:c5:5c:74:b6:91:58:cd:89: 81:f9:0b:91:b2:03:53:17:c9:62:ac:27:01:81:d5: 79:b2:53:84:55:e0:76:ea:be:45:da:49:65:c9:28: 58:1c:e7:e7:83:13:cd:89:1e:62:ed:78:fc:70:73: 3f:dd:17:f9:c4:08:96:59:0a:c5:e8:30:7c:78:c2: 70:a2:cd:80:f0:c4:c3:2b:c0:1c:47:04:96:8a:d4: 73:cf:f4:4e:f4:e7:9e:61:bd:13:ff:30:a0:f7:d5: c6:86:ee:a3:74:fd:b0:bb:00:43:3a:ff:5d:03:99: 59:3d:8b:33:1b:92:7f:80:63:0f:0b:b6:10:4b:5a: b3:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:28:F9:C6:04:6E:47:DD:28:73:02:5E:0A:70:F3:2E:A8:C7:E4:4A X509v3 Authority Key Identifier: keyid:8A:57:D6:F0:35:4E:A5:8A:14:93:52:BF:24:33:0D:66:30:70:2F:9B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/ilfW8DVOpYoUk1K_JDMNZjBwL5s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ilfW8DVOpYoUk1K_JDMNZjBwL5s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/mCj5xgRuR90ocwJeCnDzLqjH5Eo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:97e0::/48 Signature Algorithm: sha256WithRSAEncryption 96:76:df:31:99:8d:b0:30:5b:e4:80:e4:2a:13:2d:b4:64:30: a9:b9:49:1e:2b:76:58:b8:1e:c1:da:f8:60:46:ce:62:f5:ce: f1:66:5b:5b:bf:36:fd:be:42:43:47:c9:df:35:78:ce:4c:f5: f7:0d:a0:7b:5a:b6:8c:62:ac:83:42:a4:5e:68:89:f4:02:6c: c8:9b:2c:69:42:77:c0:d7:96:be:d5:f3:1c:ed:21:48:55:66: e4:ae:00:27:4b:5b:fa:14:ab:2e:74:86:83:9f:e9:92:06:dd: 30:d3:e4:b5:b7:96:6a:a1:61:9b:f0:59:24:78:f7:5b:f4:29: 10:cf:19:fa:71:44:af:05:09:bb:55:39:46:c6:c3:05:c7:63: 03:3a:ad:72:1e:af:39:3e:63:32:11:01:46:97:62:f5:56:78: 2b:16:59:1e:e2:a2:20:85:f5:42:75:9e:f4:c2:4c:0b:1f:07: 51:84:d1:f9:5f:ce:c8:19:7e:db:07:12:c5:75:7d:f5:42:d4: 2e:c9:3c:f2:17:70:c8:d4:eb:4a:68:47:eb:8f:72:25:79:b7: b7:96:63:71:2d:46:f3:3b:6b:6b:5a:4e:15:87:3c:41:c2:2c: 1c:49:ab:b5:ed:19:8f:b4:d0:07:f4:71:70:57:12:37:ad:be: d5:78:d6:43 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICAIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEE1 N0Q2RjAzNTRFQTU4QTE0OTM1MkJGMjQzMzBENjYzMDcwMkY5QjAeFw0yNDEwMTgx MTE4NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk4MjhGOUM2MDQ2RTQ3 REQyODczMDI1RTBBNzBGMzJFQThDN0U0NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrN5yphobzryY9urllx4nE7/FS46pER0xrEcLGP4fXah6AhOd0 QgZXs+jJvYElNqbu48IMGsrfEtxFqOdAu0WFC3lYE7YrwMEv0wAmvBSZ9VInWBMX rbByjO4eCFPN1HuBI8KwdUppofQAgqrOSISBe5d8mX6H0kUnwNdc73jFXHS2kVjN iYH5C5GyA1MXyWKsJwGB1XmyU4RV4HbqvkXaSWXJKFgc5+eDE82JHmLtePxwcz/d F/nECJZZCsXoMHx4wnCizYDwxMMrwBxHBJaK1HPP9E70555hvRP/MKD31caG7qN0 /bC7AEM6/10DmVk9izMbkn+AYw8LthBLWrMrAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUmCj5xgRuR90ocwJeCnDzLqjH5EowHwYDVR0jBBgwFoAUilfW8DVOpYoUk1K/ JDMNZjBwL5swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElSVU4v aWxmVzhEVk9wWW9VazFLX0pETU5aakJ3TDVzLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9pbGZXOERWT3BZb1VrMUtfSkRNTlpqQndMNXMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi9tQ2o1eGdSdVI5MG9jd0plQ25E ekxxakg1RW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAGX 4AAAMA0GCSqGSIb3DQEBCwUAA4IBAQCWdt8xmY2wMFvkgOQqEy20ZDCpuUkeK3ZY uB7B2vhgRs5i9c7xZltbvzb9vkJDR8nfNXjOTPX3DaB7WraMYqyDQqReaIn0AmzI myxpQnfA15a+1fMc7SFIVWbkrgAnS1v6FKsudIaDn+mSBt0w0+S1t5ZqoWGb8Fkk ePdb9CkQzxn6cUSvBQm7VTlGxsMFx2MDOq1yHq85PmMyEQFGl2L1VngrFlke4qIg hfVCdZ70wkwLHwdRhNH5X87IGX7bBxLFdX31QtQuyTzyF3DI1OtKaEfrj3Ilebe3 lmNxLUbzO2trWk4VhzxBwiwcSau17RmPtNAH9HFwVxI3rb7VeNZD -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:52 2024 by rpki-client on console-fra.rpki-client.org