$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/OJzwgbO-LrE-Q3vo6TQf9cFVBUQ.roa File: OJzwgbO-LrE-Q3vo6TQf9cFVBUQ.roa (raw, json) Hash identifier: 5HY64BA4wJMWIBLPPHw4gjunaFywpyKE8u9m8DJ5uro= Subject key identifier: 38:9C:F0:81:B3:BE:2E:B1:3E:43:7B:E8:E9:34:1F:F5:C1:55:05:44 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 1651 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/OJzwgbO-LrE-Q3vo6TQf9cFVBUQ.roa Signing time: Mon 26 Aug 2024 05:22:03 +0000 ROA not before: Mon 26 Aug 2024 05:22:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9919 IP address blocks: 123.205.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5713 (0x1651) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 26 05:22:03 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=389CF081B3BE2EB13E437BE8E9341FF5C1550544 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:6c:71:14:f1:91:60:70:d9:b8:1e:bb:0f:97: 3f:13:b9:87:d0:81:2a:0e:1f:3f:9e:b1:bc:9b:5e: d0:f2:5e:cc:58:1e:d3:b4:b1:8b:05:94:a8:43:b8: cc:8e:21:d6:0f:9e:9d:6c:9d:fc:8f:5d:b9:5b:c6: a0:5b:bc:4f:11:c0:80:00:bb:b3:4f:5e:ea:a8:b0: 8b:89:89:d2:45:96:04:6a:10:99:b4:9a:98:0e:46: c7:b1:c8:02:84:26:d2:b9:2f:a2:91:d0:18:51:a7: 91:84:d0:b8:a6:60:55:63:2b:cc:f0:a1:92:34:f7: ff:49:89:8b:8b:71:71:36:09:ea:08:7a:31:ce:3c: b1:fa:21:7f:d5:5f:ba:fc:40:42:9f:37:c5:14:a8: 1c:16:2b:55:d5:70:eb:46:1e:8b:b0:f3:e2:ef:d9: 0f:18:6d:9b:f5:c4:bf:7f:4a:44:27:f4:49:89:29: c2:61:f0:cb:b0:b1:e6:9c:a2:a9:61:04:70:be:2a: 84:cd:ae:34:e7:de:71:fc:c8:6f:28:25:c6:76:39: a6:8f:c7:0b:a4:a5:50:15:c6:58:0d:68:4b:12:a1: 3f:a9:f4:64:23:5c:03:c0:f2:94:09:11:30:ee:2f: 27:e0:e8:a5:04:ee:d5:10:fa:20:94:a4:75:58:c3: 46:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:9C:F0:81:B3:BE:2E:B1:3E:43:7B:E8:E9:34:1F:F5:C1:55:05:44 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/OJzwgbO-LrE-Q3vo6TQf9cFVBUQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.205.0.0/16 Signature Algorithm: sha256WithRSAEncryption 8a:69:49:85:6d:93:ee:39:4e:cb:23:31:44:43:88:f8:70:b0: 23:cf:b0:3f:b8:e4:df:5d:44:61:66:65:ab:8f:b2:ac:e1:ce: 7e:b7:57:45:0d:50:38:08:23:b1:91:64:96:ab:a0:dd:83:ef: 15:0f:b6:4b:f3:97:40:ca:99:a4:6f:eb:3d:1c:b1:73:8c:a7: 33:9e:40:54:f6:42:2e:b3:50:be:72:d5:03:1b:d9:d7:4d:5d: f4:5a:35:c5:42:81:f5:15:c4:a5:b3:7a:50:84:44:6a:a0:b2: f0:e8:fd:83:f8:ed:0d:8d:2e:4c:cd:f8:bc:de:f6:02:f7:9f: 4a:19:9d:c4:18:73:60:8f:9a:67:67:7d:2f:19:33:05:7b:2e: 15:36:63:51:77:a7:bd:61:fa:35:c5:56:b3:81:d0:fa:26:38: e7:b2:f8:a4:01:34:6a:ae:f2:5c:2d:e2:d6:d2:54:11:d6:64: 81:a9:19:c9:d0:3e:56:1a:c9:54:fd:a9:8f:b3:3a:4e:86:e1: 9a:54:52:5b:c3:08:97:a5:07:55:cf:a9:0d:80:74:6f:ee:ea: 35:23:a5:f4:07:d5:ee:ab:fb:04:08:2b:10:d1:63:ac:34:7e: 88:61:37:34:f2:8c:c1:e2:00:81:78:5f:c5:a1:2e:0b:61:56: 2a:bb:b3:b5 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICFlEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw NTIyMDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM4OUNGMDgxQjNCRTJF QjEzRTQzN0JFOEU5MzQxRkY1QzE1NTA1NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTbHEU8ZFgcNm4HrsPlz8TuYfQgSoOHz+esbybXtDyXsxYHtO0 sYsFlKhDuMyOIdYPnp1snfyPXblbxqBbvE8RwIAAu7NPXuqosIuJidJFlgRqEJm0 mpgORsexyAKEJtK5L6KR0BhRp5GE0LimYFVjK8zwoZI09/9JiYuLcXE2CeoIejHO PLH6IX/VX7r8QEKfN8UUqBwWK1XVcOtGHouw8+Lv2Q8YbZv1xL9/SkQn9EmJKcJh 8MuwseacoqlhBHC+KoTNrjTn3nH8yG8oJcZ2OaaPxwukpVAVxlgNaEsSoT+p9GQj XAPA8pQJETDuLyfg6KUE7tUQ+iCUpHVYw0anAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUOJzwgbO+LrE+Q3vo6TQf9cFVBUQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvT0p6d2diTy1MckUtUTN2bzZUUWY5 Y0ZWQlVRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHvNMA0G CSqGSIb3DQEBCwUAA4IBAQCKaUmFbZPuOU7LIzFEQ4j4cLAjz7A/uOTfXURhZmWr j7Ks4c5+t1dFDVA4CCOxkWSWq6Ddg+8VD7ZL85dAypmkb+s9HLFzjKcznkBU9kIu s1C+ctUDG9nXTV30WjXFQoH1FcSls3pQhERqoLLw6P2D+O0NjS5Mzfi83vYC959K GZ3EGHNgj5pnZ30vGTMFey4VNmNRd6e9Yfo1xVazgdD6JjjnsvikATRqrvJcLeLW 0lQR1mSBqRnJ0D5WGslU/amPszpOhuGaVFJbwwiXpQdVz6kNgHRv7uo1I6X0B9Xu q/sECCsQ0WOsNH6IYTc08ozB4gCBeF/FoS4LYVYqu7O1 -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:33 2024 by rpki-client on console-ams.rpki-client.org