$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/XHzIvX3sv9IYxF_Obs-bAdl0Reo.roa File: XHzIvX3sv9IYxF_Obs-bAdl0Reo.roa (raw, json) Hash identifier: gEi4roXrsCaJf3/YvIyS9vtRvPDwTkuy+pBYn5ZoRWM= Subject key identifier: 5C:7C:C8:BD:7D:EC:BF:D2:18:C4:5F:CE:6E:CF:9B:01:D9:74:45:EA Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 162E Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/XHzIvX3sv9IYxF_Obs-bAdl0Reo.roa Signing time: Mon 26 Aug 2024 05:21:52 +0000 ROA not before: Mon 26 Aug 2024 05:21:52 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 106.105.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5678 (0x162e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 26 05:21:52 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5C7CC8BD7DECBFD218C45FCE6ECF9B01D97445EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:21:39:37:74:dc:b9:f8:32:ff:c9:dd:81:8c: 66:ea:c7:1b:d8:e2:c7:44:e6:21:f3:6c:f1:4f:8c: 63:b1:f7:01:b6:ef:45:bb:44:37:f9:59:bc:1d:9b: 57:c1:ff:81:6a:3b:cb:04:ea:13:95:d8:99:6b:17: b3:c4:aa:66:73:80:9b:89:4e:19:f2:a5:76:c9:a6: fb:fe:a5:8d:f2:d1:a7:b8:f2:1a:b9:d9:79:24:ee: 57:1f:4d:bb:e0:a0:41:70:d8:7d:4b:6e:3b:dc:a9: ba:ae:21:d0:ad:e7:a9:23:e1:3e:fc:05:b2:f2:7a: b9:97:f1:2f:b4:33:83:c3:e8:15:88:b1:83:4b:6a: c2:39:e0:dd:6d:d9:fe:02:bf:e7:27:5f:58:c6:63: 3f:2a:5f:7d:ff:f8:bb:b2:20:40:93:7d:af:d7:56: 8c:70:cb:1b:79:e3:44:bf:65:12:c2:c7:c2:b1:62: c9:e3:c6:51:5f:15:f9:26:11:4a:75:4f:0b:56:44: 28:b3:b3:75:cb:3b:9e:28:2b:56:a0:4a:48:73:89: 3f:3b:b3:aa:3c:40:63:1b:4f:94:4b:aa:68:e3:c6: de:a4:73:fd:ca:46:09:5f:b4:df:43:b4:c3:39:e9: c3:5d:fc:14:2f:a0:85:5e:f0:19:e4:d5:08:0f:e1: 9f:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:7C:C8:BD:7D:EC:BF:D2:18:C4:5F:CE:6E:CF:9B:01:D9:74:45:EA X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/XHzIvX3sv9IYxF_Obs-bAdl0Reo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.105.249.0/24 Signature Algorithm: sha256WithRSAEncryption b5:c1:2c:fd:40:3b:ef:d9:ac:ca:ca:63:9c:72:e7:6f:4f:c9: 73:b2:e2:e2:26:92:41:22:e8:86:0f:80:a4:4d:e5:81:58:de: da:72:9f:4d:e4:56:4d:ee:dd:9b:68:9c:93:ae:08:e5:9d:f1: 25:08:e3:b8:b4:24:e1:98:88:8b:47:1e:c8:e5:97:3d:ff:c7: 4b:15:15:d2:bb:34:80:5e:56:57:e6:31:23:e2:fe:4f:c0:d5: ee:86:e3:5e:6b:21:86:ad:35:cc:a8:da:7b:cc:ad:2b:ff:4f: 6b:93:56:2c:a7:e6:57:7a:2f:2d:7a:75:34:e4:bb:6d:05:0b: 38:8d:23:94:3e:28:14:c7:bc:2c:df:82:c7:2e:06:ae:75:de: 37:15:32:89:a3:4d:23:82:0d:7f:2a:9e:d5:0c:c6:e2:3b:f4: 73:66:d4:a3:d6:c6:57:13:f0:f6:be:db:79:ca:4e:5e:14:8b: ce:d0:8f:d5:49:ab:80:32:37:23:ed:ce:35:7f:02:6f:1e:dd: f8:a1:c6:6b:f9:ef:23:d1:b3:63:b2:e8:00:27:da:81:cb:2d: 24:0b:4c:2f:ea:02:76:52:84:56:2b:c3:63:14:27:41:a1:e7: fb:de:e0:51:98:75:78:7e:87:8e:8d:a0:59:5d:43:34:88:79: e3:bd:c0:38 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICFi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw NTIxNTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVDN0NDOEJEN0RFQ0JG RDIxOEM0NUZDRTZFQ0Y5QjAxRDk3NDQ1RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDoITk3dNy5+DL/yd2BjGbqxxvY4sdE5iHzbPFPjGOx9wG270W7 RDf5Wbwdm1fB/4FqO8sE6hOV2JlrF7PEqmZzgJuJThnypXbJpvv+pY3y0ae48hq5 2Xkk7lcfTbvgoEFw2H1LbjvcqbquIdCt56kj4T78BbLyermX8S+0M4PD6BWIsYNL asI54N1t2f4Cv+cnX1jGYz8qX33/+LuyIECTfa/XVoxwyxt540S/ZRLCx8KxYsnj xlFfFfkmEUp1TwtWRCizs3XLO54oK1agSkhziT87s6o8QGMbT5RLqmjjxt6kc/3K RglftN9DtMM56cNd/BQvoIVe8Bnk1QgP4Z9BAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUXHzIvX3sv9IYxF/Obs+bAdl0ReowHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWEh6SXZYM3N2OUlZeEZfT2JzLWJB ZGwwUmVvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGpp+TAN BgkqhkiG9w0BAQsFAAOCAQEAtcEs/UA779msyspjnHLnb0/Jc7Li4iaSQSLohg+A pE3lgVje2nKfTeRWTe7dm2ick64I5Z3xJQjjuLQk4ZiIi0ceyOWXPf/HSxUV0rs0 gF5WV+YxI+L+T8DV7objXmshhq01zKjae8ytK/9Pa5NWLKfmV3ovLXp1NOS7bQUL OI0jlD4oFMe8LN+Cxy4GrnXeNxUyiaNNI4INfyqe1QzG4jv0c2bUo9bGVxPw9r7b ecpOXhSLztCP1UmrgDI3I+3ONX8Cbx7d+KHGa/nvI9GzY7LoACfagcstJAtML+oC dlKEVivDYxQnQaHn+97gUZh1eH6Hjo2gWV1DNIh5473AOA== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:52 2024 by rpki-client on console-fra.rpki-client.org