$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/l3qoay7US39OfV25RN3BOuADms4.roa File: l3qoay7US39OfV25RN3BOuADms4.roa (raw, json) Hash identifier: v2rZ7gClg+MYtCbhtutBJ4FWvosNeaPrSQs8n7Zpjag= Subject key identifier: 97:7A:A8:6B:2E:D4:4B:7F:4E:7D:5D:B9:44:DD:C1:3A:E0:03:9A:CE Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 16B7 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/l3qoay7US39OfV25RN3BOuADms4.roa Signing time: Mon 26 Aug 2024 05:22:32 +0000 ROA not before: Mon 26 Aug 2024 05:22:32 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 220.228.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5815 (0x16b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 26 05:22:32 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=977AA86B2ED44B7F4E7D5DB944DDC13AE0039ACE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:34:28:54:0e:74:26:12:00:50:96:49:75:39: ec:6b:b6:af:82:76:ca:b8:2b:22:4e:5b:2e:fd:84: 0a:c3:67:5f:61:c3:00:e8:21:52:59:a8:1f:6b:35: 49:65:aa:f5:b5:46:dc:70:63:0a:25:43:0a:a5:70: ca:ae:53:05:93:9e:bf:ea:6c:ad:f6:6a:59:51:9b: 57:48:fc:83:0e:c2:92:da:dc:d1:0e:70:9e:e0:fe: 26:96:6a:bf:fd:57:e3:62:e0:9e:ce:ec:3f:17:85: b3:fb:a0:3b:77:aa:2f:c0:f1:77:35:e8:68:af:ad: 37:5a:73:fd:2e:70:77:22:5c:cc:89:e1:bf:d7:27: 76:23:fe:d5:ca:f4:cf:d3:3d:0e:52:34:68:c9:86: 64:dc:eb:2a:64:fe:e3:cf:51:57:e8:14:39:8c:96: 91:7c:c1:93:0c:37:8b:ab:29:e7:49:b2:11:f4:90: fd:63:4d:4a:1d:8d:fe:28:f2:ca:a7:d8:ba:76:33: 73:bc:ca:16:52:39:6a:29:a0:84:27:0e:17:6e:c3: 65:6a:55:85:d4:0b:9c:97:3e:fa:8c:ec:9a:57:47: 7f:21:13:95:58:79:36:6f:a0:fe:d7:51:8a:63:1d: da:6f:54:9a:97:09:b8:02:a3:fa:87:f6:67:dd:eb: 97:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:7A:A8:6B:2E:D4:4B:7F:4E:7D:5D:B9:44:DD:C1:3A:E0:03:9A:CE X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/l3qoay7US39OfV25RN3BOuADms4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.228.0.0/15 Signature Algorithm: sha256WithRSAEncryption b9:44:7f:ac:80:b9:b9:34:12:26:80:9d:58:1a:8f:ab:45:db: 62:4d:f8:93:91:35:df:c5:b1:59:ca:89:85:5c:de:33:b5:70: e8:d2:fb:d0:38:36:b5:5b:61:ab:de:93:99:8e:8c:94:cf:95: fe:9b:5a:92:79:ee:e0:cc:55:3f:26:17:f9:31:10:c3:56:3d: 56:a1:40:db:5a:e2:07:dd:ff:17:c2:88:26:f1:77:9b:40:a9: e6:46:25:04:58:a4:db:8c:44:1f:18:5a:30:b1:17:73:60:79: 15:e1:58:39:6f:75:22:ae:fd:a5:83:91:0e:20:53:e3:6a:71: ff:99:86:f9:ce:1f:24:72:b1:0f:00:48:23:a4:0f:ba:1e:21: b8:6f:ba:5d:41:f6:71:7e:19:28:f4:86:c7:44:8d:2b:bf:e4: f2:05:ad:1d:5c:88:b0:f4:8c:84:81:ac:8b:3b:6e:5a:57:99: 81:3e:81:5e:8a:dd:5e:cc:a0:26:80:ac:b2:2c:e5:be:49:73: 0a:6e:39:6c:b4:04:06:0c:4c:bb:ff:10:4a:ec:82:39:3e:03: 88:99:39:d0:64:74:4d:05:bb:95:9e:83:98:1f:ba:3e:5f:b3: 78:a8:b2:33:ef:12:da:9c:ad:1a:1d:c8:47:8d:a4:17:5c:8f: 97:ec:df:18 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICFrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw NTIyMzJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk3N0FBODZCMkVENDRC N0Y0RTdENURCOTQ0RERDMTNBRTAwMzlBQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/NChUDnQmEgBQlkl1Oexrtq+Cdsq4KyJOWy79hArDZ19hwwDo IVJZqB9rNUllqvW1RtxwYwolQwqlcMquUwWTnr/qbK32allRm1dI/IMOwpLa3NEO cJ7g/iaWar/9V+Ni4J7O7D8XhbP7oDt3qi/A8Xc16GivrTdac/0ucHciXMyJ4b/X J3Yj/tXK9M/TPQ5SNGjJhmTc6ypk/uPPUVfoFDmMlpF8wZMMN4urKedJshH0kP1j TUodjf4o8sqn2Lp2M3O8yhZSOWopoIQnDhduw2VqVYXUC5yXPvqM7JpXR38hE5VY eTZvoP7XUYpjHdpvVJqXCbgCo/qH9mfd65edAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUl3qoay7US39OfV25RN3BOuADms4wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbDNxb2F5N1VTMzlPZlYyNVJOM0JP dUFEbXM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAdzkMA0G CSqGSIb3DQEBCwUAA4IBAQC5RH+sgLm5NBImgJ1YGo+rRdtiTfiTkTXfxbFZyomF XN4ztXDo0vvQODa1W2Gr3pOZjoyUz5X+m1qSee7gzFU/Jhf5MRDDVj1WoUDbWuIH 3f8Xwogm8XebQKnmRiUEWKTbjEQfGFowsRdzYHkV4Vg5b3Uirv2lg5EOIFPjanH/ mYb5zh8kcrEPAEgjpA+6HiG4b7pdQfZxfhko9IbHRI0rv+TyBa0dXIiw9IyEgayL O25aV5mBPoFeit1ezKAmgKyyLOW+SXMKbjlstAQGDEy7/xBK7II5PgOImTnQZHRN BbuVnoOYH7o+X7N4qLIz7xLanK0aHchHjaQXXI+X7N8Y -----END CERTIFICATE-----Generated at Fri Nov 22 14:13:12 2024 by rpki-client on console-fra.rpki-client.org