$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/oIiFyBIDDun4tZE5U3f5Se4vZpQ.roa File: oIiFyBIDDun4tZE5U3f5Se4vZpQ.roa (raw, json) Hash identifier: rOjY4OFDMG7u15i6RFfZ6sH10Gg/f5qLSG+gLp7FOfQ= Subject key identifier: A0:88:85:C8:12:03:0E:E9:F8:B5:91:39:53:77:F9:49:EE:2F:66:94 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 0EDF Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/oIiFyBIDDun4tZE5U3f5Se4vZpQ.roa Signing time: Mon 26 Aug 2024 05:22:13 +0000 ROA not before: Mon 26 Aug 2024 05:22:13 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9919 IP address blocks: 192.72.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3807 (0xedf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Aug 26 05:22:13 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A08885C812030EE9F8B591395377F949EE2F6694 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:cc:30:73:d8:5c:6f:ab:f5:7d:85:2c:48:89: 04:50:6f:99:ef:ed:cd:4c:a8:64:f9:05:bc:38:b1: 0e:29:4a:3c:ff:6a:ba:dd:ab:c8:b7:e4:58:93:4d: f6:f2:ee:70:56:06:26:e1:2c:8d:b9:72:dd:a3:d8: 26:36:4d:ab:33:8f:b6:26:bf:b9:d5:93:eb:8b:32: 5e:6c:5c:4b:08:ab:c4:7e:95:37:85:16:3b:83:42: cf:8a:6f:32:6e:19:bf:2b:7a:32:56:a5:51:77:7f: 6b:c6:3a:a1:f5:91:94:b3:80:37:ca:fe:ef:3f:da: fc:74:9a:be:a3:56:5f:78:5f:d1:d7:76:38:80:be: f9:d6:31:05:ad:b1:67:d6:4d:df:b5:21:2f:b4:f4: c7:4d:b9:2e:c8:bf:4a:c7:bb:51:12:f0:d3:7d:af: 58:cb:00:b1:33:cd:08:38:f2:46:9e:1e:76:5c:b1: e1:52:58:69:46:f2:4d:8a:45:d6:0f:13:05:d7:1f: 31:d3:de:a3:8f:73:f1:11:df:8d:8b:2a:93:49:ab: 6f:95:3b:fb:06:39:b9:83:e0:66:18:b7:d6:e4:12: 94:02:36:52:88:53:80:94:20:37:f8:56:f3:8a:a3: cc:8d:27:36:51:d8:c3:43:7b:d6:04:98:d1:da:eb: 12:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:88:85:C8:12:03:0E:E9:F8:B5:91:39:53:77:F9:49:EE:2F:66:94 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/oIiFyBIDDun4tZE5U3f5Se4vZpQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.128.0/18 Signature Algorithm: sha256WithRSAEncryption 6e:50:97:31:0b:69:78:d9:2a:0a:c6:9f:9a:80:fd:6a:67:a6: 6a:41:05:23:78:03:9f:7c:b6:75:a2:b9:bd:5f:ba:b6:6b:45: 0d:fb:69:ef:51:b2:32:79:dc:56:14:09:6f:26:57:13:28:a0: ab:90:c6:f2:f5:36:1c:ea:31:83:f0:6b:6a:d1:12:d5:44:a3: 92:75:47:62:57:c6:46:16:35:75:46:fa:1e:0a:06:56:eb:aa: b4:d7:ad:4b:0b:be:8c:e0:a4:76:9a:75:aa:9c:72:e3:c5:f8: 88:5a:bd:91:b0:d6:90:9a:fc:ac:45:94:17:26:19:55:48:1c: 0a:9f:54:90:10:4b:d3:b1:fc:5f:0d:8f:31:52:e4:a7:c0:6f: 26:e5:98:b7:52:2c:55:4b:22:23:6f:d2:d8:ba:5f:94:32:a9: cd:14:65:42:12:0d:c6:88:c8:f8:a5:1a:f8:b5:23:b6:a6:b0: 86:7d:97:4e:d9:a3:de:b2:fe:4c:14:6a:95:1b:75:79:49:83: 2e:10:cb:05:80:68:8c:09:8b:2e:07:c5:cd:9d:0b:6e:3a:e0: f2:1c:af:0f:c7:94:a7:7a:86:55:24:cc:26:20:b6:1d:27:f4: e7:2e:7a:e9:ae:c1:9d:65:eb:a4:3e:e8:7f:c2:14:5e:a4:00: 75:5f:b0:6c -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNDA4MjYw NTIyMTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEwODg4NUM4MTIwMzBF RTlGOEI1OTEzOTUzNzdGOTQ5RUUyRjY2OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXzDBz2Fxvq/V9hSxIiQRQb5nv7c1MqGT5Bbw4sQ4pSjz/arrd q8i35FiTTfby7nBWBibhLI25ct2j2CY2Taszj7Ymv7nVk+uLMl5sXEsIq8R+lTeF FjuDQs+KbzJuGb8rejJWpVF3f2vGOqH1kZSzgDfK/u8/2vx0mr6jVl94X9HXdjiA vvnWMQWtsWfWTd+1IS+09MdNuS7Iv0rHu1ES8NN9r1jLALEzzQg48kaeHnZcseFS WGlG8k2KRdYPEwXXHzHT3qOPc/ER342LKpNJq2+VO/sGObmD4GYYt9bkEpQCNlKI U4CUIDf4VvOKo8yNJzZR2MNDe9YEmNHa6xI5AgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUoIiFyBIDDun4tZE5U3f5Se4vZpQwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvb0lpRnlCSUREdW40dFpFNVUzZjVT ZTR2WnBRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBsBIgDAN BgkqhkiG9w0BAQsFAAOCAQEAblCXMQtpeNkqCsafmoD9amemakEFI3gDn3y2daK5 vV+6tmtFDftp71GyMnncVhQJbyZXEyigq5DG8vU2HOoxg/BratES1USjknVHYlfG RhY1dUb6HgoGVuuqtNetSwu+jOCkdpp1qpxy48X4iFq9kbDWkJr8rEWUFyYZVUgc Cp9UkBBL07H8Xw2PMVLkp8BvJuWYt1IsVUsiI2/S2LpflDKpzRRlQhINxojI+KUa +LUjtqawhn2XTtmj3rL+TBRqlRt1eUmDLhDLBYBojAmLLgfFzZ0Lbjrg8hyvD8eU p3qGVSTMJiC2HSf05y566a7BnWXrpD7of8IUXqQAdV+wbA== -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:33 2024 by rpki-client on console-ams.rpki-client.org