$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/JSSO2yedjvMtr2gwByd8u0LoVnI.roa File: JSSO2yedjvMtr2gwByd8u0LoVnI.roa (raw, json) Hash identifier: etGiqjY1MG7xOv2nyunXEvLs4aY4gR00+NBPD/0l6BU= Subject key identifier: 25:24:8E:DB:27:9D:8E:F3:2D:AF:68:30:07:27:7C:BB:42:E8:56:72 Certificate issuer: /CN=3122A9292CC930152ADE5A25848C1BDC4044C902 Certificate serial: 039D Authority key identifier: 31:22:A9:29:2C:C9:30:15:2A:DE:5A:25:84:8C:1B:DC:40:44:C9:02 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MSKpKSzJMBUq3lolhIwb3EBEyQI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/JSSO2yedjvMtr2gwByd8u0LoVnI.roa Signing time: Mon 26 Aug 2024 05:23:07 +0000 ROA not before: Mon 26 Aug 2024 05:23:07 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 31972 IP address blocks: 2406:ce40::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/MSKpKSzJMBUq3lolhIwb3EBEyQI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/MSKpKSzJMBUq3lolhIwb3EBEyQI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/MSKpKSzJMBUq3lolhIwb3EBEyQI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 925 (0x39d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3122A9292CC930152ADE5A25848C1BDC4044C902 Validity Not Before: Aug 26 05:23:07 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=25248EDB279D8EF32DAF683007277CBB42E85672 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:72:6f:2a:da:fb:af:c3:70:dd:e3:d9:b9:13: 1c:99:ed:32:ba:75:b7:f7:bb:e6:ca:bc:81:b7:96: dd:a8:99:db:85:1e:93:92:52:76:01:ff:fd:3b:85: 99:f1:5c:30:f3:17:e9:15:87:e2:53:7d:2f:02:c9: 7f:ec:a1:ff:ec:3a:9f:a4:ed:ca:88:ea:93:65:79: ed:38:3b:85:30:8a:6d:e3:c6:e8:b0:6a:9b:e3:d1: 63:ff:de:82:13:aa:01:95:a3:99:76:5f:5a:97:4d: 47:d3:48:9c:7f:9d:fe:8a:e3:c1:b7:9c:dd:2f:8a: 6f:91:86:25:fb:50:14:32:00:16:9c:cb:e4:a2:9e: dc:b7:56:58:5f:43:0b:67:24:55:0e:b7:c6:21:40: d3:eb:43:11:99:e9:3b:15:02:a9:c6:89:23:c5:98: ec:c3:00:13:aa:7c:ea:3d:b6:34:99:5c:03:de:e9: b4:fb:48:68:9f:0f:1a:56:48:15:d3:ad:4f:a4:20: ff:45:56:1a:42:79:78:11:27:7b:57:3e:ec:a8:18: b3:4c:de:47:52:3d:44:5c:c7:7b:82:71:3c:65:47: 36:da:d3:66:2c:8e:f3:10:64:d0:b5:d0:c2:5c:cb: 60:bc:10:57:7b:f9:10:dd:71:86:73:ce:59:41:aa: 02:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:24:8E:DB:27:9D:8E:F3:2D:AF:68:30:07:27:7C:BB:42:E8:56:72 X509v3 Authority Key Identifier: keyid:31:22:A9:29:2C:C9:30:15:2A:DE:5A:25:84:8C:1B:DC:40:44:C9:02 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/MSKpKSzJMBUq3lolhIwb3EBEyQI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MSKpKSzJMBUq3lolhIwb3EBEyQI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/JSSO2yedjvMtr2gwByd8u0LoVnI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:ce40::/32 Signature Algorithm: sha256WithRSAEncryption 32:d4:6d:4e:f9:78:aa:2f:18:de:a1:f8:8b:0a:a2:7c:84:65: d0:aa:a9:25:96:3a:fb:e9:54:4b:7b:4d:c1:40:f5:4b:4b:08: 9e:3e:da:67:70:b5:6f:53:b7:a3:5d:df:74:3d:d8:74:47:62: b6:7c:2f:2d:61:f1:a6:7b:d1:d8:84:78:33:26:84:8f:72:ab: 84:9b:b5:0b:b3:e4:96:d0:6d:b6:04:2f:18:fb:f9:b7:da:9a: e1:d9:3b:e0:89:b5:cc:cc:66:77:78:9a:e9:a7:ff:6d:2a:ea: 10:71:8d:0b:db:1b:18:c3:b8:76:f9:7b:07:65:29:fb:0e:67: b1:5c:5d:fa:ff:97:e5:eb:d5:65:02:bf:04:3f:d5:e5:fb:5f: af:9b:5f:a1:20:0a:eb:47:93:6e:80:ee:22:ed:e3:c8:b0:6e: cf:b1:c1:75:ca:d4:ef:27:57:7c:88:a7:59:b2:88:84:71:4a: d7:49:2d:27:53:d8:7c:cf:fb:0c:a5:7f:86:7a:50:1f:f1:6a: 5a:11:94:8d:4a:df:81:2b:ca:43:14:c3:1a:83:ef:22:9e:79: 5d:66:ee:6d:20:a4:f8:1f:b7:ef:a3:c4:88:f2:9c:d0:05:49: 2e:b6:f9:43:d7:2b:4b:ec:28:da:3f:2a:00:07:14:a7:6c:44: ca:b9:13:13 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICA50wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEy MkE5MjkyQ0M5MzAxNTJBREU1QTI1ODQ4QzFCREM0MDQ0QzkwMjAeFw0yNDA4MjYw NTIzMDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI1MjQ4RURCMjc5RDhF RjMyREFGNjgzMDA3Mjc3Q0JCNDJFODU2NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCscm8q2vuvw3Dd49m5ExyZ7TK6dbf3u+bKvIG3lt2omduFHpOS UnYB//07hZnxXDDzF+kVh+JTfS8CyX/sof/sOp+k7cqI6pNlee04O4Uwim3jxuiw apvj0WP/3oITqgGVo5l2X1qXTUfTSJx/nf6K48G3nN0vim+RhiX7UBQyABacy+Si nty3VlhfQwtnJFUOt8YhQNPrQxGZ6TsVAqnGiSPFmOzDABOqfOo9tjSZXAPe6bT7 SGifDxpWSBXTrU+kIP9FVhpCeXgRJ3tXPuyoGLNM3kdSPURcx3uCcTxlRzba02Ys jvMQZNC10MJcy2C8EFd7+RDdcYZzzllBqgKDAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUJSSO2yedjvMtr2gwByd8u0LoVnIwHwYDVR0jBBgwFoAUMSKpKSzJMBUq3lol hIwb3EBEyQIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVT Q09NL01TS3BLU3pKTUJVcTNsb2xoSXdiM0VCRXlRSS5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvTVNLcEtTekpNQlVxM2xvbGhJd2IzRUJFeVFJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVTQ09NL0pTU08yeWVkanZN dHIyZ3dCeWQ4dTBMb1ZuSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkBs5AMA0GCSqGSIb3DQEBCwUAA4IBAQAy1G1O+XiqLxjeofiLCqJ8hGXQ qqklljr76VRLe03BQPVLSwiePtpncLVvU7ejXd90Pdh0R2K2fC8tYfGme9HYhHgz JoSPcquEm7ULs+SW0G22BC8Y+/m32prh2TvgibXMzGZ3eJrpp/9tKuoQcY0L2xsY w7h2+XsHZSn7DmexXF36/5fl69VlAr8EP9Xl+1+vm1+hIArrR5NugO4i7ePIsG7P scF1ytTvJ1d8iKdZsoiEcUrXSS0nU9h8z/sMpX+GelAf8WpaEZSNSt+BK8pDFMMa g+8innldZu5tIKT4H7fvo8SI8pzQBUkutvlD1ytL7CjaPyoABxSnbETKuRMT -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:53 2024 by rpki-client on console-fra.rpki-client.org