$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NSS/bLT5p9rV5P8CKWS5UfZZ4s5IXYM.roa File: bLT5p9rV5P8CKWS5UfZZ4s5IXYM.roa (raw, json) Hash identifier: RtcTbH4LUuKGQXeSsnH/7C5qaitPtkZUihXIyRaRDuc= Subject key identifier: 6C:B4:F9:A7:DA:D5:E4:FF:02:29:64:B9:51:F6:59:E2:CE:48:5D:83 Certificate issuer: /CN=7957076E29BFC1648EFF71A398BAAC4A9E886820 Certificate serial: 0C0D Authority key identifier: 79:57:07:6E:29:BF:C1:64:8E:FF:71:A3:98:BA:AC:4A:9E:88:68:20 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/eVcHbim_wWSO_3GjmLqsSp6IaCA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/bLT5p9rV5P8CKWS5UfZZ4s5IXYM.roa Signing time: Mon 26 Aug 2024 05:23:16 +0000 ROA not before: Mon 26 Aug 2024 05:23:16 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131626 IP address blocks: 2403:f3c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/eVcHbim_wWSO_3GjmLqsSp6IaCA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/eVcHbim_wWSO_3GjmLqsSp6IaCA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/eVcHbim_wWSO_3GjmLqsSp6IaCA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3085 (0xc0d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7957076E29BFC1648EFF71A398BAAC4A9E886820 Validity Not Before: Aug 26 05:23:16 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=6CB4F9A7DAD5E4FF022964B951F659E2CE485D83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:b4:5a:ed:e3:9c:f8:a6:43:ea:b1:87:2f:b7: 45:86:ad:cc:ab:3d:3d:ec:bd:b1:82:07:dd:6d:0a: 17:3d:30:6a:01:5b:a7:15:ce:95:19:39:12:ae:87: 6a:c2:82:3d:06:66:5f:80:7a:ea:aa:c2:3c:7a:99: 7c:0a:4e:9a:92:b3:1a:e2:a7:e6:64:b9:2b:e7:f6: e0:f4:b7:10:07:c7:1e:a5:24:64:24:e5:af:1a:99: a8:3f:12:bd:94:58:7d:56:9a:a8:a6:fd:9e:d5:38: b0:6b:a7:da:f9:fe:31:7c:a8:95:33:ac:c9:91:ca: 95:3d:87:1f:fb:81:99:a3:94:a1:ea:90:75:1d:16: d4:19:3f:f3:57:53:35:6d:f6:5d:d4:a2:16:4c:75: c9:5c:86:fa:c9:2d:59:ce:00:e9:04:d7:cd:c3:2e: e4:4a:0e:99:5b:fb:1f:8d:f4:4c:d4:a1:97:f1:15: 30:79:8c:8c:e2:09:91:9d:61:b6:28:94:15:48:86: 63:9b:3b:78:f8:46:ab:6d:3c:ec:78:13:4b:44:6b: b7:2b:bf:f3:1d:06:a0:ff:22:30:22:eb:da:81:2f: 8e:87:78:27:33:49:1a:58:98:6c:42:d8:4e:f1:83: d7:5b:4d:1d:b1:d1:06:18:fc:ee:39:00:b5:c5:70: 49:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:B4:F9:A7:DA:D5:E4:FF:02:29:64:B9:51:F6:59:E2:CE:48:5D:83 X509v3 Authority Key Identifier: keyid:79:57:07:6E:29:BF:C1:64:8E:FF:71:A3:98:BA:AC:4A:9E:88:68:20 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/eVcHbim_wWSO_3GjmLqsSp6IaCA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/eVcHbim_wWSO_3GjmLqsSp6IaCA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NSS/bLT5p9rV5P8CKWS5UfZZ4s5IXYM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:f3c0::/32 Signature Algorithm: sha256WithRSAEncryption a4:57:59:45:9c:49:ca:3e:87:35:c4:5b:65:54:8f:3c:2c:89: 2b:1d:e3:57:54:5e:f6:38:27:45:31:79:56:3d:00:fe:28:ea: 99:eb:e1:ce:80:35:8a:c6:29:ec:fd:c9:df:c2:64:92:7a:fa: 78:4c:7d:f8:f2:45:70:e7:b9:20:95:72:4a:75:e2:8d:c7:2e: da:55:8a:ad:ba:58:fb:ee:cc:67:68:e6:4a:cc:be:c2:2a:ea: 9e:a3:12:2a:0f:82:7d:7a:ac:2c:4b:d5:ad:83:53:15:91:2b: 0f:2c:58:07:c1:37:79:fd:71:4f:cf:45:76:dd:7f:40:ee:1b: cf:73:c5:91:7f:e0:4c:11:40:ab:85:fd:00:83:61:a9:30:bb: 44:4c:f0:a7:4e:ea:0f:14:71:e6:75:d4:6b:41:50:b7:3a:59: 26:f1:83:49:7e:53:20:85:11:23:00:c8:09:fa:b3:74:64:5e: 6c:9a:9a:f3:ce:89:e3:23:76:70:56:1c:ce:08:db:51:d6:f5: 91:98:b3:8a:4f:eb:f7:5d:3e:07:53:cf:ce:f2:2c:38:5d:d3: 6a:c6:66:63:d1:c1:2e:22:c3:d5:26:e2:62:f3:1d:3a:01:43: 75:5f:7a:30:9d:a1:0f:2e:67:93:83:d1:ac:42:9b:3b:e6:d4: f0:29:e9:76 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICDA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzk1 NzA3NkUyOUJGQzE2NDhFRkY3MUEzOThCQUFDNEE5RTg4NjgyMDAeFw0yNDA4MjYw NTIzMTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDZDQjRGOUE3REFENUU0 RkYwMjI5NjRCOTUxRjY1OUUyQ0U0ODVEODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZtFrt45z4pkPqsYcvt0WGrcyrPT3svbGCB91tChc9MGoBW6cV zpUZORKuh2rCgj0GZl+Aeuqqwjx6mXwKTpqSsxrip+ZkuSvn9uD0txAHxx6lJGQk 5a8amag/Er2UWH1Wmqim/Z7VOLBrp9r5/jF8qJUzrMmRypU9hx/7gZmjlKHqkHUd FtQZP/NXUzVt9l3UohZMdclchvrJLVnOAOkE183DLuRKDplb+x+N9EzUoZfxFTB5 jIziCZGdYbYolBVIhmObO3j4RqttPOx4E0tEa7crv/MdBqD/IjAi69qBL46HeCcz SRpYmGxC2E7xg9dbTR2x0QYY/O45ALXFcEnBAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUbLT5p9rV5P8CKWS5UfZZ4s5IXYMwHwYDVR0jBBgwFoAUeVcHbim/wWSO/3Gj mLqsSp6IaCAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlNTL2VW Y0hiaW1fd1dTT18zR2ptTHFzU3A2SWFDQS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev ZVZjSGJpbV93V1NPXzNHam1McXNTcDZJYUNBLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvTlNTL2JMVDVwOXJWNVA4Q0tXUzVVZlpaNHM1 SVhZTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkA/PAMA0G CSqGSIb3DQEBCwUAA4IBAQCkV1lFnEnKPoc1xFtlVI88LIkrHeNXVF72OCdFMXlW PQD+KOqZ6+HOgDWKxins/cnfwmSSevp4TH348kVw57kglXJKdeKNxy7aVYqtulj7 7sxnaOZKzL7CKuqeoxIqD4J9eqwsS9Wtg1MVkSsPLFgHwTd5/XFPz0V23X9A7hvP c8WRf+BMEUCrhf0Ag2GpMLtETPCnTuoPFHHmddRrQVC3Olkm8YNJflMghREjAMgJ +rN0ZF5smprzzonjI3ZwVhzOCNtR1vWRmLOKT+v3XT4HU8/O8iw4XdNqxmZj0cEu IsPVJuJi8x06AUN1X3ownaEPLmeTg9GsQps75tTwKel2 -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:42 2024 by rpki-client on console-fra.rpki-client.org