$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bhLTcYyhljcTezxqEDjKM-4bOF4.roa File: bhLTcYyhljcTezxqEDjKM-4bOF4.roa (raw, json) Hash identifier: 2K7pfdsIEMb7dy/E1nPrcTA+f9H+yQAjiuK8nFExwyQ= Subject key identifier: 6E:12:D3:71:8C:A1:96:37:13:7B:3C:6A:10:38:CA:33:EE:1B:38:5E Certificate issuer: /CN=6E398C52CC2A079DA90148210AC85328C11BBE96 Certificate serial: 099E Authority key identifier: 6E:39:8C:52:CC:2A:07:9D:A9:01:48:21:0A:C8:53:28:C1:1B:BE:96 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bhLTcYyhljcTezxqEDjKM-4bOF4.roa Signing time: Mon 26 Aug 2024 05:23:44 +0000 ROA not before: Mon 26 Aug 2024 05:23:44 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131677 IP address blocks: 103.147.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bjmMUswqB52pAUghCshTKMEbvpY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bjmMUswqB52pAUghCshTKMEbvpY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2462 (0x99e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6E398C52CC2A079DA90148210AC85328C11BBE96 Validity Not Before: Aug 26 05:23:44 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=6E12D3718CA19637137B3C6A1038CA33EE1B385E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:23:bf:59:95:6a:8b:e0:ee:d6:2a:4a:61:f4: 9d:7b:c9:72:51:91:31:cc:0a:df:0e:7c:8b:29:d1: 30:58:90:03:90:a7:53:c8:17:c1:0b:dc:0b:e6:ba: 98:d3:d7:c1:c9:63:b3:12:7d:9d:b9:bd:34:04:e2: 3b:f8:34:7e:40:d9:00:d8:4c:83:69:b4:62:7f:3e: 97:79:60:a5:11:d2:0b:0f:b3:3a:a1:72:10:67:62: 70:62:36:1d:07:78:48:3f:db:4b:c5:0c:93:db:e7: 82:cb:06:a7:ae:e1:2f:c2:e5:16:36:f4:95:17:0a: 96:d7:b2:3f:f5:cd:bb:27:21:c9:92:a9:43:46:70: ec:a7:97:de:1a:8c:81:88:9c:6f:c3:17:36:10:74: 72:aa:51:4d:69:b1:fd:ad:0d:9e:0f:74:e2:d2:b9: 05:3e:ca:2f:2a:73:ad:da:36:19:d1:0b:9d:12:c0: bb:6c:6b:1c:72:9e:e6:9c:c6:d7:a0:0c:05:b3:8a: 53:f8:eb:59:53:57:37:83:56:e4:f2:49:1e:1e:1f: 96:f9:14:0a:23:60:b1:ee:8b:2e:bb:76:34:b2:ee: 64:4a:45:94:74:9d:46:9d:37:bd:96:3a:19:d3:66: 02:6d:b1:6b:fe:08:e2:3d:f5:db:26:b1:ae:05:aa: 9d:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:12:D3:71:8C:A1:96:37:13:7B:3C:6A:10:38:CA:33:EE:1B:38:5E X509v3 Authority Key Identifier: keyid:6E:39:8C:52:CC:2A:07:9D:A9:01:48:21:0A:C8:53:28:C1:1B:BE:96 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bjmMUswqB52pAUghCshTKMEbvpY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bhLTcYyhljcTezxqEDjKM-4bOF4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.147.130.0/23 Signature Algorithm: sha256WithRSAEncryption 27:fc:a6:a3:fc:f1:e2:47:58:ec:e7:45:71:60:ad:72:85:0c: ec:f9:2b:4a:72:c1:b9:43:3b:25:32:9d:46:c5:37:ef:69:77: 86:07:90:7e:3a:65:32:e5:05:82:89:aa:de:bc:e0:88:d9:f9: b4:e7:81:1f:3f:78:72:5c:69:92:f3:1d:6e:ba:1c:c6:14:d1: 75:33:59:24:0f:31:b5:2e:a0:1e:9f:c3:a5:db:c9:fe:3c:ef: 19:84:cc:d5:2d:02:82:9f:09:2c:2b:d2:1d:c1:69:80:c9:e6: a0:fa:3b:d0:3f:60:c6:86:17:ef:af:ff:2e:7b:d6:bc:8a:23: bf:60:47:42:aa:ee:74:76:51:65:6a:04:19:f3:c5:dc:ae:e8: 9d:bd:61:f6:79:ba:30:db:e2:49:3a:af:e2:fc:e3:b3:dd:63: 2e:b4:9f:ef:15:99:2b:27:f7:fe:04:d8:10:f7:1e:46:cc:ad: 54:d8:de:ea:4c:17:df:db:60:f4:62:ee:9c:4f:40:48:33:a4: dc:f5:a2:96:e5:f2:28:e5:e4:ae:72:39:5a:1a:a1:bb:f6:c7: a7:2d:94:26:32:7a:88:5d:e6:7b:96:48:f4:4d:c7:7a:ee:ad: 55:95:f4:65:13:cb:31:97:81:0d:70:32:47:83:23:78:d2:cb: d2:7f:79:a1 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICCZ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkUz OThDNTJDQzJBMDc5REE5MDE0ODIxMEFDODUzMjhDMTFCQkU5NjAeFw0yNDA4MjYw NTIzNDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDZFMTJEMzcxOENBMTk2 MzcxMzdCM0M2QTEwMzhDQTMzRUUxQjM4NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCI79ZlWqL4O7WKkph9J17yXJRkTHMCt8OfIsp0TBYkAOQp1PI F8EL3AvmupjT18HJY7MSfZ25vTQE4jv4NH5A2QDYTINptGJ/Ppd5YKUR0gsPszqh chBnYnBiNh0HeEg/20vFDJPb54LLBqeu4S/C5RY29JUXCpbXsj/1zbsnIcmSqUNG cOynl94ajIGInG/DFzYQdHKqUU1psf2tDZ4PdOLSuQU+yi8qc63aNhnRC50SwLts axxynuacxtegDAWzilP461lTVzeDVuTySR4eH5b5FAojYLHuiy67djSy7mRKRZR0 nUadN72WOhnTZgJtsWv+COI99dsmsa4Fqp3xAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUbhLTcYyhljcTezxqEDjKM+4bOF4wHwYDVR0jBBgwFoAUbjmMUswqB52pAUgh CshTKMEbvpYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTlJJ Q0gvYmptTVVzd3FCNTJwQVVnaENzaFRLTUVidnBZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9iam1NVXN3cUI1MnBBVWdoQ3NoVEtNRWJ2cFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9PUEVOUklDSC9iaExUY1l5aGxqY1Rl enhxRURqS00tNGJPRjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ5OCMA0GCSqGSIb3DQEBCwUAA4IBAQAn/Kaj/PHiR1js50VxYK1yhQzs+StK csG5QzslMp1GxTfvaXeGB5B+OmUy5QWCiarevOCI2fm054EfP3hyXGmS8x1uuhzG FNF1M1kkDzG1LqAen8Ol28n+PO8ZhMzVLQKCnwksK9IdwWmAyeag+jvQP2DGhhfv r/8ue9a8iiO/YEdCqu50dlFlagQZ88XcruidvWH2ebow2+JJOq/i/OOz3WMutJ/v FZkrJ/f+BNgQ9x5GzK1U2N7qTBff22D0Yu6cT0BIM6Tc9aKW5fIo5eSucjlaGqG7 9senLZQmMnqIXeZ7lkj0Tcd67q1VlfRlE8sxl4ENcDJHgyN40svSf3mh -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:12 2024 by rpki-client on console-ams.rpki-client.org