$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-2OoRBRxlQqIyJL2scZwnmvIR1g.roa File: -2OoRBRxlQqIyJL2scZwnmvIR1g.roa (raw, json) Hash identifier: ni5z316kiy8FDO0Yk1IMFc7kGizh++KPyXb+NTLIhVk= Subject key identifier: FB:63:A8:44:14:71:95:0A:88:C8:92:F6:B1:C6:70:9E:6B:C8:47:58 Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 123E Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-2OoRBRxlQqIyJL2scZwnmvIR1g.roa Signing time: Mon 26 Aug 2024 05:24:49 +0000 ROA not before: Mon 26 Aug 2024 05:24:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131634 IP address blocks: 124.108.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4670 (0x123e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Aug 26 05:24:49 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=FB63A8441471950A88C892F6B1C6709E6BC84758 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:35:33:03:6f:38:0f:09:57:ee:94:64:c3:cd: 94:22:db:54:be:24:62:61:af:40:52:e9:7e:a3:57: f2:ab:57:22:19:55:bb:5d:b4:90:55:cd:89:8d:b9: 0f:ae:f1:f8:06:ba:42:be:15:64:c0:0a:03:0a:99: 3d:eb:e2:f6:4f:b1:8c:81:f6:a9:23:9e:4c:bf:bb: 0c:a6:18:cc:26:cf:f2:6a:36:ef:3b:60:7f:09:29: a9:84:5d:2b:83:b0:51:cc:94:72:b6:fc:83:eb:90: c5:0d:8b:96:c6:c5:9c:95:1d:f8:35:77:ef:20:cb: 83:12:1d:49:9e:10:9e:f2:a2:ca:b5:c2:1b:03:9a: 03:5a:d5:38:7d:2a:66:e7:f7:45:99:df:a3:57:ea: 9a:24:9b:97:12:95:f8:8e:59:fd:13:65:92:dd:81: b0:26:8d:3f:07:40:d6:5a:9d:fd:d1:6b:df:71:69: b7:c1:6b:58:a3:b9:16:8d:dc:da:b0:b9:24:2f:25: 0e:ca:fc:ae:e4:a8:24:97:a3:b8:bb:5e:0b:22:f5: fe:69:24:f8:53:05:45:77:c0:90:3a:aa:44:e2:6c: e0:ef:32:55:57:3b:66:eb:ab:a6:b1:d7:78:8f:fe: f5:49:6e:d4:31:eb:7b:63:36:13:d9:32:b1:19:0c: 07:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:63:A8:44:14:71:95:0A:88:C8:92:F6:B1:C6:70:9E:6B:C8:47:58 X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-2OoRBRxlQqIyJL2scZwnmvIR1g.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.108.172.0/22 Signature Algorithm: sha256WithRSAEncryption 22:3a:2a:f9:85:bc:aa:f9:49:da:59:20:0a:03:3a:7e:6e:9d: 6f:57:73:cd:75:0b:bc:b1:9e:c9:3b:85:f8:30:be:b3:59:e3: d5:b3:57:5e:19:81:38:b9:a9:39:55:c2:12:1b:73:2a:24:00: 67:e4:60:4d:97:bd:60:2b:71:4c:76:49:04:63:ea:70:71:96: a5:e3:4f:6a:49:2e:fa:44:1b:b2:40:75:81:eb:0d:29:f8:f4: 1e:18:54:f9:8d:f9:35:90:00:68:5d:06:d0:d5:49:44:29:f2: 31:1b:36:fb:f0:7e:5d:5b:be:a4:0a:8b:05:1d:0e:7b:e7:f4: c6:b7:20:3f:77:66:96:06:fb:a1:71:89:02:4f:0e:80:21:0e: 3d:c2:ff:ba:a4:26:12:49:9c:0e:04:ae:44:b5:ea:6c:63:81: 28:94:3f:3a:6c:05:41:7e:93:64:28:56:00:0a:5c:29:26:e6: ce:15:4c:84:d9:fd:6b:ac:a9:76:e5:f7:64:c9:68:d7:e8:3c: fa:27:cb:47:78:26:e6:56:ab:b1:db:41:21:4f:fa:ad:d7:86: 45:41:6b:9a:ad:c8:4b:92:db:65:d1:1a:7a:95:b6:5a:98:1c: 14:99:ce:cc:6f:0a:0b:c7:34:ae:c0:df:c0:17:30:e1:93:54: dd:83:a9:d8 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNDA4MjYw NTI0NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZCNjNBODQ0MTQ3MTk1 MEE4OEM4OTJGNkIxQzY3MDlFNkJDODQ3NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDNTMDbzgPCVfulGTDzZQi21S+JGJhr0BS6X6jV/KrVyIZVbtd tJBVzYmNuQ+u8fgGukK+FWTACgMKmT3r4vZPsYyB9qkjnky/uwymGMwmz/JqNu87 YH8JKamEXSuDsFHMlHK2/IPrkMUNi5bGxZyVHfg1d+8gy4MSHUmeEJ7yosq1whsD mgNa1Th9Kmbn90WZ36NX6pokm5cSlfiOWf0TZZLdgbAmjT8HQNZanf3Ra99xabfB a1ijuRaN3NqwuSQvJQ7K/K7kqCSXo7i7Xgsi9f5pJPhTBUV3wJA6qkTibODvMlVX O2brq6ax13iP/vVJbtQx63tjNhPZMrEZDAcRAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU+2OoRBRxlQqIyJL2scZwnmvIR1gwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvLTJPb1JCUnhsUXFJeUpM MnNjWndubXZJUjFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AnxsrDANBgkqhkiG9w0BAQsFAAOCAQEAIjoq+YW8qvlJ2lkgCgM6fm6db1dzzXUL vLGeyTuF+DC+s1nj1bNXXhmBOLmpOVXCEhtzKiQAZ+RgTZe9YCtxTHZJBGPqcHGW peNPakku+kQbskB1gesNKfj0HhhU+Y35NZAAaF0G0NVJRCnyMRs2+/B+XVu+pAqL BR0Oe+f0xrcgP3dmlgb7oXGJAk8OgCEOPcL/uqQmEkmcDgSuRLXqbGOBKJQ/OmwF QX6TZChWAApcKSbmzhVMhNn9a6ypduX3ZMlo1+g8+ifLR3gm5larsdtBIU/6rdeG RUFrmq3IS5LbZdEaepW2WpgcFJnOzG8KC8c0rsDfwBcw4ZNU3YOp2A== -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:34 2024 by rpki-client on console-ams.rpki-client.org