$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/bKsQaiZTG0czL1ZN_3V3dNRl_ro.roa File: bKsQaiZTG0czL1ZN_3V3dNRl_ro.roa (raw, json) Hash identifier: QXPoUQ/nfiNtVUu1Jd3iFSCEWJ75wiWtBaUY7qXkP8c= Subject key identifier: 6C:AB:10:6A:26:53:1B:47:33:2F:56:4D:FF:75:77:74:D4:65:FE:BA Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 11BD Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/bKsQaiZTG0czL1ZN_3V3dNRl_ro.roa Signing time: Mon 26 Aug 2024 05:24:20 +0000 ROA not before: Mon 26 Aug 2024 05:24:20 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131634 IP address blocks: 60.199.50.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4541 (0x11bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Aug 26 05:24:20 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=6CAB106A26531B47332F564DFF757774D465FEBA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ed:27:51:8c:65:df:3a:b9:99:9f:cb:ee:38: 06:0e:a8:07:56:d1:bf:1b:f7:8a:58:de:c6:fd:d3: b5:4f:e1:ff:d4:24:7b:75:15:aa:d3:f0:4b:e7:7c: 0f:1f:fd:7e:ca:45:38:d0:3f:74:14:9a:c9:53:61: 7f:7f:49:09:5e:27:4f:e4:f5:b7:b9:0c:d2:50:87: 85:7d:29:2f:fb:f5:8d:95:21:b8:93:d3:56:e6:da: 9e:9d:f2:31:f4:e5:73:0e:1a:1d:ba:e9:2c:0a:6f: 9e:58:74:f6:dc:1d:dd:f8:3a:f7:76:82:b2:07:4a: 45:8b:e8:42:dd:a1:ab:f5:f2:80:e4:a1:39:b1:ed: ff:49:44:47:62:96:aa:7d:f5:04:d0:c6:c2:91:83: b2:61:12:a7:df:29:d6:0d:90:13:c0:e7:48:37:eb: cf:5a:15:ae:6e:10:b2:dc:3c:12:75:8a:06:c4:e7: e4:35:0e:97:12:27:d6:c7:f3:0f:ee:d1:40:cd:59: 4c:07:51:67:b5:6e:58:d0:fe:fd:c8:e7:26:89:a6: a7:9d:60:db:fc:84:35:23:6b:f9:78:bb:10:78:da: bc:d4:46:4a:09:9d:29:24:1c:d7:34:8b:a9:2e:d1: 3d:f4:66:04:42:9d:a6:82:c3:a1:86:9b:11:48:f3: 67:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:AB:10:6A:26:53:1B:47:33:2F:56:4D:FF:75:77:74:D4:65:FE:BA X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/bKsQaiZTG0czL1ZN_3V3dNRl_ro.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.199.50.0/24 Signature Algorithm: sha256WithRSAEncryption 67:46:ee:27:2d:6a:58:ef:c2:3a:32:7c:2c:5a:79:66:b1:16: 69:8a:6b:77:37:84:67:09:92:5d:cf:40:e7:7c:7b:e8:18:06: 89:4b:c7:1a:d4:7f:89:30:dc:56:6c:33:b2:89:87:8b:10:35: f8:27:3d:1f:d9:d7:8f:84:c6:1a:67:27:cf:f6:1f:78:e0:4f: 83:0a:0d:35:9e:65:c8:56:95:3c:26:23:af:8a:3d:df:44:85: 8e:9b:0e:91:1d:8e:e4:55:e0:ea:89:cc:9f:8b:a3:1e:d9:25: 66:e9:ec:61:82:fa:6b:09:2b:26:80:d9:52:3e:7f:70:f6:c3: 53:87:f5:d5:e3:97:53:d1:d1:14:d2:41:28:13:12:12:a9:1a: 7c:33:32:af:1c:bc:1c:18:e5:37:cd:c3:54:98:e8:ba:bf:2f: 5f:a9:5e:15:24:e5:6d:6f:ad:96:b5:63:8f:22:48:4c:ae:ef: 33:1d:de:a9:53:de:58:88:9c:3f:4e:9b:01:15:d4:d9:36:d8: 2d:a3:60:a8:4e:ab:bb:bf:cf:e9:b0:7c:33:9c:2f:fa:56:e5: fd:e2:8d:02:c8:aa:2e:ba:c1:55:fb:25:e4:58:91:5c:55:54: fc:22:b0:66:85:2e:39:d6:b0:f4:f1:57:00:45:3b:c9:55:55: a8:96:1c:83 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICEb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNDA4MjYw NTI0MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDZDQUIxMDZBMjY1MzFC NDczMzJGNTY0REZGNzU3Nzc0RDQ2NUZFQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+7SdRjGXfOrmZn8vuOAYOqAdW0b8b94pY3sb907VP4f/UJHt1 FarT8EvnfA8f/X7KRTjQP3QUmslTYX9/SQleJ0/k9be5DNJQh4V9KS/79Y2VIbiT 01bm2p6d8jH05XMOGh266SwKb55YdPbcHd34Ovd2grIHSkWL6ELdoav18oDkoTmx 7f9JREdilqp99QTQxsKRg7JhEqffKdYNkBPA50g3689aFa5uELLcPBJ1igbE5+Q1 DpcSJ9bH8w/u0UDNWUwHUWe1bljQ/v3I5yaJpqedYNv8hDUja/l4uxB42rzURkoJ nSkkHNc0i6ku0T30ZgRCnaaCw6GGmxFI82cNAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUbKsQaiZTG0czL1ZN/3V3dNRl/rowHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvYktzUWFpWlRHMGN6TDFa Tl8zVjNkTlJsX3JvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME ADzHMjANBgkqhkiG9w0BAQsFAAOCAQEAZ0buJy1qWO/COjJ8LFp5ZrEWaYprdzeE ZwmSXc9A53x76BgGiUvHGtR/iTDcVmwzsomHixA1+Cc9H9nXj4TGGmcnz/YfeOBP gwoNNZ5lyFaVPCYjr4o930SFjpsOkR2O5FXg6onMn4ujHtklZunsYYL6awkrJoDZ Uj5/cPbDU4f11eOXU9HRFNJBKBMSEqkafDMyrxy8HBjlN83DVJjour8vX6leFSTl bW+tlrVjjyJITK7vMx3eqVPeWIicP06bARXU2TbYLaNgqE6ru7/P6bB8M5wv+lbl /eKNAsiqLrrBVfsl5FiRXFVU/CKwZoUuOdaw9PFXAEU7yVVVqJYcgw== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:53 2024 by rpki-client on console-fra.rpki-client.org