$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/SYE21j_i3a-vbSOF2Gx5UMTLLV8.roa File: SYE21j_i3a-vbSOF2Gx5UMTLLV8.roa (raw, json) Hash identifier: 89TT+3NZYs41B/cr51KUzsIA8BcT1Z5B92Dn5VJ4i34= Subject key identifier: 49:81:36:D6:3F:E2:DD:AF:AF:6D:23:85:D8:6C:79:50:C4:CB:2D:5F Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0CD8 Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/SYE21j_i3a-vbSOF2Gx5UMTLLV8.roa Signing time: Mon 26 Aug 2024 05:26:17 +0000 ROA not before: Mon 26 Aug 2024 05:26:17 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18419 IP address blocks: 150.129.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:55:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3288 (0xcd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Aug 26 05:26:17 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=498136D63FE2DDAFAF6D2385D86C7950C4CB2D5F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:6a:06:bd:3e:e8:27:a0:b9:c8:ed:cf:e7:e4: c3:0f:4c:ac:53:74:f9:f5:36:db:4f:76:41:66:34: a3:f8:a8:9b:67:43:75:05:60:d4:9f:8a:8a:f2:94: b6:86:46:16:1b:5a:f7:72:4b:1c:fa:df:0c:1e:9a: c7:a8:6a:8c:2b:02:d9:7e:1d:34:3e:67:68:e8:07: 0b:a7:b7:2f:9a:b2:ee:25:dd:ae:ec:94:63:92:f1: f3:87:46:aa:9e:5b:ab:70:4d:c2:6d:b9:56:70:cd: a5:f3:19:6e:e9:18:d4:65:1e:31:74:77:2c:a4:94: ad:dc:de:16:b7:e3:30:fa:e1:c3:79:8d:b6:82:b2: fd:28:36:40:35:b4:f2:b5:b4:de:2d:21:67:1d:f9: 1a:5e:76:31:e3:79:39:a9:dd:3f:c2:93:5f:d4:7e: 45:3a:44:79:5f:6f:e0:2d:46:bf:0b:c0:af:ac:36: e3:ac:a6:c7:a2:43:22:ca:0a:e2:e3:34:43:28:03: 85:cd:2c:f7:31:8e:24:93:fa:21:13:17:f9:01:80: 37:d8:d4:46:10:57:87:f8:38:bf:70:ec:41:8a:b8: 6c:23:1e:f4:99:89:75:cc:db:e6:41:b2:ff:05:58: 10:8f:c4:c9:cb:dd:9b:12:81:92:10:9f:67:5d:db: ad:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:81:36:D6:3F:E2:DD:AF:AF:6D:23:85:D8:6C:79:50:C4:CB:2D:5F X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/SYE21j_i3a-vbSOF2Gx5UMTLLV8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.129.72.0/22 Signature Algorithm: sha256WithRSAEncryption 3e:84:61:51:2f:53:08:38:b0:e4:10:eb:0d:ae:1a:12:2e:a6: 2e:50:b2:9d:f4:a9:a3:38:d2:a9:3c:9c:bd:84:b1:3c:3b:6a: 41:2d:be:81:4d:21:03:ce:89:06:89:8d:62:b6:52:e6:39:d2: 7a:2d:c7:45:ec:f2:25:e8:c8:42:37:c1:8c:59:06:3e:b4:1a: c7:1a:6a:9d:e1:7e:de:95:03:b2:48:2d:e4:58:ef:f2:f9:9d: 69:15:70:90:df:e5:47:1f:14:db:db:09:41:0d:99:cb:08:1c: 63:88:3f:85:17:0e:61:89:c3:17:07:98:46:04:14:76:fe:e8: 97:d6:de:61:66:b2:ff:2b:53:a3:3e:08:c4:dc:ec:dd:01:df: 21:ac:6a:9a:68:c1:8e:78:ce:d0:ee:ea:7c:de:0b:b1:ff:4a: 98:63:97:09:f7:aa:28:ec:dd:cc:5e:26:3c:4a:ba:16:55:42: 51:eb:8f:07:87:8a:df:d5:fc:b3:e8:5c:0c:b0:39:da:43:c8: 0b:ac:9d:7b:b5:59:df:21:bf:d6:75:58:74:dc:d5:92:18:90: a1:a4:5f:0a:c6:f1:3f:67:87:3c:60:f8:22:78:b6:7e:8e:db: a8:ae:82:60:6f:56:f8:0b:13:68:2d:0a:f9:b9:21:ce:46:02: 64:68:25:37 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNDA4MjYw NTI2MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ5ODEzNkQ2M0ZFMkRE QUZBRjZEMjM4NUQ4NkM3OTUwQzRDQjJENUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRaga9PugnoLnI7c/n5MMPTKxTdPn1NttPdkFmNKP4qJtnQ3UF YNSfiorylLaGRhYbWvdySxz63wwemseoaowrAtl+HTQ+Z2joBwunty+asu4l3a7s lGOS8fOHRqqeW6twTcJtuVZwzaXzGW7pGNRlHjF0dyyklK3c3ha34zD64cN5jbaC sv0oNkA1tPK1tN4tIWcd+RpedjHjeTmp3T/Ck1/UfkU6RHlfb+AtRr8LwK+sNuOs pseiQyLKCuLjNEMoA4XNLPcxjiST+iETF/kBgDfY1EYQV4f4OL9w7EGKuGwjHvSZ iXXM2+ZBsv8FWBCPxMnL3ZsSgZIQn2dd263NAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUSYE21j/i3a+vbSOF2Gx5UMTLLV8wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9TWUUyMWpfaTNhLXZiU09GMkd4 NVVNVExMVjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloFI MA0GCSqGSIb3DQEBCwUAA4IBAQA+hGFRL1MIOLDkEOsNrhoSLqYuULKd9KmjONKp PJy9hLE8O2pBLb6BTSEDzokGiY1itlLmOdJ6LcdF7PIl6MhCN8GMWQY+tBrHGmqd 4X7elQOySC3kWO/y+Z1pFXCQ3+VHHxTb2wlBDZnLCBxjiD+FFw5hicMXB5hGBBR2 /uiX1t5hZrL/K1OjPgjE3OzdAd8hrGqaaMGOeM7Q7up83gux/0qYY5cJ96oo7N3M XiY8SroWVUJR648Hh4rf1fyz6FwMsDnaQ8gLrJ17tVnfIb/WdVh03NWSGJChpF8K xvE/Z4c8YPgieLZ+jtuoroJgb1b4CxNoLQr5uSHORgJkaCU3 -----END CERTIFICATE-----Generated at Mon Nov 25 20:56:34 2024 by rpki-client on console-fra.rpki-client.org