$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/BNpGOFuzNJHR5ZAibNYWdzbjaBk.roa File: BNpGOFuzNJHR5ZAibNYWdzbjaBk.roa (raw, json) Hash identifier: wBsfzN1J0YCFmyR+q2vOIR9YA5zg0NSkIfjBMhEiZ/I= Subject key identifier: 04:DA:46:38:5B:B3:34:91:D1:E5:90:22:6C:D6:16:77:36:E3:68:19 Certificate issuer: /CN=A61402819401D363CB1F9BFBD538875F41F211C3 Certificate serial: 0BE3 Authority key identifier: A6:14:02:81:94:01:D3:63:CB:1F:9B:FB:D5:38:87:5F:41:F2:11:C3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/phQCgZQB02PLH5v71TiHX0HyEcM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/BNpGOFuzNJHR5ZAibNYWdzbjaBk.roa Signing time: Mon 26 Aug 2024 05:26:45 +0000 ROA not before: Mon 26 Aug 2024 05:26:45 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9216 IP address blocks: 211.76.128.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/phQCgZQB02PLH5v71TiHX0HyEcM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/phQCgZQB02PLH5v71TiHX0HyEcM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/phQCgZQB02PLH5v71TiHX0HyEcM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3043 (0xbe3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A61402819401D363CB1F9BFBD538875F41F211C3 Validity Not Before: Aug 26 05:26:45 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=04DA46385BB33491D1E590226CD6167736E36819 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:94:82:9c:a6:5d:d5:bf:ba:13:95:38:c6:e1: 95:64:8c:03:96:71:fb:e5:80:70:b1:d6:9f:6c:7d: ee:8d:62:dc:38:49:0b:8b:7b:8c:1e:01:22:a5:ed: ef:fd:8d:44:fd:b9:12:62:ca:b4:61:80:5f:78:61: b1:7a:5c:c4:21:8c:29:13:49:2b:9b:ff:6b:23:12: ba:3d:bc:dc:18:54:b5:ed:8a:1c:35:81:fb:db:32: 1b:b7:45:b4:e0:66:3b:ca:92:b2:0f:a8:c5:1e:e6: 79:55:43:82:ce:99:13:b7:f8:ec:57:76:93:38:c6: 5b:fc:73:b9:b0:15:c5:70:a4:0d:77:60:be:01:6a: 33:41:5e:d4:d5:89:83:d4:d7:a0:6e:ad:6a:5f:bb: 2f:29:19:11:4f:75:f1:91:ab:c8:2b:4d:e3:89:89: 71:9f:35:c8:c7:ba:71:34:ca:63:90:b9:17:a4:07: b5:2d:f6:5a:54:61:1e:f7:5d:6a:c4:00:0d:6d:0b: c4:da:55:69:5a:f3:5b:41:30:57:ec:0d:76:a4:bd: ba:ae:d5:91:a3:f2:e0:3c:37:3e:f1:ad:4f:ad:74: 6d:ae:a8:55:a8:d2:c9:21:ba:43:fb:e5:e3:5e:f7: a4:57:4f:cd:b2:dc:5f:ce:d7:4e:67:74:8f:ad:37: b3:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:DA:46:38:5B:B3:34:91:D1:E5:90:22:6C:D6:16:77:36:E3:68:19 X509v3 Authority Key Identifier: keyid:A6:14:02:81:94:01:D3:63:CB:1F:9B:FB:D5:38:87:5F:41:F2:11:C3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/phQCgZQB02PLH5v71TiHX0HyEcM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/phQCgZQB02PLH5v71TiHX0HyEcM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/BNpGOFuzNJHR5ZAibNYWdzbjaBk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.76.128.0/20 Signature Algorithm: sha256WithRSAEncryption 73:a4:6b:cb:62:41:fb:4b:d6:3a:56:37:93:3f:b3:5f:db:36: d6:34:03:af:54:1a:ff:eb:77:57:88:ee:27:5a:40:e3:8c:b7: 4f:12:c6:7e:c8:f2:0a:d1:a2:12:16:a1:75:8a:d3:9c:ee:e0: 3c:70:0a:42:c1:b4:ce:56:4b:d7:77:fe:40:44:9a:20:2c:9e: 98:7f:0c:37:79:24:62:25:50:db:5d:1a:90:dd:fc:78:51:22: ee:81:4b:94:2b:45:a2:50:3b:79:05:04:0a:ad:53:94:85:ee: 12:bc:d1:0f:35:15:2d:6d:9a:8e:1a:0f:57:6c:fb:cd:c9:61: 6d:e5:8b:45:1c:4f:04:9c:44:32:4b:aa:67:05:fd:f7:e5:f7: 11:27:0c:0e:9b:64:5f:eb:c7:3e:88:10:ea:0d:c1:8b:38:7d: 03:a4:7d:77:f6:da:0c:5e:a2:ae:90:2d:e5:b8:1a:49:f7:2d: 82:cc:56:00:6c:cc:1e:37:d4:99:a1:ee:25:3b:dc:1f:64:f4: f9:68:9f:b1:b5:e0:93:9d:3f:30:40:f0:83:b4:d2:8b:1a:3f: 51:c8:0d:d8:89:f0:4a:b5:df:84:3b:8f:7b:b3:11:d4:56:ea: 6c:13:49:4e:af:f1:05:49:5f:96:9c:c8:95:e6:05:b5:b9:03: 0f:a2:18:a2 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICC+MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTYx NDAyODE5NDAxRDM2M0NCMUY5QkZCRDUzODg3NUY0MUYyMTFDMzAeFw0yNDA4MjYw NTI2NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA0REE0NjM4NUJCMzM0 OTFEMUU1OTAyMjZDRDYxNjc3MzZFMzY4MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvlIKcpl3Vv7oTlTjG4ZVkjAOWcfvlgHCx1p9sfe6NYtw4SQuL e4weASKl7e/9jUT9uRJiyrRhgF94YbF6XMQhjCkTSSub/2sjEro9vNwYVLXtihw1 gfvbMhu3RbTgZjvKkrIPqMUe5nlVQ4LOmRO3+OxXdpM4xlv8c7mwFcVwpA13YL4B ajNBXtTViYPU16BurWpfuy8pGRFPdfGRq8grTeOJiXGfNcjHunE0ymOQuRekB7Ut 9lpUYR73XWrEAA1tC8TaVWla81tBMFfsDXakvbqu1ZGj8uA8Nz7xrU+tdG2uqFWo 0skhukP75eNe96RXT82y3F/O105ndI+tN7P7AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUBNpGOFuzNJHR5ZAibNYWdzbjaBkwHwYDVR0jBBgwFoAUphQCgZQB02PLH5v7 1TiHX0HyEcMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lNUEhP WC9waFFDZ1pRQjAyUExINXY3MVRpSFgwSHlFY00uY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL3BoUUNnWlFCMDJQTEg1djcxVGlIWDBIeUVjTS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NZTVBIT1gvQk5wR09GdXpOSkhSNVpB aWJOWVdkemJqYUJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BNNMgDANBgkqhkiG9w0BAQsFAAOCAQEAc6Rry2JB+0vWOlY3kz+zX9s21jQDr1Qa /+t3V4juJ1pA44y3TxLGfsjyCtGiEhahdYrTnO7gPHAKQsG0zlZL13f+QESaICye mH8MN3kkYiVQ210akN38eFEi7oFLlCtFolA7eQUECq1TlIXuErzRDzUVLW2ajhoP V2z7zclhbeWLRRxPBJxEMkuqZwX99+X3EScMDptkX+vHPogQ6g3Bizh9A6R9d/ba DF6irpAt5bgaSfctgsxWAGzMHjfUmaHuJTvcH2T0+WifsbXgk50/MEDwg7TSixo/ UcgN2InwSrXfhDuPe7MR1FbqbBNJTq/xBUlflpzIleYFtbkDD6IYog== -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:14 2024 by rpki-client on console-ams.rpki-client.org