$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/2okolRqRP44ExPqOHutnKW0g8oU.roa File: 2okolRqRP44ExPqOHutnKW0g8oU.roa (raw, json) Hash identifier: z8P9HCO4MuAySKyqlm/ZCWPKoLONo1t1RMyviXPFn4M= Subject key identifier: DA:89:28:95:1A:91:3F:8E:04:C4:FA:8E:1E:EB:67:29:6D:20:F2:85 Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0B8A Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/2okolRqRP44ExPqOHutnKW0g8oU.roa Signing time: Fri 01 Sep 2023 09:59:54 +0000 ROA not before: Fri 01 Sep 2023 09:59:54 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131596 IP address blocks: 61.58.80.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 04:24:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2954 (0xb8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Sep 1 09:59:54 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=DA8928951A913F8E04C4FA8E1EEB67296D20F285 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:9a:b1:8e:53:ce:45:b4:f5:51:1a:a0:f0:5b: bb:6a:94:1e:9f:31:c4:e6:61:4f:b5:30:bf:78:08: 31:2b:b3:8c:5c:75:f1:2b:6a:63:5a:2e:99:56:c8: 6b:56:0a:d5:28:74:5b:74:c3:71:ce:a7:f3:08:7d: a5:3a:c8:c2:14:da:a2:ca:b2:5a:1b:57:02:3d:c2: ec:96:2d:d3:74:14:17:18:f5:5f:21:3f:09:04:39: 06:1e:26:f0:aa:19:0c:27:96:dc:4c:3d:f8:8e:f4: a0:27:d7:d2:f0:de:7d:05:ad:92:df:98:24:5e:81: b8:13:46:da:32:88:27:e5:1f:e1:e3:2c:d2:64:24: 19:20:aa:48:84:5d:25:7e:b0:14:bf:8e:1e:ca:b6: cd:bb:22:33:40:6d:41:a8:ef:79:ae:b3:09:5b:19: c4:42:ed:26:36:20:c7:49:63:45:c5:81:94:cb:71: 07:c9:37:97:20:58:94:26:0f:94:5c:cb:21:29:42: f7:9e:1c:49:9f:a0:61:cb:16:f3:fb:18:95:43:fe: 06:e4:4d:4b:d7:5d:62:3a:42:67:2e:82:77:fc:bb: 42:86:e6:ba:62:fc:9c:88:74:eb:18:75:bc:40:32: c1:f6:1f:89:b7:ef:2f:43:6e:dc:46:af:62:af:93: 34:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:89:28:95:1A:91:3F:8E:04:C4:FA:8E:1E:EB:67:29:6D:20:F2:85 X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/2okolRqRP44ExPqOHutnKW0g8oU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.58.80.0/20 Signature Algorithm: sha256WithRSAEncryption 16:dc:55:c5:40:fa:ce:23:e5:96:9a:44:74:0f:d0:83:d5:aa: 38:81:d8:12:82:c5:ee:8c:54:be:11:1a:97:41:c5:16:cb:9f: bf:54:ac:e5:72:d2:1c:75:64:86:1c:92:4b:e3:11:39:94:a3: 91:ba:a0:8b:23:43:7c:fc:e2:ff:29:74:e1:10:8b:cb:e7:9c: 95:d4:80:0f:fa:fa:87:29:d0:7b:9e:b4:39:0b:3a:d8:d9:87: 62:97:bb:d5:c0:3e:4c:69:0d:81:5e:ef:12:36:6f:71:c4:f8: 7f:15:82:0e:21:15:14:bb:6d:22:68:6e:f6:cd:ff:78:67:da: b2:91:1e:d5:11:3e:94:2b:4a:0f:0e:e4:1a:a5:0c:0f:89:0e: d9:3c:23:83:97:1d:a8:87:16:5f:79:a5:c0:59:08:c1:4c:5d: e7:0a:af:69:83:86:5d:af:55:b8:2f:48:da:c7:44:06:57:47: 45:ca:c7:c5:8d:0c:14:31:3b:ec:e6:b0:de:e1:ef:9d:98:62: 3d:48:8e:a9:31:82:ac:8f:f4:1a:fd:02:6c:b1:ba:ee:f3:f9: a9:3d:3f:f3:85:f7:06:aa:03:e6:fa:7e:19:71:53:69:a7:d2: 36:3c:ef:cf:82:d6:61:85:06:e7:5b:51:39:f1:3f:7c:4c:34: 7b:a3:b1:71 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICC4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yMzA5MDEw OTU5NTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKERBODkyODk1MUE5MTNG OEUwNEM0RkE4RTFFRUI2NzI5NkQyMEYyODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXmrGOU85FtPVRGqDwW7tqlB6fMcTmYU+1ML94CDErs4xcdfEr amNaLplWyGtWCtUodFt0w3HOp/MIfaU6yMIU2qLKslobVwI9wuyWLdN0FBcY9V8h PwkEOQYeJvCqGQwnltxMPfiO9KAn19Lw3n0FrZLfmCRegbgTRtoyiCflH+HjLNJk JBkgqkiEXSV+sBS/jh7Kts27IjNAbUGo73muswlbGcRC7SY2IMdJY0XFgZTLcQfJ N5cgWJQmD5RcyyEpQveeHEmfoGHLFvP7GJVD/gbkTUvXXWI6Qmcugnf8u0KG5rpi /JyIdOsYdbxAMsH2H4m37y9DbtxGr2KvkzSDAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU2okolRqRP44ExPqOHutnKW0g8oUwHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS8yb2tvbFJxUlA0NEV4UHFPSHV0 bktXMGc4b1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTpQ MA0GCSqGSIb3DQEBCwUAA4IBAQAW3FXFQPrOI+WWmkR0D9CD1ao4gdgSgsXujFS+ ERqXQcUWy5+/VKzlctIcdWSGHJJL4xE5lKORuqCLI0N8/OL/KXThEIvL55yV1IAP +vqHKdB7nrQ5CzrY2Ydil7vVwD5MaQ2BXu8SNm9xxPh/FYIOIRUUu20iaG72zf94 Z9qykR7VET6UK0oPDuQapQwPiQ7ZPCODlx2ohxZfeaXAWQjBTF3nCq9pg4Zdr1W4 L0jax0QGV0dFysfFjQwUMTvs5rDe4e+dmGI9SI6pMYKsj/Qa/QJssbru8/mpPT/z hfcGqgPm+n4ZcVNpp9I2PO/PgtZhhQbnW1E58T98TDR7o7Fx -----END CERTIFICATE-----Generated at Mon Jun 3 12:44:03 2024 by rpki-client on console-fra.rpki-client.org