$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/hDqkOqa4TVKrztQoRNbpXMLHnG0.roa File: hDqkOqa4TVKrztQoRNbpXMLHnG0.roa (raw, json) Hash identifier: TjtnmUPk/k3zocrq3d1QHYjPhetL+r3i6aNf1v+xj+Y= Subject key identifier: 84:3A:A4:3A:A6:B8:4D:52:AB:CE:D4:28:44:D6:E9:5C:C2:C7:9C:6D Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Certificate serial: 0CCF Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/hDqkOqa4TVKrztQoRNbpXMLHnG0.roa Signing time: Mon 26 Aug 2024 05:27:34 +0000 ROA not before: Mon 26 Aug 2024 05:27:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17709 IP address blocks: 123.240.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3279 (0xccf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7 Validity Not Before: Aug 26 05:27:34 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=843AA43AA6B84D52ABCED42844D6E95CC2C79C6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1e:a0:4a:70:37:78:c1:de:a0:46:50:be:03: 9c:21:2f:74:4d:67:bc:e7:96:ac:07:96:7d:38:f1: 8e:45:90:cd:8c:89:9a:28:89:1b:1c:92:02:16:2c: 66:1d:d9:fe:c2:d4:6c:8f:9c:e3:db:9f:f4:18:a5: b7:1f:88:3e:47:59:56:4f:a9:dd:d6:45:4c:1d:aa: 28:cf:a1:fa:25:c5:bf:e8:e2:0e:41:29:df:c7:8c: 05:c7:23:02:a1:af:70:46:75:bd:8f:71:84:b7:88: 04:d4:c3:10:c7:8d:1d:a0:e4:7b:8b:58:5d:49:5e: 17:34:1c:47:1e:e5:26:58:af:6e:e3:52:0a:a9:7c: 17:87:5d:be:90:fa:fc:8c:29:60:f6:4b:0b:92:07: 1f:45:2e:c0:d5:ef:93:e4:c8:45:4c:a8:6e:f8:cb: 76:af:6a:e2:76:3f:d6:e9:01:45:b6:12:e3:8c:35: fc:c1:28:4a:56:75:ab:36:e4:f4:23:f2:e9:e7:93: 05:46:3b:23:4b:da:1c:30:66:3c:36:e9:7d:bb:2b: 8c:51:cf:48:c9:12:13:ce:60:e8:32:46:ba:d6:cd: ce:c0:66:67:5c:b4:b6:8a:66:92:a5:67:45:43:b6: 4c:86:32:5d:70:ff:ad:f4:79:10:b7:db:97:6d:1f: 30:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:3A:A4:3A:A6:B8:4D:52:AB:CE:D4:28:44:D6:E9:5C:C2:C7:9C:6D X509v3 Authority Key Identifier: keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/hDqkOqa4TVKrztQoRNbpXMLHnG0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.240.0.0/15 Signature Algorithm: sha256WithRSAEncryption 27:fb:7c:a9:8d:f4:1e:e1:e1:81:ec:8a:ec:2f:00:64:18:eb: 24:5b:6a:fe:18:90:bc:60:48:ae:e9:34:38:24:1c:d3:57:b9: 6e:22:23:35:6b:33:0a:f5:c0:2c:8e:6d:e0:d7:a7:69:69:97: 7f:cf:db:b0:5e:be:7b:93:37:dd:a6:6f:66:03:f7:e8:e1:1d: 67:fd:8e:bd:ad:65:09:ab:a2:3e:1d:d1:53:90:e6:b5:6b:7e: d9:5f:83:17:85:60:8b:45:a0:ab:c7:1e:4f:4a:89:01:88:ca: e6:04:b0:51:e2:02:54:de:f3:b0:39:dd:3d:c3:98:4c:95:68: 42:9d:69:00:d0:42:6c:e3:f0:f9:b0:f7:a3:5c:a6:99:cc:0c: be:76:f4:19:78:26:a6:38:02:7f:53:99:88:df:58:de:73:69: c4:db:9f:c3:65:fb:96:da:70:d2:d2:7e:e6:01:5c:94:58:b6: f5:bc:0b:32:b9:ac:2f:64:37:d3:78:50:a3:ab:f4:63:86:72: d7:bd:00:1b:53:a5:95:f9:6a:ae:e8:4d:48:db:74:35:e8:6e: 26:18:b3:10:47:32:80:45:11:a8:42:ad:ea:49:b4:10:a8:5b: 55:0e:48:eb:4e:83:bd:24:97:ff:09:88:06:90:45:1c:fb:08: b2:60:e9:53 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNDA4MjYw NTI3MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg0M0FBNDNBQTZCODRE NTJBQkNFRDQyODQ0RDZFOTVDQzJDNzlDNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7HqBKcDd4wd6gRlC+A5whL3RNZ7znlqwHln048Y5FkM2MiZoo iRsckgIWLGYd2f7C1GyPnOPbn/QYpbcfiD5HWVZPqd3WRUwdqijPofolxb/o4g5B Kd/HjAXHIwKhr3BGdb2PcYS3iATUwxDHjR2g5HuLWF1JXhc0HEce5SZYr27jUgqp fBeHXb6Q+vyMKWD2SwuSBx9FLsDV75PkyEVMqG74y3avauJ2P9bpAUW2EuOMNfzB KEpWdas25PQj8unnkwVGOyNL2hwwZjw26X27K4xRz0jJEhPOYOgyRrrWzc7AZmdc tLaKZpKlZ0VDtkyGMl1w/630eRC325dtHzD5AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUhDqkOqa4TVKrztQoRNbpXMLHnG0wHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9oRHFrT3FhNFRWS3J6dFFvUk5i cFhNTEhuRzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBe/Aw DQYJKoZIhvcNAQELBQADggEBACf7fKmN9B7h4YHsiuwvAGQY6yRbav4YkLxgSK7p NDgkHNNXuW4iIzVrMwr1wCyObeDXp2lpl3/P27BevnuTN92mb2YD9+jhHWf9jr2t ZQmroj4d0VOQ5rVrftlfgxeFYItFoKvHHk9KiQGIyuYEsFHiAlTe87A53T3DmEyV aEKdaQDQQmzj8Pmw96NcppnMDL529Bl4JqY4An9TmYjfWN5zacTbn8Nl+5bacNLS fuYBXJRYtvW8CzK5rC9kN9N4UKOr9GOGcte9ABtTpZX5aq7oTUjbdDXobiYYsxBH MoBFEahCrepJtBCoW1UOSOtOg70kl/8JiAaQRRz7CLJg6VM= -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:15 2024 by rpki-client on console-ams.rpki-client.org