$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TGM/O-yzXgc2YMRYmpKT1j6Zu22TahU.roa File: O-yzXgc2YMRYmpKT1j6Zu22TahU.roa (raw, json) Hash identifier: XSv8XcCeZfYxpCo5qMJuIhatnzkc+thCXb6Jb+IQqsQ= Subject key identifier: 3B:EC:B3:5E:07:36:60:C4:58:9A:92:93:D6:3E:99:BB:6D:93:6A:15 Certificate issuer: /CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5 Certificate serial: 0293 Authority key identifier: 9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/O-yzXgc2YMRYmpKT1j6Zu22TahU.roa Signing time: Mon 26 Aug 2024 05:27:51 +0000 ROA not before: Mon 26 Aug 2024 05:27:51 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131642 IP address blocks: 2400:5120::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 659 (0x293) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5 Validity Not Before: Aug 26 05:27:51 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=3BECB35E073660C4589A9293D63E99BB6D936A15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:21:b4:33:e8:22:4d:62:9a:c0:37:f0:8c:7c: bc:46:19:c7:06:3d:d3:cc:e4:ef:66:99:ae:ab:85: 5b:c6:e8:64:d7:c1:a1:38:05:0e:56:d5:df:42:75: 54:ec:9e:30:35:6c:e2:59:39:8d:8b:5d:a1:d6:4b: 11:7c:b2:be:1f:c5:82:ea:69:71:91:ac:24:a5:4e: ba:6a:f2:3e:7b:96:f4:05:f5:35:a1:3e:26:b2:3c: 53:7f:d7:1d:3b:c5:ce:9b:a2:1a:dd:89:83:3d:19: cd:77:5f:83:f2:cf:9e:b3:4a:f7:b4:d6:14:10:9c: 1d:39:88:51:84:d2:59:af:4d:9e:91:ec:08:49:38: 55:43:f5:c0:a2:a7:4b:99:e6:cb:16:2d:21:bb:9c: 7e:9a:a9:89:99:4e:49:8d:32:2b:ee:38:dc:bc:a6: 53:a8:7c:cd:8b:1b:1e:49:f4:f4:4e:62:e9:11:b3: dc:00:30:eb:74:de:f2:31:e9:18:48:c2:f3:3a:68: b7:86:31:b2:07:97:44:f6:41:16:c6:0a:8e:98:57: a4:8e:7b:ab:d5:73:59:4b:7f:41:5f:e2:d5:e0:a8: f9:e0:30:66:a2:f0:8c:2c:3a:3b:b4:d0:86:83:ea: ce:14:c8:e1:9c:05:50:84:c3:50:ae:29:20:2c:a2: 6e:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:EC:B3:5E:07:36:60:C4:58:9A:92:93:D6:3E:99:BB:6D:93:6A:15 X509v3 Authority Key Identifier: keyid:9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/O-yzXgc2YMRYmpKT1j6Zu22TahU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:5120::/32 Signature Algorithm: sha256WithRSAEncryption 97:23:17:61:20:97:70:01:db:c4:73:fd:fa:97:1d:29:6c:f0: 59:96:1c:54:17:15:ac:0b:26:58:fc:02:60:af:37:91:9d:a1: ce:fe:ef:1a:e8:e7:74:a9:64:09:16:9f:c2:77:0c:e4:1f:ff: 41:a8:ce:56:4b:97:a8:c0:78:31:81:a4:91:d2:12:ce:8a:15: 4c:d3:d1:96:d7:90:b2:95:aa:23:f1:97:8d:43:61:a8:79:ff: 5b:d6:70:bd:39:5a:1f:a1:de:07:32:d4:57:d5:ef:9f:5c:28: 26:d7:16:25:4b:50:0e:c9:2b:f8:08:f7:40:2c:bc:5e:f8:15: c3:e9:0a:f8:18:df:e6:81:83:6a:32:7f:84:95:55:b9:56:e7: 5f:b6:fd:36:6b:9e:ab:3c:cb:58:9e:35:1c:17:27:b6:1f:91: 7a:20:c3:b5:e5:4a:cc:86:a0:7c:3f:d8:f3:cc:6c:70:6a:23: a0:7d:1f:65:9e:bb:88:80:71:1c:f1:75:ea:e4:fc:4f:50:0f: 1b:54:9f:c2:47:b4:01:95:55:8f:26:79:6b:cd:cc:84:97:81: 73:ca:a0:1f:ee:2c:7f:76:83:87:56:f8:90:91:10:30:a8:18: 2a:28:08:32:79:1d:ba:6b:10:f0:dd:be:92:da:83:a5:a7:ef: f8:6a:c0:84 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICApMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI2 MDY5NkQ2ODc3M0FFMkU1MzJGMENENUQxMEZEQzBDODI3M0VBNTAeFw0yNDA4MjYw NTI3NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNCRUNCMzVFMDczNjYw QzQ1ODlBOTI5M0Q2M0U5OUJCNkQ5MzZBMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYIbQz6CJNYprAN/CMfLxGGccGPdPM5O9mma6rhVvG6GTXwaE4 BQ5W1d9CdVTsnjA1bOJZOY2LXaHWSxF8sr4fxYLqaXGRrCSlTrpq8j57lvQF9TWh PiayPFN/1x07xc6bohrdiYM9Gc13X4Pyz56zSve01hQQnB05iFGE0lmvTZ6R7AhJ OFVD9cCip0uZ5ssWLSG7nH6aqYmZTkmNMivuONy8plOofM2LGx5J9PROYukRs9wA MOt03vIx6RhIwvM6aLeGMbIHl0T2QRbGCo6YV6SOe6vVc1lLf0Ff4tXgqPngMGai 8IwsOju00IaD6s4UyOGcBVCEw1CuKSAsom6nAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUO+yzXgc2YMRYmpKT1j6Zu22TahUwHwYDVR0jBBgwFoAUm2BpbWh3OuLlMvDN XRD9wMgnPqUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL20y QnBiV2gzT3VMbE12RE5YUkQ5d01nblBxVS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev bTJCcGJXaDNPdUxsTXZETlhSRDl3TWduUHFVLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL08teXpYZ2MyWU1SWW1wS1QxajZadTIy VGFoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAFEgMA0G CSqGSIb3DQEBCwUAA4IBAQCXIxdhIJdwAdvEc/36lx0pbPBZlhxUFxWsCyZY/AJg rzeRnaHO/u8a6Od0qWQJFp/CdwzkH/9BqM5WS5eowHgxgaSR0hLOihVM09GW15Cy laoj8ZeNQ2Goef9b1nC9OVofod4HMtRX1e+fXCgm1xYlS1AOySv4CPdALLxe+BXD 6Qr4GN/mgYNqMn+ElVW5Vudftv02a56rPMtYnjUcFye2H5F6IMO15UrMhqB8P9jz zGxwaiOgfR9lnruIgHEc8XXq5PxPUA8bVJ/CR7QBlVWPJnlrzcyEl4FzyqAf7ix/ doOHVviQkRAwqBgqKAgyeR26axDw3b6S2oOlp+/4asCE -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:45 2024 by rpki-client on console-fra.rpki-client.org