$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/opqsMlfox4AqcCgNt4KijB6o_r4.roa File: opqsMlfox4AqcCgNt4KijB6o_r4.roa (raw, json) Hash identifier: RCwoGDqpjCPRGSX93tQjmS9rha0E5FY1iUChMNag+4w= Subject key identifier: A2:9A:AC:32:57:E8:C7:80:2A:70:28:0D:B7:82:A2:8C:1E:A8:FE:BE Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0C5C Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/opqsMlfox4AqcCgNt4KijB6o_r4.roa Signing time: Mon 26 Aug 2024 05:28:00 +0000 ROA not before: Mon 26 Aug 2024 05:28:00 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38254 IP address blocks: 2403:7f40:e000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3164 (0xc5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Aug 26 05:28:00 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A29AAC3257E8C7802A70280DB782A28C1EA8FEBE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:be:40:74:e4:88:2a:7d:71:6f:c4:c0:2e:6a: 5f:6b:7c:a8:fa:9d:7c:1e:ac:55:37:2f:c1:b6:6f: a7:3f:37:11:c6:07:ee:71:ba:04:18:ad:0c:84:86: 9e:fa:25:26:4a:d4:02:05:65:53:52:90:87:4f:4a: 59:13:f9:66:ad:2a:0a:e8:b2:2f:d8:fe:ed:83:6b: 04:4b:36:99:b6:5e:c0:6a:c0:71:76:99:ef:c0:de: f2:47:e5:79:c8:b3:af:8c:95:7b:a2:08:08:4d:08: 06:05:0e:d2:96:ca:9d:dd:42:a1:cb:18:a9:b2:36: 05:b5:58:46:b6:46:8f:ba:b9:25:31:a1:0b:24:fc: e5:30:47:68:94:f3:78:76:75:0a:51:0d:f7:4b:d4: b0:81:50:84:52:13:91:20:70:e1:63:04:45:7d:db: 04:3d:f1:20:82:7d:66:e6:01:d5:93:89:75:25:09: 8b:50:6d:6a:b4:ee:86:03:f2:30:84:db:c3:ea:67: 92:8d:d2:33:eb:af:cf:6b:ce:39:b1:7d:ab:6d:ad: 92:00:37:3f:6b:e2:ba:38:54:ff:4d:cd:08:35:c9: e7:82:d6:ca:46:bf:66:32:7e:68:fa:9b:19:49:17: 70:89:59:ef:8f:b5:ff:37:61:10:43:15:5c:29:97: 84:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:9A:AC:32:57:E8:C7:80:2A:70:28:0D:B7:82:A2:8C:1E:A8:FE:BE X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/opqsMlfox4AqcCgNt4KijB6o_r4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:7f40:e000::/48 Signature Algorithm: sha256WithRSAEncryption 2d:aa:11:58:97:29:40:ac:21:6c:08:cf:e7:3c:bc:92:10:04: d9:b4:ae:d1:3c:22:67:e4:20:5d:ea:17:e0:c5:b0:8d:e0:10: ef:62:f0:1c:f2:8a:c6:0d:05:e2:23:b9:8d:7f:5b:51:23:24: 37:e6:07:b4:65:3d:88:25:a3:ba:af:b6:d8:3c:44:35:3b:51: 1a:28:fe:ad:88:55:e6:ea:48:84:28:6b:f7:0f:da:5a:37:4b: c0:d4:b3:9d:8c:e5:af:6a:75:82:cc:96:99:a5:ad:ca:51:1e: 0f:f0:c3:b3:90:68:61:d1:58:dc:ad:85:ca:6f:29:05:14:41: d8:f2:75:9e:77:39:62:62:25:22:3a:d9:a3:1a:65:0a:64:10: d0:c2:a2:b2:7a:cd:84:32:ef:d9:79:71:78:a9:60:66:34:d3: 06:25:15:31:57:70:50:ce:3b:9f:a1:99:09:c6:26:af:d5:90: cc:f9:77:62:c3:b0:e4:99:35:de:17:49:c3:10:67:99:21:28: 7d:09:1b:ae:38:9d:bd:b3:ac:1d:bb:65:fd:56:1b:cf:55:2e: ef:b6:3b:0e:c9:ba:cf:04:82:ef:46:6d:64:05:45:0b:bd:69: 77:07:c9:06:01:b9:f7:80:9a:d6:01:b5:fc:b1:e8:49:90:42: 23:a0:dc:69 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDFwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNDA4MjYw NTI4MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEyOUFBQzMyNTdFOEM3 ODAyQTcwMjgwREI3ODJBMjhDMUVBOEZFQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDvkB05IgqfXFvxMAual9rfKj6nXwerFU3L8G2b6c/NxHGB+5x ugQYrQyEhp76JSZK1AIFZVNSkIdPSlkT+WatKgrosi/Y/u2DawRLNpm2XsBqwHF2 me/A3vJH5XnIs6+MlXuiCAhNCAYFDtKWyp3dQqHLGKmyNgW1WEa2Ro+6uSUxoQsk /OUwR2iU83h2dQpRDfdL1LCBUIRSE5EgcOFjBEV92wQ98SCCfWbmAdWTiXUlCYtQ bWq07oYD8jCE28PqZ5KN0jPrr89rzjmxfattrZIANz9r4ro4VP9NzQg1yeeC1spG v2Yyfmj6mxlJF3CJWe+Ptf83YRBDFVwpl4SNAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUopqsMlfox4AqcCgNt4KijB6o/r4wHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL29wcXNNbGZveDRBcWNDZ050NEtpakI2 b19yNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A4AAw DQYJKoZIhvcNAQELBQADggEBAC2qEViXKUCsIWwIz+c8vJIQBNm0rtE8ImfkIF3q F+DFsI3gEO9i8BzyisYNBeIjuY1/W1EjJDfmB7RlPYglo7qvttg8RDU7URoo/q2I VebqSIQoa/cP2lo3S8DUs52M5a9qdYLMlpmlrcpRHg/ww7OQaGHRWNythcpvKQUU QdjydZ53OWJiJSI62aMaZQpkENDCorJ6zYQy79l5cXipYGY00wYlFTFXcFDOO5+h mQnGJq/VkMz5d2LDsOSZNd4XScMQZ5khKH0JG644nb2zrB27Zf1WG89VLu+2Ow7J us8Egu9GbWQFRQu9aXcHyQYBufeAmtYBtfyx6EmQQiOg3Gk= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:54 2024 by rpki-client on console-fra.rpki-client.org