$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Kx9jcktdbfBsOgp4fm2U7kFhF9k.roa File: Kx9jcktdbfBsOgp4fm2U7kFhF9k.roa (raw, json) Hash identifier: JbRPb52CiBnlWQU/iTIM97E1jqCIsbmoBH+j0Tf9/rc= Subject key identifier: 2B:1F:63:72:4B:5D:6D:F0:6C:3A:0A:78:7E:6D:94:EE:41:61:17:D9 Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3025 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Kx9jcktdbfBsOgp4fm2U7kFhF9k.roa Signing time: Mon 26 Aug 2024 05:29:11 +0000 ROA not before: Mon 26 Aug 2024 05:29:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38841 IP address blocks: 211.76.120.128/25 maxlen: 25 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Sep 2024 00:49:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12325 (0x3025) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Aug 26 05:29:11 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2B1F63724B5D6DF06C3A0A787E6D94EE416117D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:f0:3e:31:20:a6:0f:af:a4:58:1b:0f:9e:e7: 00:17:78:3b:9a:b4:e7:e4:90:dc:74:ab:64:57:d6: 97:d2:8f:18:a7:e5:ff:55:97:a5:db:1b:05:d8:b2: af:4d:da:1c:3f:62:9a:37:96:17:20:f0:8e:6c:74: cf:6d:09:83:e0:e5:21:ee:b0:e8:b1:e0:e1:67:6c: 1d:9b:94:b3:0c:a1:ba:59:9a:03:39:81:2c:39:34: 43:6a:c1:83:94:02:5a:57:d3:fc:7b:1f:cb:c4:08: c6:a5:13:12:48:79:f5:25:41:44:ca:63:3f:4f:b2: 26:76:5c:5e:06:60:9f:44:2c:51:96:b1:ed:15:6c: 62:72:82:42:7e:80:32:3a:52:7d:98:3d:b8:a9:b0: 4b:53:0e:1c:68:10:0a:52:c5:23:b3:b9:46:f2:21: f6:63:e8:5b:bf:49:64:69:3b:e7:08:e9:7d:60:b4: bb:b5:84:98:3b:20:b1:ce:95:e2:cc:43:56:df:5b: bb:5f:a1:f8:c5:ff:c5:25:08:f1:a8:fb:0d:a9:aa: 9a:ed:08:a9:75:29:e8:9b:09:68:9f:a9:50:dc:a2: 7f:d1:78:ec:9e:bb:a3:93:1f:78:57:02:af:31:0d: 21:b4:49:27:c9:b0:47:71:15:86:cb:88:4c:be:86: 76:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:1F:63:72:4B:5D:6D:F0:6C:3A:0A:78:7E:6D:94:EE:41:61:17:D9 X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Kx9jcktdbfBsOgp4fm2U7kFhF9k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.76.120.128/25 Signature Algorithm: sha256WithRSAEncryption 94:49:98:4b:29:57:95:35:37:09:a7:8b:94:a2:a4:74:18:5b: 11:d6:c2:f5:e3:93:56:f6:de:f9:d4:ca:44:7e:c9:05:4c:35: 19:47:c5:62:a8:65:6d:2e:99:ef:2c:c3:14:5b:52:91:26:76: 4a:f9:d5:23:54:00:6d:0e:d4:41:45:71:89:8a:8d:2d:49:c1: 3e:15:fc:55:0d:a7:2c:aa:bf:40:8c:3e:b0:b5:75:ad:59:34: 5d:fa:6e:5b:f4:47:97:17:71:c2:86:0a:ce:8f:20:78:47:73: 96:af:03:b0:6f:2a:30:cf:5b:64:72:0c:15:6a:2e:68:8a:61: ff:e8:a8:9c:0c:16:3f:61:ea:72:45:c0:47:1b:c6:c9:73:a0: f4:ae:4a:ca:c6:3f:ec:a2:e1:21:67:44:8f:ae:15:22:29:b9: cf:00:a3:a0:3c:38:d8:ff:ab:c5:93:3b:49:ea:ab:f3:f6:24: 4e:ef:d4:44:f2:7e:b6:1e:7c:33:7f:c6:9d:1a:2a:60:ce:86: ff:2c:73:4f:6a:35:99:48:c1:ee:9e:b9:08:1c:d5:26:a7:d9: 1a:76:77:1e:1e:3a:d0:f7:99:5b:9a:95:21:0a:67:d3:0d:bb: f3:3f:7e:26:f6:37:cd:0c:54:33:e5:f6:5e:70:b2:6b:73:f9: 77:c1:77:0a -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICMCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw NTI5MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJCMUY2MzcyNEI1RDZE RjA2QzNBMEE3ODdFNkQ5NEVFNDE2MTE3RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH8D4xIKYPr6RYGw+e5wAXeDuatOfkkNx0q2RX1pfSjxin5f9V l6XbGwXYsq9N2hw/Ypo3lhcg8I5sdM9tCYPg5SHusOix4OFnbB2blLMMobpZmgM5 gSw5NENqwYOUAlpX0/x7H8vECMalExJIefUlQUTKYz9PsiZ2XF4GYJ9ELFGWse0V bGJygkJ+gDI6Un2YPbipsEtTDhxoEApSxSOzuUbyIfZj6Fu/SWRpO+cI6X1gtLu1 hJg7ILHOleLMQ1bfW7tfofjF/8UlCPGo+w2pqprtCKl1KeibCWifqVDcon/ReOye u6OTH3hXAq8xDSG0SSfJsEdxFYbLiEy+hnbfAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUKx9jcktdbfBsOgp4fm2U7kFhF9kwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0t4OWpja3RkYmZCc09ncDRm bTJVN2tGaEY5ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQfT THiAMA0GCSqGSIb3DQEBCwUAA4IBAQCUSZhLKVeVNTcJp4uUoqR0GFsR1sL145NW 9t751MpEfskFTDUZR8ViqGVtLpnvLMMUW1KRJnZK+dUjVABtDtRBRXGJio0tScE+ FfxVDacsqr9AjD6wtXWtWTRd+m5b9EeXF3HChgrOjyB4R3OWrwOwbyowz1tkcgwV ai5oimH/6KicDBY/YepyRcBHG8bJc6D0rkrKxj/souEhZ0SPrhUiKbnPAKOgPDjY /6vFkztJ6qvz9iRO79RE8n62Hnwzf8adGipgzob/LHNPajWZSMHunrkIHNUmp9ka dnceHjrQ95lbmpUhCmfTDbvzP34m9jfNDFQz5fZecLJrc/l3wXcK -----END CERTIFICATE-----Generated at Fri Sep 20 21:34:51 2024 by rpki-client on console-ams.rpki-client.org