$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/OL9Rh5L7w4EgomU7xH4udM9ggVs.roa File: OL9Rh5L7w4EgomU7xH4udM9ggVs.roa (raw, json) Hash identifier: dH+TBovbnW1OuAEbE/MKgzSOsIJ8YzmYxBJQWB0Z50k= Subject key identifier: 38:BF:51:87:92:FB:C3:81:20:A2:65:3B:C4:7E:2E:74:CF:60:81:5B Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 12D1 Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/OL9Rh5L7w4EgomU7xH4udM9ggVs.roa Signing time: Mon 26 Aug 2024 05:32:35 +0000 ROA not before: Mon 26 Aug 2024 05:32:35 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17408 IP address blocks: 203.119.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4817 (0x12d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Aug 26 05:32:35 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=38BF518792FBC38120A2653BC47E2E74CF60815B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:8a:ae:e3:5b:d3:44:bf:2f:65:73:c5:37:73: 68:7c:5e:98:94:d5:c0:a6:f4:ad:05:ab:a0:a9:d3: b5:7c:8f:89:2e:dc:e1:b4:63:2e:66:fb:bb:ea:5e: 9e:f2:88:3a:bc:d0:a9:b8:89:47:11:22:d8:03:f6: e3:bc:0b:76:02:5b:23:91:50:15:43:c8:1a:38:97: 7f:11:7b:f9:20:f4:36:bc:ca:c2:09:c1:1b:72:4e: 56:8d:65:a1:7e:08:7e:05:d4:40:94:c7:f7:d4:37: d7:92:8c:50:41:c8:74:9a:61:7d:82:2b:a8:b0:58: e1:38:d2:ae:54:95:1a:53:6b:01:83:99:c6:cf:74: e7:a1:e7:2c:9e:56:a2:64:37:38:9d:2c:6e:1f:d7: 84:3d:14:6d:c6:29:55:02:e4:87:32:18:35:68:11: 0b:f8:ea:87:08:c7:bf:f4:c3:2f:c3:40:34:50:ca: 5a:99:70:55:47:da:0b:37:89:47:30:fa:64:91:e1: 43:f1:fe:c1:1c:6d:20:1a:89:74:3f:4b:e5:f5:12: d3:23:45:f1:aa:f5:7c:c1:dc:2c:cb:56:96:ac:dd: 68:4d:ef:e5:0d:04:b8:a6:58:d8:ba:bb:c2:40:31: 8f:f2:94:cf:ea:4a:62:71:61:39:91:2a:31:0a:29: 1a:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:BF:51:87:92:FB:C3:81:20:A2:65:3B:C4:7E:2E:74:CF:60:81:5B X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/OL9Rh5L7w4EgomU7xH4udM9ggVs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.119.3.0/24 Signature Algorithm: sha256WithRSAEncryption 88:c7:99:34:d2:e4:b1:1e:a3:27:4f:4a:67:30:d8:1f:ce:c4: ac:13:d4:44:a2:ff:14:10:22:26:54:d0:7a:9b:de:ad:a0:5e: a9:1a:2e:4c:df:85:aa:c4:6b:71:19:26:6c:2d:d4:14:89:a1: cb:b1:13:c1:7d:73:1e:28:83:ba:12:ea:11:c9:5a:4e:6b:97: 5e:b4:b4:5b:d9:1b:8c:5f:c7:4c:c4:c8:65:88:76:8b:57:df: e3:81:9c:69:25:ac:2c:78:54:78:f2:b3:2f:97:2b:af:7d:5d: e1:db:35:8d:1f:2e:37:30:b9:96:aa:3f:89:01:9d:e8:5d:2b: 19:f2:8e:cc:21:7a:1a:a3:ad:74:ea:2d:bb:c5:c1:cf:ea:d6: bc:0a:68:5b:08:d0:41:f1:8d:b2:56:c9:46:06:e2:22:86:3b: 6e:24:f5:3a:56:8d:78:19:04:b7:32:ec:86:04:39:ab:0a:2b: d7:cb:0c:c3:07:95:d8:89:1e:93:f0:9e:6e:52:74:30:5d:4a: cc:b0:9a:4a:3e:b0:28:66:4f:fd:32:ea:15:ea:97:97:f5:5e: 32:73:c3:c8:7d:4f:50:da:74:2f:f1:98:e3:ab:df:23:38:5f: ed:75:ff:a3:d7:5c:9f:0b:28:4e:18:7e:00:ac:dc:a7:09:64: 47:d2:f3:3e -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEtEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDA4MjYw NTMyMzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM4QkY1MTg3OTJGQkMz ODEyMEEyNjUzQkM0N0UyRTc0Q0Y2MDgxNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUiq7jW9NEvy9lc8U3c2h8XpiU1cCm9K0Fq6Cp07V8j4ku3OG0 Yy5m+7vqXp7yiDq80Km4iUcRItgD9uO8C3YCWyORUBVDyBo4l38Re/kg9Da8ysIJ wRtyTlaNZaF+CH4F1ECUx/fUN9eSjFBByHSaYX2CK6iwWOE40q5UlRpTawGDmcbP dOeh5yyeVqJkNzidLG4f14Q9FG3GKVUC5IcyGDVoEQv46ocIx7/0wy/DQDRQylqZ cFVH2gs3iUcw+mSR4UPx/sEcbSAaiXQ/S+X1EtMjRfGq9XzB3CzLVpas3WhN7+UN BLimWNi6u8JAMY/ylM/qSmJxYTmRKjEKKRoRAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUOL9Rh5L7w4EgomU7xH4udM9ggVswHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9PTDlSaDVMN3c0RWdvbVU3eEg0 dWRNOWdnVnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy3cD MA0GCSqGSIb3DQEBCwUAA4IBAQCIx5k00uSxHqMnT0pnMNgfzsSsE9REov8UECIm VNB6m96toF6pGi5M34WqxGtxGSZsLdQUiaHLsRPBfXMeKIO6EuoRyVpOa5detLRb 2RuMX8dMxMhliHaLV9/jgZxpJawseFR48rMvlyuvfV3h2zWNHy43MLmWqj+JAZ3o XSsZ8o7MIXoao6106i27xcHP6ta8CmhbCNBB8Y2yVslGBuIihjtuJPU6Vo14GQS3 MuyGBDmrCivXywzDB5XYiR6T8J5uUnQwXUrMsJpKPrAoZk/9MuoV6peX9V4yc8PI fU9Q2nQv8Zjjq98jOF/tdf+j11yfCyhOGH4ArNynCWRH0vM+ -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:59 2024 by rpki-client on console-fra.rpki-client.org