$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ombhiwVnXK1K4y6NI-fJLgRVEOM.roa File: ombhiwVnXK1K4y6NI-fJLgRVEOM.roa (raw, json) Hash identifier: WN28jQy3RDJtZs0Xvg58uWk4+I5dEvXYClLuKOBIkio= Subject key identifier: A2:66:E1:8B:05:67:5C:AD:4A:E3:2E:8D:23:E7:C9:2E:04:55:10:E3 Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 12D4 Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ombhiwVnXK1K4y6NI-fJLgRVEOM.roa Signing time: Mon 26 Aug 2024 05:32:36 +0000 ROA not before: Mon 26 Aug 2024 05:32:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131621 IP address blocks: 2001:de4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4820 (0x12d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Aug 26 05:32:36 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A266E18B05675CAD4AE32E8D23E7C92E045510E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7e:8c:20:01:25:7c:50:d5:d5:5c:02:4b:58: b6:10:f0:6c:dd:87:3b:c4:e7:37:c0:8c:b0:5b:6e: 56:3a:c6:d5:ac:e6:38:a1:4d:2f:d4:52:aa:b3:1e: 3b:22:8d:f0:fa:51:30:97:f3:20:51:f0:2f:fd:68: 9b:ba:78:d6:2d:79:4b:3d:a3:ac:3b:40:b4:3e:e6: 31:d3:04:64:7b:bc:26:5f:e5:a2:a3:68:d7:90:64: ce:95:fe:a7:61:cb:6f:a4:5b:d6:0d:41:27:d2:bb: df:9e:4c:e0:5d:d8:f5:b6:4b:74:9f:25:74:4b:e7: 40:8a:5f:b2:9c:2f:e6:51:fb:29:c8:01:f5:7e:da: 84:cb:35:12:42:39:bc:57:de:5b:eb:49:02:06:7a: 34:fa:d8:b6:e3:aa:06:2d:75:83:64:22:37:5f:db: 38:25:2f:2d:44:67:87:40:a1:e7:09:6b:7c:49:c1: 52:fe:64:97:29:70:b0:9d:1a:cf:0b:35:69:47:75: aa:79:9f:04:54:68:3c:a6:ab:17:5b:e2:3f:1f:aa: 21:33:0d:2e:d7:5d:b0:87:3b:ec:db:fb:e5:44:b0: 57:16:64:ba:6c:f6:32:cf:ee:bc:aa:17:3c:58:c9: f2:21:77:f7:8c:5b:6f:bd:1a:62:e1:be:1c:b6:04: ff:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:66:E1:8B:05:67:5C:AD:4A:E3:2E:8D:23:E7:C9:2E:04:55:10:E3 X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ombhiwVnXK1K4y6NI-fJLgRVEOM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:de4::/48 Signature Algorithm: sha256WithRSAEncryption 00:d9:ac:08:f5:84:41:88:1b:b6:61:78:c9:0f:a4:a6:de:fe: 5a:d6:15:b7:10:60:1a:17:af:59:85:c0:01:53:24:aa:b1:73: 19:51:ef:1a:85:c3:1b:97:f9:25:91:9a:bf:4b:1c:cd:bc:4a: 8e:0d:e6:0c:f7:ac:03:33:b1:ba:43:1d:bb:e9:ee:31:fd:85: 8c:bc:4e:f1:3f:30:72:d4:44:17:f0:58:2d:bb:dd:8b:5c:27: 5a:75:73:e1:62:c2:77:f7:88:c9:ef:a4:0f:90:bf:c0:d3:98: 23:bc:5e:a1:2f:99:0c:c1:58:71:43:1b:f4:3c:1f:3c:f4:c4: 84:46:ac:5d:06:55:2b:14:4c:6b:14:78:01:1a:28:c3:1d:b4: 82:4f:0d:de:a0:b3:f3:7a:0c:ce:a1:d5:8f:e8:ed:24:c0:91: 70:c8:e6:8a:68:36:d3:b7:3c:4b:eb:7e:12:74:af:36:a7:26: 08:14:b5:5a:15:d0:e3:8f:76:5f:26:c9:77:14:3c:ed:db:9e: 0b:4a:7b:27:ee:a0:31:d4:31:10:44:90:85:41:c8:d5:37:3d: 38:32:1d:3e:08:34:7d:ea:1d:ce:49:b9:51:6a:90:7e:d8:85: 81:80:18:fe:8f:1d:30:81:34:9f:26:3b:84:2e:b9:71:4a:3e: b9:3a:1a:70 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICEtQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDA4MjYw NTMyMzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEyNjZFMThCMDU2NzVD QUQ0QUUzMkU4RDIzRTdDOTJFMDQ1NTEwRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNfowgASV8UNXVXAJLWLYQ8GzdhzvE5zfAjLBbblY6xtWs5jih TS/UUqqzHjsijfD6UTCX8yBR8C/9aJu6eNYteUs9o6w7QLQ+5jHTBGR7vCZf5aKj aNeQZM6V/qdhy2+kW9YNQSfSu9+eTOBd2PW2S3SfJXRL50CKX7KcL+ZR+ynIAfV+ 2oTLNRJCObxX3lvrSQIGejT62LbjqgYtdYNkIjdf2zglLy1EZ4dAoecJa3xJwVL+ ZJcpcLCdGs8LNWlHdap5nwRUaDymqxdb4j8fqiEzDS7XXbCHO+zb++VEsFcWZLps 9jLP7ryqFzxYyfIhd/eMW2+9GmLhvhy2BP8zAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUombhiwVnXK1K4y6NI+fJLgRVEOMwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9vbWJoaXdWblhLMUs0eTZOSS1m SkxnUlZFT00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 5AAAMA0GCSqGSIb3DQEBCwUAA4IBAQAA2awI9YRBiBu2YXjJD6Sm3v5a1hW3EGAa F69ZhcABUySqsXMZUe8ahcMbl/klkZq/SxzNvEqODeYM96wDM7G6Qx276e4x/YWM vE7xPzBy1EQX8Fgtu92LXCdadXPhYsJ394jJ76QPkL/A05gjvF6hL5kMwVhxQxv0 PB889MSERqxdBlUrFExrFHgBGijDHbSCTw3eoLPzegzOodWP6O0kwJFwyOaKaDbT tzxL634SdK82pyYIFLVaFdDjj3ZfJsl3FDzt254LSnsn7qAx1DEQRJCFQcjVNz04 Mh0+CDR96h3OSblRapB+2IWBgBj+jx0wgTSfJjuELrlxSj65Ohpw -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:59 2024 by rpki-client on console-fra.rpki-client.org