$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/oQY2T9DZ5o1Yql0fMQjKRXRdmAk.roa File: oQY2T9DZ5o1Yql0fMQjKRXRdmAk.roa (raw, json) Hash identifier: wjVe24lrK71iVA452A32Gq6xXbCSjKy7yckThfyCLWQ= Subject key identifier: A1:06:36:4F:D0:D9:E6:8D:58:AA:5D:1F:31:08:CA:45:74:5D:98:09 Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A Certificate serial: 215C Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/oQY2T9DZ5o1Yql0fMQjKRXRdmAk.roa Signing time: Mon 26 Aug 2024 05:32:55 +0000 ROA not before: Mon 26 Aug 2024 05:32:55 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 24163 IP address blocks: 123.0.44.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8540 (0x215c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08469E113701815993013E13E548A2B340E44E0A Validity Not Before: Aug 26 05:32:55 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A106364FD0D9E68D58AA5D1F3108CA45745D9809 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c9:96:2e:f5:a2:d9:be:7a:80:9a:2a:f8:26: 93:40:da:56:90:ae:ef:2e:79:21:ac:19:6e:a8:27: f7:03:df:4a:a5:08:93:4d:50:9a:f6:1d:6f:cb:f1: 96:d1:0b:df:cb:f0:01:6d:46:bd:d4:da:b7:14:3f: 5c:69:84:5a:c2:ab:48:f3:a1:15:f5:29:bd:c0:35: 43:ab:bb:a0:6b:ee:6a:c9:c3:39:33:17:68:af:a4: ec:64:c5:a7:4c:6d:9d:43:1b:41:52:98:95:e9:48: 88:33:26:8a:be:2a:08:bf:33:ad:2e:fe:fb:df:f1: 35:37:3f:66:d2:dc:06:58:a2:d3:64:bb:72:66:29: 00:c1:3d:75:f2:0f:4d:49:74:02:ef:b7:bb:06:42: cf:3f:9b:09:cf:23:f5:6a:04:4f:82:c3:2e:4b:67: f2:6c:a1:26:99:bf:67:e7:08:e5:33:ce:a4:f4:95: 4b:56:e9:85:56:48:f6:5d:82:c3:5c:d0:5e:0e:68: 36:d1:83:e5:df:23:9f:f7:12:3a:a7:e7:08:15:5e: 5f:6c:6f:2f:22:d9:98:6e:d0:27:06:28:8e:57:cd: a2:a3:ab:8d:f0:68:2d:51:27:90:d4:96:db:3c:28: c0:3d:dc:72:27:9c:3b:1d:88:66:f7:3d:e1:c3:7e: fa:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:06:36:4F:D0:D9:E6:8D:58:AA:5D:1F:31:08:CA:45:74:5D:98:09 X509v3 Authority Key Identifier: keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/oQY2T9DZ5o1Yql0fMQjKRXRdmAk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.0.44.0/22 Signature Algorithm: sha256WithRSAEncryption 84:b0:70:16:eb:7d:69:70:62:d9:d7:b4:e1:79:a5:ca:85:0b: f5:00:64:6a:a6:d9:0a:65:c2:0c:43:b9:56:20:aa:a6:78:7d: 28:55:e3:23:42:6a:c3:66:77:5d:41:db:81:48:35:4b:45:37: 6a:4d:b5:fb:bb:d9:69:7a:82:97:fd:8f:d7:ba:4d:70:ce:1a: b7:14:1d:cf:57:a1:73:98:5b:e6:63:7b:dc:0b:2c:20:5f:74: 22:3c:91:20:9a:47:26:61:9c:54:55:19:11:dc:ef:d2:bc:a7: 13:7d:9c:5b:fd:ad:17:91:c7:e2:ac:b6:5e:ea:ed:2d:6b:ae: c2:d3:16:d0:84:73:f0:21:4a:09:09:56:46:11:3c:70:d0:2b: 27:c9:98:2d:a0:6b:d7:2d:08:96:0b:bb:95:f9:99:a3:31:6e: 6a:9b:18:fa:43:46:07:ae:0a:0f:a3:39:be:b5:13:28:29:6f: 6a:9b:19:b4:8a:5c:6b:f4:c9:90:79:70:e4:ae:e8:84:31:7a: 2b:bb:ae:09:b9:bc:0a:dd:77:23:7c:1b:05:05:55:91:3f:3c: 06:70:ac:53:6f:44:c3:ce:6a:99:c3:17:49:a4:e1:07:17:60: 95:5d:9c:46:a2:c4:52:3e:59:db:ac:8d:73:3d:f0:3b:4f:77: 7a:42:5e:f7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICIVwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0 NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNDA4MjYw NTMyNTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEExMDYzNjRGRDBEOUU2 OEQ1OEFBNUQxRjMxMDhDQTQ1NzQ1RDk4MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyyZYu9aLZvnqAmir4JpNA2laQru8ueSGsGW6oJ/cD30qlCJNN UJr2HW/L8ZbRC9/L8AFtRr3U2rcUP1xphFrCq0jzoRX1Kb3ANUOru6Br7mrJwzkz F2ivpOxkxadMbZ1DG0FSmJXpSIgzJoq+Kgi/M60u/vvf8TU3P2bS3AZYotNku3Jm KQDBPXXyD01JdALvt7sGQs8/mwnPI/VqBE+Cwy5LZ/JsoSaZv2fnCOUzzqT0lUtW 6YVWSPZdgsNc0F4OaDbRg+XfI5/3Ejqn5wgVXl9sby8i2Zhu0CcGKI5XzaKjq43w aC1RJ5DUlts8KMA93HInnDsdiGb3PeHDfvopAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUoQY2T9DZ5o1Yql0fMQjKRXRdmAkwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T 5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL29RWTJUOURaNW8xWXFsMGZN UWpLUlhSZG1Bay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7 ACwwDQYJKoZIhvcNAQELBQADggEBAISwcBbrfWlwYtnXtOF5pcqFC/UAZGqm2Qpl wgxDuVYgqqZ4fShV4yNCasNmd11B24FINUtFN2pNtfu72Wl6gpf9j9e6TXDOGrcU Hc9XoXOYW+Zje9wLLCBfdCI8kSCaRyZhnFRVGRHc79K8pxN9nFv9rReRx+Kstl7q 7S1rrsLTFtCEc/AhSgkJVkYRPHDQKyfJmC2ga9ctCJYLu5X5maMxbmqbGPpDRgeu Cg+jOb61Eygpb2qbGbSKXGv0yZB5cOSu6IQxeiu7rgm5vArddyN8GwUFVZE/PAZw rFNvRMPOapnDF0mk4QcXYJVdnEaixFI+WdusjXM98DtPd3pCXvc= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:41 2024 by rpki-client on console-ams.rpki-client.org