$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/4bXRPHb__3XCg-fzMEJHX3IW9Rc.roa File: 4bXRPHb__3XCg-fzMEJHX3IW9Rc.roa (raw, json) Hash identifier: ftcDpnL3C2osbbYE2XtDwNTVi2jDWeFEghpatW/NNpw= Subject key identifier: E1:B5:D1:3C:76:FF:FF:75:C2:83:E7:F3:30:42:47:5F:72:16:F5:17 Certificate issuer: /CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Certificate serial: 0287 Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/4bXRPHb__3XCg-fzMEJHX3IW9Rc.roa Signing time: Mon 26 Aug 2024 05:11:16 +0000 ROA not before: Mon 26 Aug 2024 05:11:16 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38047 IP address blocks: 2400:61a0:a055::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 647 (0x287) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Validity Not Before: Aug 26 05:11:16 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E1B5D13C76FFFF75C283E7F33042475F7216F517 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:3a:96:b7:72:79:8c:76:37:1c:6d:52:c0:e9: 0b:60:ce:56:59:96:04:f2:66:5a:5d:b0:52:4c:37: 7e:80:b6:ed:13:aa:d4:33:ba:e3:70:57:1b:4c:e0: 91:63:fd:cd:9b:f7:ba:77:3e:0b:82:96:e9:83:37: 37:3d:75:dc:ea:19:e9:03:e9:87:0f:aa:e5:43:29: 5c:79:57:a6:3f:47:d1:70:53:45:ee:8e:0a:d0:4f: 65:e2:8a:1e:11:f2:db:97:48:78:b6:a1:9e:0f:7c: d3:24:86:5c:f1:01:04:d1:f2:ed:29:81:bf:43:f9: cd:f2:af:7d:d7:3a:6f:91:e7:b5:58:09:33:f8:5f: 87:92:88:18:e5:91:27:0a:2f:18:db:9f:02:c7:26: 11:b4:b5:b2:6d:4c:69:fe:0f:93:f7:85:87:2e:af: ee:11:f0:76:6b:ba:85:3b:a7:cd:d3:e4:fa:7d:d0: 01:20:2b:63:55:1b:c4:d3:41:56:ed:e1:38:9a:c9: f0:66:0c:7f:6d:23:06:ee:82:92:5d:37:3e:aa:31: 0a:bb:41:30:e7:61:63:dd:2d:8e:16:9d:7d:27:f8: 65:26:3b:cb:8f:e8:e9:02:53:34:e6:e4:c5:4d:fc: c1:16:df:d6:3f:41:e0:e1:4e:41:64:8e:f1:3f:f9: 5e:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:B5:D1:3C:76:FF:FF:75:C2:83:E7:F3:30:42:47:5F:72:16:F5:17 X509v3 Authority Key Identifier: keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/4bXRPHb__3XCg-fzMEJHX3IW9Rc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:61a0:a055::/48 Signature Algorithm: sha256WithRSAEncryption 49:0b:87:ab:c0:68:28:42:0e:ca:c2:e7:37:42:46:06:a1:31: ae:60:10:e1:63:11:b7:75:a4:29:71:7c:6b:5e:6f:dc:79:fb: 4a:f9:6d:97:89:de:5b:85:da:6a:54:c7:eb:1c:bb:a1:c3:23: ad:fe:12:af:38:ef:39:f6:a3:88:1f:da:79:66:f0:98:0f:e2: 9a:80:3a:af:12:00:88:85:33:3e:2e:90:9f:81:fd:bf:cb:0f: 9f:51:0c:52:95:9f:f6:50:d7:43:ab:1d:fc:db:be:7a:37:d7: 63:11:81:85:51:cd:4f:54:3b:2d:e6:18:f0:b4:0b:ad:5d:ce: 89:00:16:7e:8b:de:6d:ca:87:4c:8e:92:ae:56:90:51:e7:8b: 2f:57:d5:fe:79:dc:64:df:6b:13:e1:94:bf:db:77:10:2b:22: d9:fc:ae:61:e5:5d:2f:c5:de:62:50:e7:5f:1d:a8:5c:60:7b: 0d:77:af:45:71:f1:e2:24:4e:6e:1c:4d:e9:b6:4b:7f:86:cf: 7f:b7:65:f9:df:07:85:63:5a:16:df:7e:d9:3e:20:72:1f:f8: fd:81:f2:bc:40:bd:04:bc:09:12:92:8f:e0:70:9b:22:3a:33: c7:1d:32:29:73:c3:65:e4:c6:ad:c8:31:7b:82:fe:2d:01:01: 7c:01:7c:96 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICAocwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJD ODQzOUZFMTlEOTlCMDM4MjcwMjA4Qzk0QjY2Q0EyMzFGRkVENTAeFw0yNDA4MjYw NTExMTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUxQjVEMTNDNzZGRkZG NzVDMjgzRTdGMzMwNDI0NzVGNzIxNkY1MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVOpa3cnmMdjccbVLA6QtgzlZZlgTyZlpdsFJMN36Atu0TqtQz uuNwVxtM4JFj/c2b97p3PguClumDNzc9ddzqGekD6YcPquVDKVx5V6Y/R9FwU0Xu jgrQT2Xiih4R8tuXSHi2oZ4PfNMkhlzxAQTR8u0pgb9D+c3yr33XOm+R57VYCTP4 X4eSiBjlkScKLxjbnwLHJhG0tbJtTGn+D5P3hYcur+4R8HZruoU7p83T5Pp90AEg K2NVG8TTQVbt4TiayfBmDH9tIwbugpJdNz6qMQq7QTDnYWPdLY4WnX0n+GUmO8uP 6OkCUzTm5MVN/MEW39Y/QeDhTkFkjvE/+V6VAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQU4bXRPHb//3XCg+fzMEJHX3IW9RcwHwYDVR0jBBgwFoAUq8hDn+GdmbA4JwII yUtmyiMf/tUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU RUwvcThoRG4tR2RtYkE0SndJSXlVdG15aU1mX3RVLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRFTC80YlhSUEhiX18zWENn LWZ6TUVKSFgzSVc5UmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJABhoKBVMA0GCSqGSIb3DQEBCwUAA4IBAQBJC4erwGgoQg7Kwuc3QkYGoTGu YBDhYxG3daQpcXxrXm/ceftK+W2Xid5bhdpqVMfrHLuhwyOt/hKvOO859qOIH9p5 ZvCYD+KagDqvEgCIhTM+LpCfgf2/yw+fUQxSlZ/2UNdDqx382756N9djEYGFUc1P VDst5hjwtAutXc6JABZ+i95tyodMjpKuVpBR54svV9X+edxk32sT4ZS/23cQKyLZ /K5h5V0vxd5iUOdfHahcYHsNd69FcfHiJE5uHE3ptkt/hs9/t2X53weFY1oW337Z PiByH/j9gfK8QL0EvAkSko/gcJsiOjPHHTIpc8Nl5MatyDF7gv4tAQF8AXyW -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:30 2024 by rpki-client on console-ams.rpki-client.org