$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/KpeSKcv5qk2ZJm0clM5C6P2wfW8.roa File: KpeSKcv5qk2ZJm0clM5C6P2wfW8.roa (raw, json) Hash identifier: wSvYAehBFxUv3xiw2ATb1TYwD8mOYg/OkddhlXmZ8io= Subject key identifier: 2A:97:92:29:CB:F9:AA:4D:99:26:6D:1C:94:CE:42:E8:FD:B0:7D:6F Certificate issuer: /CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Certificate serial: 0282 Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/KpeSKcv5qk2ZJm0clM5C6P2wfW8.roa Signing time: Mon 26 Aug 2024 05:11:15 +0000 ROA not before: Mon 26 Aug 2024 05:11:15 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38047 IP address blocks: 2400:61a0:a001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 642 (0x282) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Validity Not Before: Aug 26 05:11:15 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=2A979229CBF9AA4D99266D1C94CE42E8FDB07D6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:10:75:40:04:65:6d:25:dc:4b:1c:5b:21:01: 3b:d1:3a:90:d3:2b:21:71:32:6b:69:5c:74:94:88: 84:2c:5b:f5:c9:b7:80:00:96:56:7f:c1:bd:7f:6e: 82:5f:97:09:08:f6:4b:6b:14:62:39:6c:f3:5f:7f: af:89:59:50:88:fa:97:e6:b8:cb:81:34:6a:11:e4: da:67:0b:de:f3:69:cf:5f:e8:9a:b1:81:11:a7:18: 31:5d:7f:ac:cb:4a:d3:68:bc:51:b3:9d:dc:48:40: 6a:6a:92:9b:f4:f3:ee:c2:de:3f:fe:a8:bb:bb:ae: 58:78:08:1a:0c:b0:21:0f:97:ca:97:75:78:06:5c: 77:bc:cb:77:ed:07:51:6a:31:5c:e3:13:bf:43:e7: 39:3b:52:47:6b:37:9c:10:38:e0:6d:61:75:5e:63: 94:7c:75:ad:e4:f6:a1:66:03:96:44:07:39:51:43: 6f:d0:55:2e:b6:cf:7e:ab:05:87:25:b0:df:20:4d: db:21:e4:83:c9:f1:17:ac:82:9c:6b:91:c9:2b:c8: 45:de:3b:a8:1b:c9:59:1d:0b:57:25:ba:10:4d:ae: 02:63:00:c1:a4:99:18:5e:94:a9:7c:6e:65:67:3c: a5:47:60:01:42:00:9b:9d:c4:67:c5:93:d9:08:26: 1d:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:97:92:29:CB:F9:AA:4D:99:26:6D:1C:94:CE:42:E8:FD:B0:7D:6F X509v3 Authority Key Identifier: keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/KpeSKcv5qk2ZJm0clM5C6P2wfW8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:61a0:a001::/48 Signature Algorithm: sha256WithRSAEncryption 02:fc:13:d5:cb:ac:d1:bb:c9:95:b5:86:19:54:6d:69:42:4d: 0b:13:69:93:90:d7:ff:88:30:8e:4d:40:bf:96:6a:61:c8:7a: bc:91:7f:47:91:d3:5c:bf:b7:73:48:ac:95:d3:dc:af:ba:02: ea:00:0b:10:cf:1b:a7:f3:ef:c9:5e:fd:de:1b:26:73:ee:c5: 07:7b:3c:ff:b5:44:6f:56:50:95:de:15:96:ed:eb:77:56:5e: b4:1e:d9:48:c8:86:fd:15:86:0b:f4:70:eb:4d:bf:21:0d:5c: 72:90:9d:86:e6:d3:ec:d1:d2:13:2e:02:66:cf:d7:75:f8:ac: d9:73:9a:e4:c8:81:54:47:f0:75:2e:10:49:a0:f2:59:b2:21: d0:0f:c0:1f:a8:e1:a1:b5:12:6b:09:c6:3c:56:f3:e5:e2:e7: c6:04:93:b1:cc:63:1a:73:f2:f8:10:32:85:d7:13:b1:2d:e3: e8:cc:95:92:46:f6:e4:86:b5:5b:b2:81:70:26:d9:37:c9:ed: 78:d0:47:1f:64:a9:50:a3:90:88:0a:1a:57:41:d1:1d:7b:38: be:ec:b6:65:30:b7:04:2c:1f:89:61:2b:93:6e:4d:10:24:9e: 6c:80:1c:a5:93:10:a2:d9:41:e6:49:72:ce:ca:e8:bb:9f:cb: 27:30:d6:e0 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICAoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJD ODQzOUZFMTlEOTlCMDM4MjcwMjA4Qzk0QjY2Q0EyMzFGRkVENTAeFw0yNDA4MjYw NTExMTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJBOTc5MjI5Q0JGOUFB NEQ5OTI2NkQxQzk0Q0U0MkU4RkRCMDdENkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDwEHVABGVtJdxLHFshATvROpDTKyFxMmtpXHSUiIQsW/XJt4AA llZ/wb1/boJflwkI9ktrFGI5bPNff6+JWVCI+pfmuMuBNGoR5NpnC97zac9f6Jqx gRGnGDFdf6zLStNovFGzndxIQGpqkpv08+7C3j/+qLu7rlh4CBoMsCEPl8qXdXgG XHe8y3ftB1FqMVzjE79D5zk7UkdrN5wQOOBtYXVeY5R8da3k9qFmA5ZEBzlRQ2/Q VS62z36rBYclsN8gTdsh5IPJ8ResgpxrkckryEXeO6gbyVkdC1cluhBNrgJjAMGk mRhelKl8bmVnPKVHYAFCAJudxGfFk9kIJh29AgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUKpeSKcv5qk2ZJm0clM5C6P2wfW8wHwYDVR0jBBgwFoAUq8hDn+GdmbA4JwII yUtmyiMf/tUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU RUwvcThoRG4tR2RtYkE0SndJSXlVdG15aU1mX3RVLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRFTC9LcGVTS2N2NXFrMlpK bTBjbE01QzZQMndmVzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJABhoKABMA0GCSqGSIb3DQEBCwUAA4IBAQAC/BPVy6zRu8mVtYYZVG1pQk0L E2mTkNf/iDCOTUC/lmphyHq8kX9HkdNcv7dzSKyV09yvugLqAAsQzxun8+/JXv3e GyZz7sUHezz/tURvVlCV3hWW7et3Vl60HtlIyIb9FYYL9HDrTb8hDVxykJ2G5tPs 0dITLgJmz9d1+KzZc5rkyIFUR/B1LhBJoPJZsiHQD8AfqOGhtRJrCcY8VvPl4ufG BJOxzGMac/L4EDKF1xOxLePozJWSRvbkhrVbsoFwJtk3ye140EcfZKlQo5CIChpX QdEdezi+7LZlMLcELB+JYSuTbk0QJJ5sgBylkxCi2UHmSXLOyui7n8snMNbg -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org