$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/RhrItmvZi4VYK4TZECtGx7vM-ss.roa File: RhrItmvZi4VYK4TZECtGx7vM-ss.roa (raw, json) Hash identifier: XMvkyq/xwrOecGun8nX/0+JhAyCyxeVf3uU+H4/S8x4= Subject key identifier: 46:1A:C8:B6:6B:D9:8B:85:58:2B:84:D9:10:2B:46:C7:BB:CC:FA:CB Certificate issuer: /CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Certificate serial: 0BD8 Authority key identifier: 75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/RhrItmvZi4VYK4TZECtGx7vM-ss.roa Signing time: Mon 26 Aug 2024 05:11:18 +0000 ROA not before: Mon 26 Aug 2024 05:11:18 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131143 IP address blocks: 2405:3300::/32 maxlen: 96 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3032 (0xbd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Validity Not Before: Aug 26 05:11:18 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=461AC8B66BD98B85582B84D9102B46C7BBCCFACB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:00:7c:6b:01:c6:5c:72:f5:2f:2a:5e:f5:ea: d8:c7:8b:6f:9a:b9:fd:fc:76:ce:d1:e1:2f:c4:74: bf:b1:e0:36:8b:d0:79:d6:69:b6:cf:84:ac:26:d7: 79:2a:2e:4e:25:87:01:f8:bd:65:23:aa:13:10:b2: 9b:00:a9:66:7b:66:da:fb:81:10:6a:1f:59:f1:ba: 11:03:57:13:f7:39:66:15:ae:95:09:6e:d3:da:16: fc:3f:e9:aa:ed:6c:02:61:7c:06:2e:1f:68:c0:0a: a0:ce:8f:57:ea:93:74:2d:95:75:57:18:2e:52:16: 2f:ab:7d:88:b9:bc:ef:2d:35:e4:f8:14:ff:eb:3a: ab:98:b4:34:db:7d:29:ec:97:ec:a1:9c:a3:30:13: b2:b6:f9:cd:bd:fb:ce:c8:85:39:05:cd:c1:db:72: 82:04:de:45:96:dd:9b:08:2f:40:6b:5f:1f:71:cf: ce:b8:3c:6e:0f:54:db:62:98:00:ee:7d:d3:8e:8e: df:ff:8b:0d:cf:fa:a7:39:d9:2a:d2:4b:00:b0:23: 63:68:5a:a2:64:86:cd:86:00:de:ca:4f:7d:e9:cd: 5f:d8:69:4b:29:8a:16:e1:c6:1f:a7:d6:56:67:c9: c2:d5:ce:26:11:bc:ba:7a:07:22:f8:ca:f9:f5:31: 15:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:1A:C8:B6:6B:D9:8B:85:58:2B:84:D9:10:2B:46:C7:BB:CC:FA:CB X509v3 Authority Key Identifier: keyid:75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/RhrItmvZi4VYK4TZECtGx7vM-ss.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:3300::/32 Signature Algorithm: sha256WithRSAEncryption 6d:65:93:da:41:16:f0:65:5f:04:aa:0e:3a:f4:9a:06:9d:0a: ad:1b:36:46:81:06:d7:42:62:93:0e:21:4c:87:89:e1:58:ea: 8d:9b:16:52:f6:a7:c3:74:e1:25:53:45:8e:23:17:0c:8e:d9: 67:cd:9e:90:fd:cd:9a:ff:91:20:ba:84:38:64:b4:4d:32:9d: ba:62:72:7d:b4:ec:d4:68:a6:4b:38:2d:27:92:f9:fb:f0:4e: 59:82:13:2c:5e:dc:2f:e4:4f:47:37:c1:18:c4:11:17:93:ef: 18:c7:e1:17:02:34:e3:b3:a4:6f:b5:bf:5f:50:ed:2b:4a:6f: 9d:99:cd:a3:14:93:66:a8:6b:69:09:d8:3f:7e:0a:6d:32:04: bd:05:68:3a:e8:97:17:7b:a4:e8:32:d3:0a:4f:a5:ee:80:a9: 74:9b:1f:ce:09:71:ff:db:1e:e0:28:27:59:64:af:b2:48:1b: 5f:64:00:92:4f:07:5e:27:5d:6a:68:69:f4:b7:49:bb:49:f6: 51:03:31:14:6a:53:13:da:39:d4:f6:a0:3d:36:cf:4a:47:10: f9:70:a5:4d:58:5f:16:57:a5:34:88:e9:9e:ee:93:29:56:40: 22:81:ba:ca:4d:a3:5c:9a:86:a9:70:14:73:dc:53:bc:e8:83: 3c:5d:42:4f -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC RDkzMEM3NDVEMjNFOUVBNTg1QzA0RDZCOTlGOTVBOTYzMjJFNTAeFw0yNDA4MjYw NTExMThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ2MUFDOEI2NkJEOThC ODU1ODJCODREOTEwMkI0NkM3QkJDQ0ZBQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/AHxrAcZccvUvKl716tjHi2+auf38ds7R4S/EdL+x4DaL0HnW abbPhKwm13kqLk4lhwH4vWUjqhMQspsAqWZ7Ztr7gRBqH1nxuhEDVxP3OWYVrpUJ btPaFvw/6artbAJhfAYuH2jACqDOj1fqk3QtlXVXGC5SFi+rfYi5vO8tNeT4FP/r OquYtDTbfSnsl+yhnKMwE7K2+c29+87IhTkFzcHbcoIE3kWW3ZsIL0BrXx9xz864 PG4PVNtimADufdOOjt//iw3P+qc52SrSSwCwI2NoWqJkhs2GAN7KT33pzV/YaUsp ihbhxh+n1lZnycLVziYRvLp6ByL4yvn1MRWjAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQURhrItmvZi4VYK4TZECtGx7vM+sswHwYDVR0jBBgwFoAUdb2TDHRdI+nqWFwE 1rmflaljIuUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU UlVTVC9kYjJUREhSZEktbnFXRndFMXJtZmxhbGpJdVUuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL2RiMlRESFJkSS1ucVdGd0Uxcm1mbGFsakl1VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISU5BVFJVU1QvUmhySXRtdlpp NFZZSzRUWkVDdEd4N3ZNLXNzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC AAIwBwMFACQFMwAwDQYJKoZIhvcNAQELBQADggEBAG1lk9pBFvBlXwSqDjr0mgad Cq0bNkaBBtdCYpMOIUyHieFY6o2bFlL2p8N04SVTRY4jFwyO2WfNnpD9zZr/kSC6 hDhktE0ynbpicn207NRopks4LSeS+fvwTlmCEyxe3C/kT0c3wRjEEReT7xjH4RcC NOOzpG+1v19Q7StKb52ZzaMUk2aoa2kJ2D9+Cm0yBL0FaDrolxd7pOgy0wpPpe6A qXSbH84Jcf/bHuAoJ1lkr7JIG19kAJJPB14nXWpoafS3SbtJ9lEDMRRqUxPaOdT2 oD02z0pHEPlwpU1YXxZXpTSI6Z7ukylWQCKBuspNo1yahqlwFHPcU7zogzxdQk8= -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org