$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/0fwZ-LNZechiGWYn7LzVRJs6-iA.roa File: 0fwZ-LNZechiGWYn7LzVRJs6-iA.roa (raw, json) Hash identifier: Y2/Mnbf/GhChAhXYsUpFlp2vnC6rsFpDPMpKtC4Njts= Subject key identifier: D1:FC:19:F8:B3:59:79:C8:62:19:66:27:EC:BC:D5:44:9B:3A:FA:20 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 11A3 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/0fwZ-LNZechiGWYn7LzVRJs6-iA.roa Signing time: Mon 26 Aug 2024 05:17:45 +0000 ROA not before: Mon 26 Aug 2024 05:17:45 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 210.71.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4515 (0x11a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:45 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D1FC19F8B35979C862196627ECBCD5449B3AFA20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:fc:c5:f7:8e:b2:37:83:b4:d5:33:6e:d2:8d: 7f:ce:34:64:e0:61:6f:29:20:1d:d3:cb:b5:af:7c: 93:2a:b1:34:62:9f:f2:10:41:eb:29:47:99:ef:32: 65:80:8d:2c:5d:fc:02:40:69:d3:56:d9:b6:d3:c9: 0f:f0:d1:5c:3d:15:9a:95:81:08:be:14:88:5a:1d: 86:44:a0:4e:0c:0a:64:be:0a:0a:b3:24:81:a1:09: a9:99:82:40:ea:b2:27:6f:c6:1f:63:74:ce:c9:69: 09:55:6d:65:9e:45:0f:cf:95:74:be:6a:a0:9f:5b: 5c:a1:40:4f:92:ef:77:a9:26:6b:37:1f:8b:63:c9: 25:94:5f:d5:8b:77:c0:02:21:cf:60:b8:23:27:0d: 2c:e6:6f:6d:0b:eb:1a:00:27:8f:42:a8:fe:8e:8d: 68:5c:6f:52:28:39:29:9f:a4:bf:1b:67:eb:53:40: a0:16:e3:ac:60:f8:19:c0:3a:85:45:21:0a:20:c9: f5:a9:ce:2b:f7:46:26:f5:90:f9:e2:29:56:0c:d1: 5f:4e:35:74:2b:03:2a:88:64:34:0d:85:09:4a:81: a9:bf:ec:19:03:2b:18:54:a8:bf:07:39:82:f5:a4: de:65:da:dc:fa:2f:a2:ef:15:d1:0b:16:a4:f6:f0: b6:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:FC:19:F8:B3:59:79:C8:62:19:66:27:EC:BC:D5:44:9B:3A:FA:20 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/0fwZ-LNZechiGWYn7LzVRJs6-iA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.71.128.0/17 Signature Algorithm: sha256WithRSAEncryption c1:09:df:eb:fc:6c:d4:be:74:41:95:04:d2:01:62:cb:cd:e7: 07:81:46:78:9a:33:fa:7e:e6:ba:c6:12:03:8d:9f:01:50:67: 2c:35:f4:b1:b5:8b:d6:7d:e9:f0:00:04:c7:e8:98:d7:94:ee: 3e:c4:88:04:13:f3:d2:27:04:de:79:8f:91:6e:d9:b2:1d:a0: 26:67:13:4b:ca:f9:16:79:00:a4:6c:b2:95:21:11:75:fd:7b: 9b:3a:68:aa:9e:54:d0:c8:17:42:bf:c2:5c:40:7b:ed:26:67: 28:ae:c2:2b:28:db:c7:aa:ca:15:f4:23:06:8f:b2:c2:a1:05: 3c:e1:e0:6f:14:6f:9b:3e:3a:1c:59:a0:5d:5d:61:f7:22:d2: 43:65:ce:0c:ea:18:e1:9f:5a:6b:eb:99:c4:e8:7a:fb:32:2e: 40:66:fe:ce:a9:41:a2:65:0c:e2:02:02:ba:fa:d9:7e:3d:38: 56:1c:dc:03:44:96:3f:95:89:12:0c:cc:3a:b6:25:0a:ca:7d: 05:e9:f3:d4:fd:da:42:2f:c4:98:52:51:f6:c5:91:a7:d0:ca: 04:02:07:fd:14:2d:ff:ce:c3:6e:83:69:f9:54:15:55:40:db: 84:af:02:42:74:73:8c:76:f6:5c:f8:2f:68:2e:73:fa:78:70: 4f:a2:9d:cb -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQxRkMxOUY4QjM1OTc5 Qzg2MjE5NjYyN0VDQkNENTQ0OUIzQUZBMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCs/MX3jrI3g7TVM27SjX/ONGTgYW8pIB3Ty7WvfJMqsTRin/IQ QespR5nvMmWAjSxd/AJAadNW2bbTyQ/w0Vw9FZqVgQi+FIhaHYZEoE4MCmS+Cgqz JIGhCamZgkDqsidvxh9jdM7JaQlVbWWeRQ/PlXS+aqCfW1yhQE+S73epJms3H4tj ySWUX9WLd8ACIc9guCMnDSzmb20L6xoAJ49CqP6OjWhcb1IoOSmfpL8bZ+tTQKAW 46xg+BnAOoVFIQogyfWpziv3Rib1kPniKVYM0V9ONXQrAyqIZDQNhQlKgam/7BkD KxhUqL8HOYL1pN5l2tz6L6LvFdELFqT28LbnAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU0fwZ+LNZechiGWYn7LzVRJs6+iAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8wZndaLUxOWmVjaGlHV1luN0x6 VlJKczYtaUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH0keA MA0GCSqGSIb3DQEBCwUAA4IBAQDBCd/r/GzUvnRBlQTSAWLLzecHgUZ4mjP6fua6 xhIDjZ8BUGcsNfSxtYvWfenwAATH6JjXlO4+xIgEE/PSJwTeeY+RbtmyHaAmZxNL yvkWeQCkbLKVIRF1/XubOmiqnlTQyBdCv8JcQHvtJmcorsIrKNvHqsoV9CMGj7LC oQU84eBvFG+bPjocWaBdXWH3ItJDZc4M6hjhn1pr65nE6Hr7Mi5AZv7OqUGiZQzi AgK6+tl+PThWHNwDRJY/lYkSDMw6tiUKyn0F6fPU/dpCL8SYUlH2xZGn0MoEAgf9 FC3/zsNug2n5VBVVQNuErwJCdHOMdvZc+C9oLnP6eHBPop3L -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:51 2024 by rpki-client on console-fra.rpki-client.org