$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/1llxln-1B-OvzGw3i9_ZXET3na0.roa File: 1llxln-1B-OvzGw3i9_ZXET3na0.roa (raw, json) Hash identifier: 0JBlWs6t9Nngpj0KEAR2Whh3FlLu9s/sJRU7TzFxhLE= Subject key identifier: D6:59:71:96:7F:B5:07:E3:AF:CC:6C:37:8B:DF:D9:5C:44:F7:9D:AD Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 0F7A Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/1llxln-1B-OvzGw3i9_ZXET3na0.roa Signing time: Fri 01 Sep 2023 08:57:07 +0000 ROA not before: Fri 01 Sep 2023 08:57:07 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131660 IP address blocks: 2001:b000:590::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 01:23:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3962 (0xf7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 1 08:57:07 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D65971967FB507E3AFCC6C378BDFD95C44F79DAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:36:5d:8e:17:5d:e8:2d:d6:4d:a6:0b:9c:a2: 44:19:f0:18:28:36:d4:b8:2f:57:63:57:ef:37:66: fe:3f:da:be:bc:3b:00:8e:24:cc:e1:c3:3c:dc:18: 76:92:48:dd:f7:5f:d0:d6:55:63:f9:f7:b7:cf:7c: 25:ac:66:d3:5f:67:d8:69:f7:74:7c:cc:e5:c2:bd: 4d:e0:5c:ec:d5:04:0c:d2:72:23:ac:3e:89:bd:79: 26:ef:ec:3d:36:45:9d:d8:40:90:a1:f0:50:3a:57: 60:81:4d:96:68:43:3a:7b:ca:76:4f:a4:75:2f:92: fa:3b:f0:a6:8d:3d:67:1c:0c:94:7b:34:5d:88:2b: fd:03:e9:42:1c:9b:99:0f:92:5f:3f:5e:b3:e2:73: 4b:64:83:0a:85:fd:bb:47:e9:5c:fe:d0:ad:c6:68: c4:10:35:e7:3d:be:8a:73:55:ad:47:15:c5:16:dc: 0c:ec:ee:3b:f5:b5:75:1c:49:a0:0b:4a:d8:45:0f: f1:ca:7b:e8:29:db:e0:5c:08:d6:f0:d2:fe:16:88: 86:a5:da:d4:1b:75:73:d5:89:08:d0:82:77:16:0e: c2:82:d9:be:95:d0:34:5e:86:b6:53:8d:f0:1c:84: 0c:58:6c:1a:82:d5:7c:7d:d7:5c:49:a2:88:82:ca: aa:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:59:71:96:7F:B5:07:E3:AF:CC:6C:37:8B:DF:D9:5C:44:F7:9D:AD X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/1llxln-1B-OvzGw3i9_ZXET3na0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:b000:590::/48 Signature Algorithm: sha256WithRSAEncryption 39:aa:99:de:66:b0:9f:73:66:74:f0:d8:5d:e0:f6:cc:95:0f: a1:8e:c9:6a:1f:36:e9:10:37:d0:31:ba:84:29:0b:f8:1f:9b: 0f:b4:44:c0:81:5a:19:1c:8f:ed:f5:5f:84:24:11:8d:ee:55: ba:64:42:02:7d:e6:2e:41:1f:6f:b8:5e:9a:86:e5:6b:7e:a4: 6e:46:72:18:6f:fa:a0:f9:8a:7d:3f:29:fc:22:24:5c:78:98: 42:75:4e:a1:1c:70:bd:95:a2:c8:d4:4e:f2:8d:59:3d:ee:64: 32:67:eb:48:43:dc:e1:f4:3a:17:01:5e:5c:d1:4c:3b:7f:3f: 76:d5:c4:8f:b6:e7:15:59:ad:41:03:9c:bd:3c:5b:87:14:6f: bc:b3:a1:e3:46:0c:20:ba:78:55:82:72:28:9a:01:0d:2c:60: d6:e6:c0:77:0b:84:98:4c:6a:22:6c:55:15:72:05:90:69:47: d7:2f:98:84:f6:3d:c4:e5:b3:30:d2:61:ff:1f:cd:ad:f9:36: 16:15:32:2c:ca:5b:a6:84:a8:07:b7:72:75:51:d8:fb:b7:38: e3:42:1a:95:98:61:10:8d:84:f9:5a:60:33:48:21:f5:5c:10: c4:e2:0d:58:f4:2c:6a:9a:8d:3a:5a:f7:e1:ed:c2:61:a9:2b: fe:19:e9:40 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICD3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw ODU3MDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ2NTk3MTk2N0ZCNTA3 RTNBRkNDNkMzNzhCREZEOTVDNDRGNzlEQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7Nl2OF13oLdZNpgucokQZ8BgoNtS4L1djV+83Zv4/2r68OwCO JMzhwzzcGHaSSN33X9DWVWP597fPfCWsZtNfZ9hp93R8zOXCvU3gXOzVBAzSciOs Pom9eSbv7D02RZ3YQJCh8FA6V2CBTZZoQzp7ynZPpHUvkvo78KaNPWccDJR7NF2I K/0D6UIcm5kPkl8/XrPic0tkgwqF/btH6Vz+0K3GaMQQNec9vopzVa1HFcUW3Azs 7jv1tXUcSaALSthFD/HKe+gp2+BcCNbw0v4WiIal2tQbdXPViQjQgncWDsKC2b6V 0DRehrZTjfAchAxYbBqC1Xx911xJooiCyqodAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQU1llxln+1B+OvzGw3i9/ZXET3na0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8xbGx4bG4tMUItT3Z6R3czaTlf WlhFVDNuYTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw AAWQMA0GCSqGSIb3DQEBCwUAA4IBAQA5qpneZrCfc2Z08Nhd4PbMlQ+hjslqHzbp EDfQMbqEKQv4H5sPtETAgVoZHI/t9V+EJBGN7lW6ZEICfeYuQR9vuF6ahuVrfqRu RnIYb/qg+Yp9Pyn8IiRceJhCdU6hHHC9laLI1E7yjVk97mQyZ+tIQ9zh9DoXAV5c 0Uw7fz921cSPtucVWa1BA5y9PFuHFG+8s6HjRgwgunhVgnIomgENLGDW5sB3C4SY TGoibFUVcgWQaUfXL5iE9j3E5bMw0mH/H82t+TYWFTIsylumhKgHt3J1Udj7tzjj QhqVmGEQjYT5WmAzSCH1XBDE4g1Y9Cxqmo06Wvfh7cJhqSv+GelA -----END CERTIFICATE-----Generated at Thu May 23 04:42:02 2024 by rpki-client on console-ams.rpki-client.org