$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2MwgDcC2M-zfE2bpLB2RNSPTZ7M.roa File: 2MwgDcC2M-zfE2bpLB2RNSPTZ7M.roa (raw, json) Hash identifier: FVD6rxrqSA4OFojar0vc2NJkdo+0CjcrN/uiS/T9N6A= Subject key identifier: D8:CC:20:0D:C0:B6:33:EC:DF:13:66:E9:2C:1D:91:35:23:D3:67:B3 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 11B5 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2MwgDcC2M-zfE2bpLB2RNSPTZ7M.roa Signing time: Mon 26 Aug 2024 05:17:51 +0000 ROA not before: Mon 26 Aug 2024 05:17:51 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 33717 IP address blocks: 220.128.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4533 (0x11b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:51 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D8CC200DC0B633ECDF1366E92C1D913523D367B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:e3:6e:fe:e7:7a:10:f5:90:66:96:a8:5f:88: ad:a8:76:ae:7a:5a:38:0a:d7:f3:0f:8e:a7:cb:db: f3:49:6e:1d:48:c5:ed:da:9b:94:cd:70:2c:06:2f: 9f:fb:e8:65:c1:54:2a:67:d8:5c:74:83:17:63:3f: 36:fc:aa:76:47:b0:04:6a:58:95:be:34:f7:f6:3c: 59:fa:04:eb:80:08:e9:5c:37:4e:c1:af:69:df:5a: 7b:e8:e2:0a:1a:50:47:68:f6:df:56:d4:66:91:a9: e9:89:e2:ac:d9:0b:ba:75:3c:28:78:6b:23:b9:90: 7c:fe:bb:e7:e2:2d:43:c1:24:72:1d:64:df:ce:b7: 95:34:a6:d2:b2:89:f0:0f:05:60:95:72:e4:94:e7: 86:22:d5:20:ff:4d:81:66:85:bf:4e:2f:ce:ba:25: ce:47:1a:3e:1f:0b:65:13:1f:26:5b:80:2e:2b:88: 89:91:5b:7f:73:75:9d:2b:d4:f0:29:98:9b:68:b9: 79:3d:d7:32:8d:0f:1c:5c:2f:e5:8e:2b:22:2b:50: 57:39:02:24:77:ed:fe:59:7c:7c:2a:80:da:46:17: 33:17:1c:ff:f0:75:b4:6b:6f:2c:b8:70:83:a2:5d: 80:0a:2c:7b:72:69:4a:6b:ca:1a:d4:54:05:bb:d8: 77:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:CC:20:0D:C0:B6:33:EC:DF:13:66:E9:2C:1D:91:35:23:D3:67:B3 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2MwgDcC2M-zfE2bpLB2RNSPTZ7M.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.128.55.0/24 Signature Algorithm: sha256WithRSAEncryption b2:63:0f:1e:ab:32:83:28:05:d1:54:82:fb:45:b0:01:7a:40: f2:9c:25:aa:7a:c0:c4:dc:ce:ad:59:25:00:fb:81:e5:c7:0d: 7e:91:c5:55:c1:d4:fa:f9:69:ca:22:f2:79:3c:18:cf:15:ae: 3c:1c:33:f7:73:8e:a1:b3:20:5e:24:b0:2c:9a:c2:2d:48:06: 2b:56:93:ed:3c:dc:3f:68:56:ed:4b:31:db:63:fe:fe:06:0c: 3f:60:76:ef:0d:2d:bb:36:3e:e3:a7:78:3d:ff:ef:e7:b1:05: 36:d8:91:32:8d:97:04:53:79:8e:6c:5f:fe:2b:ef:d8:8e:56: 02:b1:98:36:0f:5f:86:64:49:09:cc:16:06:a4:65:3e:6f:d4: ff:d4:ae:1f:e2:9b:90:8f:d6:c5:c6:44:7d:e7:99:f0:86:c6: b1:78:4b:a5:f7:1c:e0:49:5a:4f:87:1d:3e:1b:f2:a7:7f:4b: f9:c7:e3:fd:3c:a8:61:aa:18:c9:db:71:c3:67:3f:13:91:99: af:15:2e:9f:d8:2c:71:2e:68:2e:67:ae:80:ba:00:95:48:ed: 65:6e:a8:5a:3d:49:a0:37:64:4c:44:56:6f:67:1b:5f:3d:60: c8:78:f6:32:29:05:32:20:c5:e1:3c:5d:d0:e4:ac:16:de:70: 37:2d:b6:de -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEbUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ4Q0MyMDBEQzBCNjMz RUNERjEzNjZFOTJDMUQ5MTM1MjNEMzY3QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW427+53oQ9ZBmlqhfiK2odq56WjgK1/MPjqfL2/NJbh1Ixe3a m5TNcCwGL5/76GXBVCpn2Fx0gxdjPzb8qnZHsARqWJW+NPf2PFn6BOuACOlcN07B r2nfWnvo4goaUEdo9t9W1GaRqemJ4qzZC7p1PCh4ayO5kHz+u+fiLUPBJHIdZN/O t5U0ptKyifAPBWCVcuSU54Yi1SD/TYFmhb9OL866Jc5HGj4fC2UTHyZbgC4riImR W39zdZ0r1PApmJtouXk91zKNDxxcL+WOKyIrUFc5AiR37f5ZfHwqgNpGFzMXHP/w dbRrbyy4cIOiXYAKLHtyaUpryhrUVAW72HeBAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU2MwgDcC2M+zfE2bpLB2RNSPTZ7MwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8yTXdnRGNDMk0temZFMmJwTEIy Uk5TUFRaN00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IA3 MA0GCSqGSIb3DQEBCwUAA4IBAQCyYw8eqzKDKAXRVIL7RbABekDynCWqesDE3M6t WSUA+4Hlxw1+kcVVwdT6+WnKIvJ5PBjPFa48HDP3c46hsyBeJLAsmsItSAYrVpPt PNw/aFbtSzHbY/7+Bgw/YHbvDS27Nj7jp3g9/+/nsQU22JEyjZcEU3mObF/+K+/Y jlYCsZg2D1+GZEkJzBYGpGU+b9T/1K4f4puQj9bFxkR955nwhsaxeEul9xzgSVpP hx0+G/Knf0v5x+P9PKhhqhjJ23HDZz8TkZmvFS6f2CxxLmguZ66AugCVSO1lbqha PUmgN2RMRFZvZxtfPWDIePYyKQUyIMXhPF3Q5KwW3nA3Lbbe -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:51 2024 by rpki-client on console-fra.rpki-client.org