$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/4bYCVkRgIgE_Ww1M9PGJeL0op-4.roa File: 4bYCVkRgIgE_Ww1M9PGJeL0op-4.roa (raw, json) Hash identifier: naDWXZIiBBC8/tpTFSftHxquzPXKGGAe/KH8vtiWVgA= Subject key identifier: E1:B6:02:56:44:60:22:01:3F:5B:0D:4C:F4:F1:89:78:BD:28:A7:EE Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1214 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/4bYCVkRgIgE_Ww1M9PGJeL0op-4.roa Signing time: Mon 26 Aug 2024 05:18:14 +0000 ROA not before: Mon 26 Aug 2024 05:18:14 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 202.39.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4628 (0x1214) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:18:14 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E1B60256446022013F5B0D4CF4F18978BD28A7EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:7f:02:5e:f9:ef:97:b0:d9:0d:58:04:1d:4b: fe:1f:21:21:f8:45:01:d0:d2:11:17:71:c1:a8:66: 74:74:7e:50:d4:89:e1:18:48:38:70:6c:81:84:f0: 64:b9:a8:39:82:06:b5:08:7b:17:23:71:ab:2b:39: e9:14:52:ed:42:f4:62:14:88:d9:88:42:21:d0:e0: 6e:65:f5:11:01:1f:d9:e8:7d:10:c8:82:3b:ce:32: eb:c4:f9:7b:cf:a6:6f:b0:52:24:c9:59:9a:44:78: d0:ff:96:ce:36:30:d9:a4:a9:e0:cd:b4:8d:91:0a: 2e:4a:62:07:12:25:2b:a8:bb:ac:96:62:ea:af:cd: 78:11:d5:18:60:ad:16:c7:dd:68:d0:ad:cf:8e:1f: 05:99:5f:b6:5d:f0:a4:fc:22:66:f5:62:30:3d:f8: 89:5b:34:0b:a3:28:3f:b2:26:34:9a:49:79:49:fd: 10:9f:50:2b:47:f6:4f:da:6b:f6:69:6d:75:18:b5: a4:d2:4b:3c:6f:3e:17:bc:74:09:fc:3b:b3:5e:50: f1:01:7d:a2:0a:31:64:c6:a8:bc:14:f1:f0:bd:30: 1a:b1:39:43:68:99:2d:54:fb:25:6e:90:3f:88:bb: 04:f6:a2:e6:fe:90:0a:a2:7c:62:d0:c3:77:b1:b7: 2a:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:B6:02:56:44:60:22:01:3F:5B:0D:4C:F4:F1:89:78:BD:28:A7:EE X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/4bYCVkRgIgE_Ww1M9PGJeL0op-4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.39.128.0/17 Signature Algorithm: sha256WithRSAEncryption 9b:8b:fc:a4:05:d2:0b:a1:cb:a3:f8:ee:b2:68:ba:27:36:c1: 91:69:57:42:61:0e:ee:01:44:d5:d9:65:c4:79:49:47:0e:f5: 0e:6e:51:6a:72:98:66:f5:6e:8c:e2:92:0e:cb:bd:1c:3d:f9: c9:43:7e:d4:be:01:28:2f:02:e1:7c:a7:65:dc:31:f7:b5:fd: d1:6d:87:fb:22:9d:c8:7e:51:1a:a8:c5:b2:b9:0e:4a:3c:84: a1:1a:b9:3b:5c:68:92:dd:e3:b9:1a:ca:d3:34:03:5d:40:ee: 30:ae:f7:f5:5f:8c:34:ff:11:36:60:80:ff:3e:a3:af:85:18: 1b:7e:22:16:7d:13:62:a3:7e:dd:0b:86:63:1f:a9:5b:66:26: af:56:a4:21:b2:48:02:5b:62:4a:4c:26:fe:81:c7:a7:c4:e5: 04:b3:f0:c9:a3:62:23:81:87:85:5b:4e:d1:66:e2:2b:9a:1b: 25:d0:59:70:07:62:be:7e:fe:80:75:95:c2:4a:7b:d5:7d:b9: a5:c3:c1:ae:79:57:e8:e0:69:24:32:99:e5:21:3d:73:88:b9: 2e:da:60:4d:2f:3c:d8:90:f8:ce:78:7e:93:2c:b8:e3:41:d9: 4a:30:22:cd:25:e5:6f:58:80:80:5f:df:86:70:cf:bf:d9:e9: 8f:45:c4:d0 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEhQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE4MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUxQjYwMjU2NDQ2MDIy MDEzRjVCMEQ0Q0Y0RjE4OTc4QkQyOEE3RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD4fwJe+e+XsNkNWAQdS/4fISH4RQHQ0hEXccGoZnR0flDUieEY SDhwbIGE8GS5qDmCBrUIexcjcasrOekUUu1C9GIUiNmIQiHQ4G5l9REBH9nofRDI gjvOMuvE+XvPpm+wUiTJWZpEeND/ls42MNmkqeDNtI2RCi5KYgcSJSuou6yWYuqv zXgR1RhgrRbH3WjQrc+OHwWZX7Zd8KT8Imb1YjA9+IlbNAujKD+yJjSaSXlJ/RCf UCtH9k/aa/ZpbXUYtaTSSzxvPhe8dAn8O7NeUPEBfaIKMWTGqLwU8fC9MBqxOUNo mS1U+yVukD+IuwT2oub+kAqifGLQw3extyrlAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU4bYCVkRgIgE/Ww1M9PGJeL0op+4wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC80YllDVmtSZ0lnRV9XdzFNOVBH SmVMMG9wLTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHyieA MA0GCSqGSIb3DQEBCwUAA4IBAQCbi/ykBdILocuj+O6yaLonNsGRaVdCYQ7uAUTV 2WXEeUlHDvUOblFqcphm9W6M4pIOy70cPfnJQ37UvgEoLwLhfKdl3DH3tf3RbYf7 Ip3IflEaqMWyuQ5KPIShGrk7XGiS3eO5GsrTNANdQO4wrvf1X4w0/xE2YID/PqOv hRgbfiIWfRNio37dC4ZjH6lbZiavVqQhskgCW2JKTCb+gcenxOUEs/DJo2IjgYeF W07RZuIrmhsl0FlwB2K+fv6AdZXCSnvVfbmlw8GueVfo4GkkMpnlIT1ziLku2mBN LzzYkPjOeH6TLLjjQdlKMCLNJeVvWICAX9+GcM+/2emPRcTQ -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:51 2024 by rpki-client on console-fra.rpki-client.org