$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/74T_0h-wkOIcBM18Y-4aoWTiV2c.roa File: 74T_0h-wkOIcBM18Y-4aoWTiV2c.roa (raw, json) Hash identifier: d3xIE6mVYJYdyyI5Ohddc0fhMBZvJny/jelk2DhzQEU= Subject key identifier: EF:84:FF:D2:1F:B0:90:E2:1C:04:CD:7C:63:EE:1A:A1:64:E2:57:67 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 11EF Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/74T_0h-wkOIcBM18Y-4aoWTiV2c.roa Signing time: Mon 26 Aug 2024 05:18:05 +0000 ROA not before: Mon 26 Aug 2024 05:18:05 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 220.128.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4591 (0x11ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:18:05 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=EF84FFD21FB090E21C04CD7C63EE1AA164E25767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:6d:bd:d0:dc:15:31:30:32:c2:1d:e0:85:ae: 49:a2:18:aa:d1:07:7c:9f:8c:7d:99:b1:0e:2f:e1: d8:14:12:20:dc:c4:69:c1:da:5e:f8:f8:9d:5b:55: 74:18:e5:2c:6c:6f:44:6e:b4:93:93:7f:4a:48:aa: c1:b2:95:6c:2b:e4:89:78:0d:7e:64:f0:e8:3d:1c: 7e:e2:a3:80:f8:3e:01:2f:d4:4a:31:c5:1a:0e:78: 30:23:85:0c:0b:09:9a:05:ed:2b:5d:a1:46:7c:22: c6:73:65:f0:1e:ad:e0:68:06:48:18:6a:e3:39:37: 97:77:96:23:ed:41:8c:60:ef:5f:7d:26:c4:15:e5: 84:92:90:f7:3d:02:7a:48:0f:15:4d:ce:7b:1d:7f: 94:d8:e5:c3:bb:0b:3c:3e:5d:ae:87:5d:32:a4:b8: 12:64:1a:b7:3c:d2:4a:37:da:d5:ba:fe:c0:24:cd: c6:40:b3:b9:7c:d2:e8:02:bf:0b:27:ad:24:18:ca: 4f:c6:87:92:b3:9e:d9:dd:1b:49:ad:3a:d2:19:bb: b7:59:b2:bf:42:52:a3:01:db:8c:4e:11:fc:6d:7b: f0:3f:45:db:47:9b:78:69:fc:3c:55:1c:b3:dc:3e: d1:f6:4e:60:fc:94:8a:c1:c2:6a:bc:1b:40:3a:00: a2:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:84:FF:D2:1F:B0:90:E2:1C:04:CD:7C:63:EE:1A:A1:64:E2:57:67 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/74T_0h-wkOIcBM18Y-4aoWTiV2c.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.128.72.0/24 Signature Algorithm: sha256WithRSAEncryption a4:4a:c2:f5:49:a6:b9:74:ca:b8:08:5f:2a:45:75:e2:b9:4a: d7:23:fd:71:3a:cd:c7:e3:95:c0:2d:01:0f:70:77:6b:d2:08: 47:a5:63:78:2a:ae:ad:c9:a2:33:20:41:b8:19:28:88:d4:65: 7f:6c:ae:f6:a2:fe:59:a8:cc:d3:3f:34:74:85:37:11:de:7b: 6d:d0:9d:c7:12:e0:5b:24:58:1f:15:2b:0a:e4:2d:9f:60:c8: 64:75:47:2b:1a:3e:72:11:53:58:b1:c3:83:87:10:4b:6f:a7: 8b:4b:7a:1d:46:9c:63:d6:e9:f0:12:81:c8:23:b9:0b:0d:b4: ab:d7:3e:a0:fd:d5:94:eb:f8:ca:4b:27:16:54:f7:24:3f:d6: 8f:6b:5c:80:54:a3:b6:f6:61:be:60:83:53:8c:73:d3:a6:4a: 35:e8:59:fe:a9:eb:12:23:9a:22:53:fb:84:2f:c8:f7:de:b8: 24:75:eb:0e:3d:6d:cc:f7:b9:0b:97:58:09:04:a0:67:9f:cb: 2d:c7:b8:f5:af:7a:0f:d2:3d:80:29:bb:c3:ce:70:39:2a:0b: 71:89:3a:80:66:fa:04:a8:03:53:f8:be:9f:55:6b:81:d6:a2: 6f:e0:2a:25:1b:26:6d:44:23:a1:b8:11:67:fe:56:2f:ad:5f: af:a0:b3:77 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE4MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEVGODRGRkQyMUZCMDkw RTIxQzA0Q0Q3QzYzRUUxQUExNjRFMjU3NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDubb3Q3BUxMDLCHeCFrkmiGKrRB3yfjH2ZsQ4v4dgUEiDcxGnB 2l74+J1bVXQY5Sxsb0RutJOTf0pIqsGylWwr5Il4DX5k8Og9HH7io4D4PgEv1Eox xRoOeDAjhQwLCZoF7StdoUZ8IsZzZfAereBoBkgYauM5N5d3liPtQYxg7199JsQV 5YSSkPc9AnpIDxVNznsdf5TY5cO7Czw+Xa6HXTKkuBJkGrc80ko32tW6/sAkzcZA s7l80ugCvwsnrSQYyk/Gh5KzntndG0mtOtIZu7dZsr9CUqMB24xOEfxte/A/RdtH m3hp/DxVHLPcPtH2TmD8lIrBwmq8G0A6AKLXAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU74T/0h+wkOIcBM18Y+4aoWTiV2cwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC83NFRfMGgtd2tPSWNCTTE4WS00 YW9XVGlWMmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBI MA0GCSqGSIb3DQEBCwUAA4IBAQCkSsL1Saa5dMq4CF8qRXXiuUrXI/1xOs3H45XA LQEPcHdr0ghHpWN4Kq6tyaIzIEG4GSiI1GV/bK72ov5ZqMzTPzR0hTcR3ntt0J3H EuBbJFgfFSsK5C2fYMhkdUcrGj5yEVNYscODhxBLb6eLS3odRpxj1unwEoHII7kL DbSr1z6g/dWU6/jKSycWVPckP9aPa1yAVKO29mG+YINTjHPTpko16Fn+qesSI5oi U/uEL8j33rgkdesOPW3M97kLl1gJBKBnn8stx7j1r3oP0j2AKbvDznA5KgtxiTqA ZvoEqANT+L6fVWuB1qJv4ColGyZtRCOhuBFn/lYvrV+voLN3 -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:38 2024 by rpki-client on console-fra.rpki-client.org