$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/CQxg2TuzshyBUsyDgRszBEJK8X8.roa File: CQxg2TuzshyBUsyDgRszBEJK8X8.roa (raw, json) Hash identifier: /QgB91b4CwAjP0K0cp3XvNVc7tuH1xPLQ/MqDsODIRA= Subject key identifier: 09:0C:60:D9:3B:B3:B2:1C:81:52:CC:83:81:1B:33:04:42:4A:F1:7F Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 123E Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/CQxg2TuzshyBUsyDgRszBEJK8X8.roa Signing time: Fri 20 Sep 2024 02:48:26 +0000 ROA not before: Fri 20 Sep 2024 02:48:26 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17421 IP address blocks: 2001:b400::/23 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4670 (0x123e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 20 02:48:26 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=090C60D93BB3B21C8152CC83811B3304424AF17F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9f:8b:54:b4:b5:8e:0e:4b:16:7a:4d:7c:05: 79:05:fa:20:ac:0f:f8:09:84:53:eb:0c:c4:a8:fe: 8f:91:cd:e0:7c:37:21:5c:d4:8e:46:f9:ab:c0:b4: e7:f6:b3:cb:a3:b8:97:bd:2b:85:0a:9c:99:9d:ab: 62:e8:91:b9:ce:0e:d5:cc:a0:b6:e2:be:10:82:0c: cf:32:36:e9:14:0a:26:97:75:c2:0a:6d:6e:ef:0f: 96:c9:00:1a:f8:2d:d2:a9:b3:dd:80:2d:08:02:71: 9a:ba:76:40:d9:6a:1a:2a:c6:7b:ac:8c:3e:be:74: 6d:f8:80:44:ed:29:ab:11:b9:2c:1f:8c:2b:d2:70: a1:a2:f2:ff:41:01:be:9f:07:b9:f3:8e:36:3d:28: 90:b6:f0:d0:ea:2c:3a:e1:98:cb:d6:91:0f:9d:c0: 43:28:e3:96:3e:d5:f1:d5:b5:7d:64:d5:36:fd:6b: 04:26:ea:d5:f8:36:11:1e:c8:3d:4e:f9:a5:27:b4: fc:ee:92:e8:86:de:60:6c:e8:dd:6b:27:a1:a7:25: ca:60:34:fb:03:d4:cd:0c:fe:0d:9a:45:dc:89:89: db:e8:20:0f:a2:5c:df:e7:08:8a:cd:f8:66:c5:a4: a6:f5:38:e1:18:c5:cc:1c:65:0f:bf:0c:57:71:3d: 58:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:0C:60:D9:3B:B3:B2:1C:81:52:CC:83:81:1B:33:04:42:4A:F1:7F X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/CQxg2TuzshyBUsyDgRszBEJK8X8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:b400::/23 Signature Algorithm: sha256WithRSAEncryption 82:02:f0:2c:53:6b:20:e2:fd:ee:44:e4:07:d7:3e:a6:bb:bb: 7a:ba:a4:71:58:6d:1c:93:fe:a6:bf:d0:27:6d:35:57:e7:2a: a6:b9:53:3f:c8:00:b4:44:d5:21:68:a3:28:69:94:54:c4:2c: 70:9f:a7:09:f4:64:2b:34:17:7c:0c:37:05:ed:c2:55:dc:aa: 06:af:a6:ea:f3:d5:c9:b7:17:32:7d:94:c3:98:85:4a:e8:5d: a7:6b:da:05:ee:7c:2f:f9:5c:fb:64:98:f4:df:63:fc:60:86: 3a:1d:62:40:b4:49:c6:73:4c:82:30:24:b0:83:e8:99:ca:c8: b2:9c:c1:d1:4c:97:26:91:f3:ac:85:52:52:ba:40:50:b7:ad: 71:80:6e:7a:ac:97:ad:1a:24:9d:92:b0:bb:48:cf:c5:ee:1d: 84:58:63:36:77:db:f4:ef:4b:65:22:6c:6b:4c:e6:5b:fa:9c: db:f8:2f:3f:c3:22:57:26:3d:43:1e:49:86:3c:0d:14:81:47: 65:c3:d5:c9:83:dd:d0:4d:e9:f8:d0:7c:f7:a7:db:0b:13:79: e0:f6:18:eb:8b:06:2f:bf:f2:44:51:1e:e9:0e:10:0b:b9:2c: a3:f3:6b:94:61:02:92:c6:a2:77:c8:3f:83:12:67:71:67:59: 2d:96:17:8d -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA5MjAw MjQ4MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA5MEM2MEQ5M0JCM0Iy MUM4MTUyQ0M4MzgxMUIzMzA0NDI0QUYxN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzn4tUtLWODksWek18BXkF+iCsD/gJhFPrDMSo/o+RzeB8NyFc 1I5G+avAtOf2s8ujuJe9K4UKnJmdq2LokbnODtXMoLbivhCCDM8yNukUCiaXdcIK bW7vD5bJABr4LdKps92ALQgCcZq6dkDZahoqxnusjD6+dG34gETtKasRuSwfjCvS cKGi8v9BAb6fB7nzjjY9KJC28NDqLDrhmMvWkQ+dwEMo45Y+1fHVtX1k1Tb9awQm 6tX4NhEeyD1O+aUntPzukuiG3mBs6N1rJ6GnJcpgNPsD1M0M/g2aRdyJidvoIA+i XN/nCIrN+GbFpKb1OOEYxcwcZQ+/DFdxPVjbAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUCQxg2TuzshyBUsyDgRszBEJK8X8wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9DUXhnMlR1enNoeUJVc3lEZ1Jz ekJFSks4WDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQBIAG0 MA0GCSqGSIb3DQEBCwUAA4IBAQCCAvAsU2sg4v3uROQH1z6mu7t6uqRxWG0ck/6m v9AnbTVX5yqmuVM/yAC0RNUhaKMoaZRUxCxwn6cJ9GQrNBd8DDcF7cJV3KoGr6bq 89XJtxcyfZTDmIVK6F2na9oF7nwv+Vz7ZJj032P8YIY6HWJAtEnGc0yCMCSwg+iZ ysiynMHRTJcmkfOshVJSukBQt61xgG56rJetGiSdkrC7SM/F7h2EWGM2d9v070tl ImxrTOZb+pzb+C8/wyJXJj1DHkmGPA0UgUdlw9XJg93QTen40Hz3p9sLE3ng9hjr iwYvv/JEUR7pDhALuSyj82uUYQKSxqJ3yD+DEmdxZ1ktlheN -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:32 2024 by rpki-client on console-ams.rpki-client.org