$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/D7sgJtRT7WQnEeErUfafThlHss0.roa File: D7sgJtRT7WQnEeErUfafThlHss0.roa (raw, json) Hash identifier: nV8696bjzh4+Zb1GxedFBk9qnDdGA1ME9vWVb3CtIz8= Subject key identifier: 0F:BB:20:26:D4:53:ED:64:27:11:E1:2B:51:F6:9F:4E:19:47:B2:CD Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 117E Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/D7sgJtRT7WQnEeErUfafThlHss0.roa Signing time: Mon 26 Aug 2024 05:17:35 +0000 ROA not before: Mon 26 Aug 2024 05:17:35 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 10126 IP address blocks: 203.160.240.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4478 (0x117e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:35 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0FBB2026D453ED642711E12B51F69F4E1947B2CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:2c:92:66:a6:cb:e5:2b:e3:66:15:8e:e4:6f: 72:87:eb:87:2f:9e:af:05:7a:e1:0d:b1:dc:1d:63: 2f:69:3f:fc:a4:8b:46:c5:51:91:0d:17:92:09:8a: f1:76:d2:6f:16:9a:2c:34:c5:ea:d4:91:db:54:42: 78:17:d2:ef:cd:69:d9:77:78:dd:fc:56:c3:5e:27: 8f:83:2f:72:63:c4:2d:58:b3:a9:65:a4:05:79:1e: e2:8d:b4:bc:8a:b7:17:37:4c:eb:b2:83:d7:db:e4: f8:df:d0:96:4e:2e:b8:7b:26:98:86:37:99:fe:19: 45:8e:96:5b:92:36:07:19:3c:b3:35:e1:31:0c:32: d6:ea:44:fd:07:00:85:fa:2d:3c:97:20:97:ca:21: 9e:e5:38:dc:00:65:35:df:28:c8:98:aa:ef:91:cd: e1:97:ba:4d:82:01:b1:9e:c8:15:1b:b3:46:fb:03: a5:b3:f9:56:fb:d6:98:3f:98:99:9e:c1:db:03:6b: 1c:a3:ff:d7:26:7a:9e:2e:5f:30:04:02:88:7a:98: bd:b6:c6:6d:bf:91:bf:f3:e4:c0:42:84:91:d6:63: 0f:0e:9a:1e:e0:59:d3:f7:23:e1:bb:7f:ee:55:d0: ee:5f:f8:5b:9a:57:d6:12:1d:24:21:ee:45:e1:8f: d4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:BB:20:26:D4:53:ED:64:27:11:E1:2B:51:F6:9F:4E:19:47:B2:CD X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/D7sgJtRT7WQnEeErUfafThlHss0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.160.240.0/20 Signature Algorithm: sha256WithRSAEncryption 53:37:61:f4:e2:cf:48:88:28:00:d2:a9:d6:cd:ba:d1:ac:6e: 43:85:ea:a5:b1:72:50:86:c0:e0:64:69:54:b6:2e:8f:b8:de: 59:68:8d:ae:76:b9:65:f1:d6:e8:e0:35:a2:72:43:e7:da:67: dc:26:ea:41:08:b9:71:99:86:a4:cc:61:c1:d7:7b:ba:6b:0f: b0:07:35:b9:e1:df:8e:99:55:16:dd:8e:d1:bd:97:18:00:23: 98:16:e9:48:d0:7a:b3:f2:a1:eb:dc:b0:a0:2b:f5:56:41:6b: 4c:26:57:60:75:9d:c0:aa:f8:bc:52:9b:c4:d5:e1:42:d3:e8: fa:db:a1:26:0e:94:12:7e:1d:39:5b:e1:25:2e:a2:64:73:73: 10:f0:f7:4b:8b:92:44:2b:4a:96:3b:43:32:7b:88:ce:59:68: 2c:6e:fe:13:5e:a2:54:93:15:56:88:bd:49:20:e0:05:fd:8f: 00:89:20:3f:d5:c0:6b:c6:4b:49:e9:26:6b:f5:79:fa:d8:7c: 26:71:17:68:c4:b0:dd:db:9e:79:a0:f4:7a:f3:fd:3d:83:a6: f1:3d:fb:2b:80:60:b0:93:4f:f0:36:46:77:7b:26:a0:0a:89: 72:e8:03:f9:01:37:8c:8e:39:2f:3d:9c:5e:c5:10:78:62:a6: 24:05:b7:09 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEX4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBGQkIyMDI2RDQ1M0VE NjQyNzExRTEyQjUxRjY5RjRFMTk0N0IyQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtLJJmpsvlK+NmFY7kb3KH64cvnq8FeuENsdwdYy9pP/yki0bF UZENF5IJivF20m8Wmiw0xerUkdtUQngX0u/Nadl3eN38VsNeJ4+DL3JjxC1Ys6ll pAV5HuKNtLyKtxc3TOuyg9fb5Pjf0JZOLrh7JpiGN5n+GUWOlluSNgcZPLM14TEM MtbqRP0HAIX6LTyXIJfKIZ7lONwAZTXfKMiYqu+RzeGXuk2CAbGeyBUbs0b7A6Wz +Vb71pg/mJmewdsDaxyj/9cmep4uXzAEAoh6mL22xm2/kb/z5MBChJHWYw8Omh7g WdP3I+G7f+5V0O5f+FuaV9YSHSQh7kXhj9RXAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUD7sgJtRT7WQnEeErUfafThlHss0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9EN3NnSnRSVDdXUW5FZUVyVWZh ZlRobEhzczAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy6Dw MA0GCSqGSIb3DQEBCwUAA4IBAQBTN2H04s9IiCgA0qnWzbrRrG5DheqlsXJQhsDg ZGlUti6PuN5ZaI2udrll8dbo4DWickPn2mfcJupBCLlxmYakzGHB13u6aw+wBzW5 4d+OmVUW3Y7RvZcYACOYFulI0Hqz8qHr3LCgK/VWQWtMJldgdZ3Aqvi8UpvE1eFC 0+j626EmDpQSfh05W+ElLqJkc3MQ8PdLi5JEK0qWO0Mye4jOWWgsbv4TXqJUkxVW iL1JIOAF/Y8AiSA/1cBrxktJ6SZr9Xn62HwmcRdoxLDd2555oPR68/09g6bxPfsr gGCwk0/wNkZ3eyagColy6AP5ATeMjjkvPZxexRB4YqYkBbcJ -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:06 2024 by rpki-client on console-ams.rpki-client.org