$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Dzn3Pz0lMrA7MaSIBeK5xxaf0uA.roa File: Dzn3Pz0lMrA7MaSIBeK5xxaf0uA.roa (raw, json) Hash identifier: MKIyqqY88pSSjK1OBX3FvsR+FY5JMNrEjf9uISeKYoE= Subject key identifier: 0F:39:F7:3F:3D:25:32:B0:3B:31:A4:88:05:E2:B9:C7:16:9F:D2:E0 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 119A Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Dzn3Pz0lMrA7MaSIBeK5xxaf0uA.roa Signing time: Mon 26 Aug 2024 05:17:43 +0000 ROA not before: Mon 26 Aug 2024 05:17:43 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 142005 IP address blocks: 210.242.83.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4506 (0x119a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:43 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0F39F73F3D2532B03B31A48805E2B9C7169FD2E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a4:4f:e0:0e:d8:02:2c:35:97:55:4a:24:5b: 88:a0:7c:b4:ae:cd:e4:05:97:e5:19:dc:91:35:fd: 0a:26:93:51:c1:c1:0e:39:f0:15:99:91:70:c7:61: 75:50:4b:2e:c6:0d:1e:cf:76:f4:d1:b6:96:e3:34: 55:94:47:8e:59:c8:8b:3f:67:6f:e5:d0:96:0f:fc: e4:bf:77:c7:6d:85:ee:74:3e:bc:10:8f:e4:bf:8e: bb:5d:16:8e:17:0f:37:e0:3c:97:d2:a5:da:82:b1: f1:81:c2:46:bd:fa:64:e3:45:e5:ed:1e:e1:fe:7e: fe:44:7e:2d:e5:3a:36:8b:fa:ed:ca:a9:60:d4:9c: 0f:1d:94:70:d8:de:cb:c6:d7:45:3c:3b:61:e0:db: 95:6a:9d:59:42:ed:7b:52:db:e1:60:09:2d:08:38: e9:6a:41:02:73:d6:d2:87:8c:3a:f3:f4:7d:b4:2a: 1c:8a:16:b5:b1:22:1b:4d:31:18:7f:51:b9:08:ae: e9:e6:f9:01:33:fd:ac:17:8e:89:5f:7a:76:b4:83: 0c:0f:3f:2c:96:ac:46:ee:ee:fb:24:03:b8:a0:29: b4:4a:bd:89:62:1a:9c:6f:f0:a1:e4:97:66:58:01: 42:c5:77:65:ed:3a:7b:be:42:87:43:e6:8f:3c:83: 30:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:39:F7:3F:3D:25:32:B0:3B:31:A4:88:05:E2:B9:C7:16:9F:D2:E0 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Dzn3Pz0lMrA7MaSIBeK5xxaf0uA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.242.83.0/24 Signature Algorithm: sha256WithRSAEncryption d3:25:a5:77:85:d5:e1:8a:f5:8a:66:bb:e6:1d:f6:71:0a:47: 55:49:22:a8:c4:be:e6:14:11:6c:e2:f9:96:ae:ad:9b:45:86: 85:9b:9c:c5:2f:e5:48:f8:89:2f:4e:fd:67:ac:ac:7c:8e:8f: f8:9a:c2:45:51:b8:b1:9b:c9:8f:13:67:6d:35:17:5f:af:f8: 2a:2a:31:c7:3d:70:10:4f:15:eb:f2:4b:a2:bf:04:66:b3:eb: 9c:d7:28:1e:68:cb:92:95:a2:72:0d:b1:8c:d7:25:b0:5d:4c: 0d:0b:7a:e8:ca:ee:0f:cb:57:99:4d:9b:a4:a6:93:01:3b:37: 52:ae:78:5c:0a:3f:43:ce:b2:4b:dd:d4:3a:6b:eb:b5:cc:60: 6c:d1:a2:5e:d3:22:20:2d:ca:35:e4:6d:ac:2e:00:0e:a4:23: 67:a1:4a:53:23:0c:f3:79:bf:69:0b:37:88:0e:92:b6:0c:b8: ee:e0:35:d4:6e:03:b4:59:ea:07:74:f6:d3:64:98:b6:0a:27: 87:0e:52:cf:22:f3:0d:96:48:f0:01:8f:8d:4d:8a:32:89:a5: 8f:d7:7b:d6:46:a2:c7:42:9f:92:8b:79:d0:0f:59:c3:81:1b: 13:80:b1:e8:a8:d5:4b:3e:f5:75:c3:ab:54:54:34:5e:52:3e: 20:01:7a:6c -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBGMzlGNzNGM0QyNTMy QjAzQjMxQTQ4ODA1RTJCOUM3MTY5RkQyRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCapE/gDtgCLDWXVUokW4igfLSuzeQFl+UZ3JE1/Qomk1HBwQ45 8BWZkXDHYXVQSy7GDR7PdvTRtpbjNFWUR45ZyIs/Z2/l0JYP/OS/d8dthe50PrwQ j+S/jrtdFo4XDzfgPJfSpdqCsfGBwka9+mTjReXtHuH+fv5Efi3lOjaL+u3KqWDU nA8dlHDY3svG10U8O2Hg25VqnVlC7XtS2+FgCS0IOOlqQQJz1tKHjDrz9H20KhyK FrWxIhtNMRh/UbkIrunm+QEz/awXjolfena0gwwPPyyWrEbu7vskA7igKbRKvYli Gpxv8KHkl2ZYAULFd2XtOnu+QodD5o88gzAnAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUDzn3Pz0lMrA7MaSIBeK5xxaf0uAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Eem4zUHowbE1yQTdNYVNJQmVL NXh4YWYwdUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0vJT MA0GCSqGSIb3DQEBCwUAA4IBAQDTJaV3hdXhivWKZrvmHfZxCkdVSSKoxL7mFBFs 4vmWrq2bRYaFm5zFL+VI+IkvTv1nrKx8jo/4msJFUbixm8mPE2dtNRdfr/gqKjHH PXAQTxXr8kuivwRms+uc1ygeaMuSlaJyDbGM1yWwXUwNC3royu4Py1eZTZukppMB OzdSrnhcCj9DzrJL3dQ6a+u1zGBs0aJe0yIgLco15G2sLgAOpCNnoUpTIwzzeb9p CzeIDpK2DLju4DXUbgO0WeoHdPbTZJi2CieHDlLPIvMNlkjwAY+NTYoyiaWP13vW RqLHQp+Si3nQD1nDgRsTgLHoqNVLPvV1w6tUVDReUj4gAXps -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:06 2024 by rpki-client on console-ams.rpki-client.org