$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Gt1lFdu6qZZF2ts3y1lK2XdxYi0.roa File: Gt1lFdu6qZZF2ts3y1lK2XdxYi0.roa (raw, json) Hash identifier: 5B7bxTtqB5AGLp+HO/EoefOncpraWCAYsXduch10Qgw= Subject key identifier: 1A:DD:65:15:DB:BA:A9:96:45:DA:DB:37:CB:59:4A:D9:77:71:62:2D Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1179 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Gt1lFdu6qZZF2ts3y1lK2XdxYi0.roa Signing time: Mon 26 Aug 2024 05:17:34 +0000 ROA not before: Mon 26 Aug 2024 05:17:34 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 220.132.0.0/14 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4473 (0x1179) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:34 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1ADD6515DBBAA99645DADB37CB594AD97771622D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3d:d5:b2:be:c1:d4:fe:a8:63:cd:44:2d:f0: 8f:dc:37:a7:e9:cb:8c:32:de:8c:61:85:f0:d7:8d: fe:9a:b4:17:b7:1f:3c:61:de:62:6f:76:be:a9:a7: 19:03:b3:34:7c:b9:64:d2:0c:53:04:3d:7c:06:62: 53:26:22:fa:05:8a:af:20:b7:94:81:24:43:bb:e7: 51:7f:58:24:2b:15:0d:d8:d9:f0:08:12:2a:8b:e8: 36:b0:8b:5e:a4:22:6b:95:99:0a:f4:54:ce:5e:fa: 6b:76:57:e9:bf:9b:10:1d:42:df:9b:1e:e6:d4:6c: df:df:28:5f:e8:5c:70:14:ce:35:d5:b3:78:1e:70: 23:80:b6:17:d4:70:4b:16:05:32:22:c5:df:41:ab: 61:e5:b1:0f:b1:98:f4:62:5a:8a:48:52:51:e0:ed: 75:6e:28:a0:c2:48:12:13:e2:96:63:a5:3d:52:3f: 71:e5:e9:73:6e:cc:b0:6a:a2:17:20:7b:52:f6:bc: 8c:ac:79:67:d2:58:0e:a1:01:67:f0:c1:2e:c4:53: 90:fe:d2:4f:ec:db:2e:f6:de:90:33:5f:68:19:ce: 62:5b:e1:cb:f8:85:c6:05:30:8d:94:ad:ae:f7:19: 40:6e:cf:7d:4d:02:8d:3b:94:bb:2f:c6:98:a6:7a: 81:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:DD:65:15:DB:BA:A9:96:45:DA:DB:37:CB:59:4A:D9:77:71:62:2D X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Gt1lFdu6qZZF2ts3y1lK2XdxYi0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.132.0.0/14 Signature Algorithm: sha256WithRSAEncryption 4d:56:c8:52:01:88:97:b2:3b:3f:76:44:8e:8e:e1:f5:59:e1: 9d:2b:50:b1:36:a3:61:66:23:b1:65:89:63:9a:b9:6a:7c:b3: 3b:98:35:62:ab:bb:66:43:0b:1b:7f:0f:28:b9:30:cc:85:49: 33:8a:53:a4:df:d3:6b:57:ae:cf:9f:5c:71:55:65:5d:6e:d6: 0e:19:e1:0e:ce:aa:2b:02:a8:18:4e:26:ea:da:6e:0b:e4:5d: 6a:28:54:62:06:1c:6d:06:7f:a9:92:41:af:af:cb:aa:27:ac: c4:8f:de:eb:58:1d:f7:37:99:63:21:1c:f7:67:5b:ae:5d:c3: 8f:fc:31:24:a9:d1:63:3d:d9:ad:aa:11:6a:47:29:b5:03:a8: 96:e1:ca:eb:a7:53:b3:af:17:86:8f:6a:4e:34:24:80:29:b3: 12:b9:0c:40:19:65:2e:29:a1:d6:91:1c:49:be:72:53:80:3e: 30:69:92:00:4a:f6:d9:72:a3:82:5d:23:f5:b8:bb:04:d1:fc: 2f:d5:20:81:36:68:10:ba:e3:7d:5f:45:96:a8:23:b8:77:74: cf:4d:99:9e:79:93:f0:d2:e6:f2:85:f5:59:fa:79:e6:36:79: dc:a8:86:6e:0b:f6:ca:16:ac:30:25:8d:57:13:2e:b8:54:26: ad:07:09:53 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICEXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFBREQ2NTE1REJCQUE5 OTY0NURBREIzN0NCNTk0QUQ5Nzc3MTYyMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOPdWyvsHU/qhjzUQt8I/cN6fpy4wy3oxhhfDXjf6atBe3Hzxh 3mJvdr6ppxkDszR8uWTSDFMEPXwGYlMmIvoFiq8gt5SBJEO751F/WCQrFQ3Y2fAI EiqL6Dawi16kImuVmQr0VM5e+mt2V+m/mxAdQt+bHubUbN/fKF/oXHAUzjXVs3ge cCOAthfUcEsWBTIixd9Bq2HlsQ+xmPRiWopIUlHg7XVuKKDCSBIT4pZjpT1SP3Hl 6XNuzLBqohcge1L2vIyseWfSWA6hAWfwwS7EU5D+0k/s2y723pAzX2gZzmJb4cv4 hcYFMI2Ura73GUBuz31NAo07lLsvxpimeoHHAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUGt1lFdu6qZZF2ts3y1lK2XdxYi0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9HdDFsRmR1NnFaWkYydHMzeTFs SzJYZHhZaTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMC3IQw DQYJKoZIhvcNAQELBQADggEBAE1WyFIBiJeyOz92RI6O4fVZ4Z0rULE2o2FmI7Fl iWOauWp8szuYNWKru2ZDCxt/Dyi5MMyFSTOKU6Tf02tXrs+fXHFVZV1u1g4Z4Q7O qisCqBhOJurabgvkXWooVGIGHG0Gf6mSQa+vy6onrMSP3utYHfc3mWMhHPdnW65d w4/8MSSp0WM92a2qEWpHKbUDqJbhyuunU7OvF4aPak40JIApsxK5DEAZZS4podaR HEm+clOAPjBpkgBK9tlyo4JdI/W4uwTR/C/VIIE2aBC6431fRZaoI7h3dM9NmZ55 k/DS5vKF9Vn6eeY2edyohm4L9soWrDAljVcTLrhUJq0HCVM= -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:38 2024 by rpki-client on console-fra.rpki-client.org