$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Q5vyPJMcD7-Z2aIVeBvzYFmtkYQ.roa File: Q5vyPJMcD7-Z2aIVeBvzYFmtkYQ.roa (raw, json) Hash identifier: BjafmmUqR47s3VE5xMQNvO59vqlQ7vXtbL1hbY0pmXs= Subject key identifier: 43:9B:F2:3C:93:1C:0F:BF:99:D9:A2:15:78:1B:F3:60:59:AD:91:84 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 11B3 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Q5vyPJMcD7-Z2aIVeBvzYFmtkYQ.roa Signing time: Mon 26 Aug 2024 05:17:50 +0000 ROA not before: Mon 26 Aug 2024 05:17:50 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 114.24.0.0/14 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4531 (0x11b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:50 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=439BF23C931C0FBF99D9A215781BF36059AD9184 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:b7:1f:29:03:42:6f:fa:e1:ee:f3:a2:39:9e: 17:b6:e4:7c:2f:bb:f8:40:5a:25:eb:b0:e3:2a:48: 64:e6:1e:39:75:03:b0:f1:94:2a:f9:03:a9:66:32: 61:0d:eb:e3:89:c4:29:f1:e3:99:c8:f8:7c:20:ca: 26:60:d2:83:c2:2e:b6:e3:fb:08:df:3f:fa:9c:8d: 73:e4:39:fa:a8:65:44:24:5e:7a:3d:b6:63:c9:b3: 98:f7:b7:9c:2d:79:0c:e2:16:d7:65:b0:66:5b:9f: 7b:e3:6e:2b:50:3c:88:9c:cb:24:cb:ed:5f:7e:31: 2a:1d:40:65:64:0c:6b:0c:57:eb:31:df:37:ca:5f: e8:0e:2f:4a:eb:2f:34:ec:42:02:d5:65:95:cd:df: 39:34:cf:34:ee:dc:75:21:a6:3e:fd:54:99:9f:3c: 67:4a:1c:c3:4f:1a:86:69:3e:70:9e:36:3a:70:51: 39:48:5c:b6:73:5a:74:2a:f3:c5:ab:7f:c6:3f:ca: fb:1a:90:02:e4:84:9d:20:ac:f0:8c:a9:86:37:c4: f2:9b:d0:09:70:e2:32:a4:c8:eb:43:80:37:fb:1d: bc:4c:d2:8f:8a:25:ab:fe:d5:e4:84:c5:67:5e:39: 52:d6:b2:b5:d7:44:6b:11:23:8a:bd:16:c5:fd:98: 1c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:9B:F2:3C:93:1C:0F:BF:99:D9:A2:15:78:1B:F3:60:59:AD:91:84 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Q5vyPJMcD7-Z2aIVeBvzYFmtkYQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.24.0.0/14 Signature Algorithm: sha256WithRSAEncryption 94:a3:fa:3e:09:48:76:31:f0:8e:d6:1b:1f:e5:a2:c3:81:cf: 9a:2a:96:89:0c:ed:59:e2:ab:71:3e:22:42:e1:64:81:5c:ea: 60:61:72:69:5c:1e:10:1c:d0:13:3d:08:a8:ac:47:80:2f:cd: 92:f1:1b:40:1c:c4:24:1d:cc:07:ba:3e:92:2a:aa:a0:57:af: 79:3d:3c:32:dd:e9:4f:56:53:56:89:46:19:f5:81:18:ea:50: 93:b6:90:85:d2:ef:d6:ef:77:d0:a1:5f:be:d8:88:53:db:a0: 26:85:0b:71:de:37:1c:c2:50:51:ea:ce:16:b0:a1:be:fc:a5: 8a:aa:c5:46:50:de:ce:1d:53:f7:db:6d:d5:c3:e2:79:e7:b9: e6:16:9e:8f:d8:e2:d3:fc:3c:fb:e8:38:e9:f6:f7:78:ee:0c: e9:9e:ce:40:6d:d9:9f:be:be:63:26:28:a2:11:2c:af:35:03: 36:e4:a7:6b:3d:af:f1:ee:6e:d1:01:f1:87:c5:59:31:58:91: e4:58:11:cf:16:40:cd:7c:81:e8:e9:26:a8:27:e1:61:83:e4: df:43:28:b3:94:07:c3:43:e2:ad:a4:71:67:06:ff:aa:74:13: 34:0f:6e:32:fd:6d:70:2e:40:84:8a:e6:2c:41:72:5f:1c:f7: 66:ad:94:a1 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICEbMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQzOUJGMjNDOTMxQzBG QkY5OUQ5QTIxNTc4MUJGMzYwNTlBRDkxODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgtx8pA0Jv+uHu86I5nhe25Hwvu/hAWiXrsOMqSGTmHjl1A7Dx lCr5A6lmMmEN6+OJxCnx45nI+HwgyiZg0oPCLrbj+wjfP/qcjXPkOfqoZUQkXno9 tmPJs5j3t5wteQziFtdlsGZbn3vjbitQPIicyyTL7V9+MSodQGVkDGsMV+sx3zfK X+gOL0rrLzTsQgLVZZXN3zk0zzTu3HUhpj79VJmfPGdKHMNPGoZpPnCeNjpwUTlI XLZzWnQq88Wrf8Y/yvsakALkhJ0grPCMqYY3xPKb0Alw4jKkyOtDgDf7HbxM0o+K Jav+1eSExWdeOVLWsrXXRGsRI4q9FsX9mBzPAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUQ5vyPJMcD7+Z2aIVeBvzYFmtkYQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9RNXZ5UEpNY0Q3LVoyYUlWZUJ2 ellGbXRrWVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCchgw DQYJKoZIhvcNAQELBQADggEBAJSj+j4JSHYx8I7WGx/losOBz5oqlokM7Vniq3E+ IkLhZIFc6mBhcmlcHhAc0BM9CKisR4AvzZLxG0AcxCQdzAe6PpIqqqBXr3k9PDLd 6U9WU1aJRhn1gRjqUJO2kIXS79bvd9ChX77YiFPboCaFC3HeNxzCUFHqzhawob78 pYqqxUZQ3s4dU/fbbdXD4nnnueYWno/Y4tP8PPvoOOn293juDOmezkBt2Z++vmMm KKIRLK81Azbkp2s9r/HubtEB8YfFWTFYkeRYEc8WQM18gejpJqgn4WGD5N9DKLOU B8ND4q2kcWcG/6p0EzQPbjL9bXAuQISK5ixBcl8c92atlKE= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:51 2024 by rpki-client on console-fra.rpki-client.org