$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/QaVGXQInz3Gdm2UKZpghKBSCF7c.roa File: QaVGXQInz3Gdm2UKZpghKBSCF7c.roa (raw, json) Hash identifier: pCth86W3htQ/NXM8H5y5qT8btpd4LsUJRo/dTpjr+Ug= Subject key identifier: 41:A5:46:5D:02:27:CF:71:9D:9B:65:0A:66:98:21:28:14:82:17:B7 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 123A Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/QaVGXQInz3Gdm2UKZpghKBSCF7c.roa Signing time: Thu 19 Sep 2024 06:33:36 +0000 ROA not before: Thu 19 Sep 2024 06:33:36 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 203.160.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4666 (0x123a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 19 06:33:36 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=41A5465D0227CF719D9B650A66982128148217B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:af:60:3e:ee:23:98:6a:74:34:e3:13:a6:84: c9:b0:72:4a:b4:12:42:b8:64:00:73:e3:04:0c:6e: 4f:bc:81:2c:92:2c:13:66:25:e0:60:68:d1:2c:39: bc:9f:16:51:6d:48:88:39:af:25:47:1a:50:b2:55: 9b:1b:e0:83:ca:b7:76:58:e9:fa:3b:b3:f2:1c:d0: 7f:bf:7a:b0:2a:86:a2:bf:28:39:aa:e4:10:b0:a5: c0:3c:d3:32:4d:9e:b2:cc:9a:4b:b3:67:dd:1a:f6: 75:e6:ec:6c:4e:10:17:2e:55:63:23:f4:46:65:c3: 1b:2c:4e:0a:be:e9:7b:d4:0e:ab:76:44:95:c7:c1: a3:03:3f:85:8a:6c:73:6c:d7:78:23:b5:06:18:e7: 37:d8:39:7d:c0:18:13:bc:59:82:1a:74:18:dd:d0: 69:aa:af:f6:79:cf:14:ad:00:ee:5c:32:d9:11:ff: f8:d1:5b:dc:3b:3f:5d:de:36:17:7d:ef:e9:ce:28: 80:99:64:6a:53:42:3f:f3:a9:6f:c1:d9:93:f5:0b: 9d:4f:60:70:2e:2f:57:2f:38:59:c4:4a:0b:47:9c: 0a:d1:2a:5e:7c:e8:00:8a:5d:b0:e8:bf:e5:c8:dd: 05:e1:12:5f:dd:6a:5d:e8:82:54:d0:2d:23:b1:ec: 35:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:A5:46:5D:02:27:CF:71:9D:9B:65:0A:66:98:21:28:14:82:17:B7 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/QaVGXQInz3Gdm2UKZpghKBSCF7c.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.160.253.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:61:4c:f6:eb:95:27:73:0e:ac:29:f0:cb:a8:6e:ff:db:48: b7:35:29:46:a3:36:cd:69:b0:e2:7f:68:af:96:4f:6a:d4:c6: 1d:9e:4a:da:aa:c8:25:61:c1:65:99:b7:98:f8:fa:a1:2f:6c: 26:bc:d3:53:04:10:17:fb:96:25:db:91:2b:a9:1a:2b:d8:5e: d6:05:e6:4e:13:a1:07:06:2f:b7:cd:4a:93:79:24:2a:20:3d: 43:2b:d6:e6:e4:3c:34:d3:27:df:9e:c7:0c:4c:4a:87:71:ae: ab:42:3f:6a:61:36:b6:32:22:8c:da:1e:7a:0e:26:50:f5:a9: dd:77:5d:7c:f4:3a:61:f0:3b:82:6b:ca:12:a5:00:b0:f0:b4: 9e:0a:7c:06:19:04:21:0d:3c:06:62:22:26:a8:72:d5:95:6a: 9b:96:a9:fb:ad:00:23:c4:93:7a:51:a2:e2:05:7d:89:11:e7: 04:46:bf:c7:0a:d4:46:61:ce:fc:dc:9b:03:48:17:c7:96:56: c9:ad:51:40:25:89:68:11:64:92:ce:a1:69:af:41:b7:2c:0d: 78:2e:f6:ce:d5:9b:1e:ed:4e:27:cb:1e:f2:91:ad:d4:05:49: d5:1a:66:ba:85:74:d4:43:74:3e:00:0c:19:c9:ed:5b:d6:92: aa:95:98:ad -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA5MTkw NjMzMzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQxQTU0NjVEMDIyN0NG NzE5RDlCNjUwQTY2OTgyMTI4MTQ4MjE3QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfr2A+7iOYanQ04xOmhMmwckq0EkK4ZABz4wQMbk+8gSySLBNm JeBgaNEsObyfFlFtSIg5ryVHGlCyVZsb4IPKt3ZY6fo7s/Ic0H+/erAqhqK/KDmq 5BCwpcA80zJNnrLMmkuzZ90a9nXm7GxOEBcuVWMj9EZlwxssTgq+6XvUDqt2RJXH waMDP4WKbHNs13gjtQYY5zfYOX3AGBO8WYIadBjd0Gmqr/Z5zxStAO5cMtkR//jR W9w7P13eNhd97+nOKICZZGpTQj/zqW/B2ZP1C51PYHAuL1cvOFnESgtHnArRKl58 6ACKXbDov+XI3QXhEl/dal3oglTQLSOx7DUVAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUQaVGXQInz3Gdm2UKZpghKBSCF7cwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9RYVZHWFFJbnozR2RtMlVLWnBn aEtCU0NGN2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy6D9 MA0GCSqGSIb3DQEBCwUAA4IBAQBeYUz265Uncw6sKfDLqG7/20i3NSlGozbNabDi f2ivlk9q1MYdnkraqsglYcFlmbeY+PqhL2wmvNNTBBAX+5Yl25ErqRor2F7WBeZO E6EHBi+3zUqTeSQqID1DK9bm5Dw00yffnscMTEqHca6rQj9qYTa2MiKM2h56DiZQ 9andd1189Dph8DuCa8oSpQCw8LSeCnwGGQQhDTwGYiImqHLVlWqblqn7rQAjxJN6 UaLiBX2JEecERr/HCtRGYc783JsDSBfHllbJrVFAJYloEWSSzqFpr0G3LA14LvbO 1Zse7U4nyx7yka3UBUnVGma6hXTUQ3Q+AAwZye1b1pKqlZit -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:51 2024 by rpki-client on console-fra.rpki-client.org