$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/jO6s2vY3ALUCvtfoq3KTRejWSqg.roa File: jO6s2vY3ALUCvtfoq3KTRejWSqg.roa (raw, json) Hash identifier: ndylDO3LVaNVu/4GdxzsWtNBT9vm4Hh4w5ANxJ1Z9VM= Subject key identifier: 8C:EE:AC:DA:F6:37:00:B5:02:BE:D7:E8:AB:72:93:45:E8:D6:4A:A8 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1209 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/jO6s2vY3ALUCvtfoq3KTRejWSqg.roa Signing time: Mon 26 Aug 2024 05:18:11 +0000 ROA not before: Mon 26 Aug 2024 05:18:11 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 202.39.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4617 (0x1209) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:18:11 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8CEEACDAF63700B502BED7E8AB729345E8D64AA8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:69:67:49:cc:19:f8:38:3b:a1:33:c9:fa:3e: 47:ea:08:a5:3f:90:39:c8:e4:40:07:1c:2f:e9:79: 64:c2:e3:df:9c:c0:cb:05:c3:c2:04:e4:d8:c6:d1: e7:6c:b8:55:59:76:53:ce:1a:6c:8d:b9:b6:b4:f6: fc:e0:42:6c:86:ab:f6:3b:a1:76:a9:0a:83:f1:26: e2:d4:a8:e2:eb:f7:e7:b1:6d:c0:b7:ad:df:9a:16: 7f:d5:c8:34:f2:fc:67:a6:ce:68:0d:1e:aa:b1:d6: dd:4c:e0:80:1f:fd:4d:65:9c:62:cf:a2:d7:7c:33: 65:ba:05:d5:6b:07:98:93:16:10:64:ab:f3:08:3b: 77:ae:1c:99:23:ff:62:47:f9:13:ad:6a:6f:c6:12: 9e:03:50:58:8c:84:d1:3a:e6:e2:52:e3:df:2d:65: da:f4:16:f9:3f:43:cc:b1:51:ba:59:b3:67:d1:96: 2d:09:d2:34:5d:eb:90:f7:70:24:f7:72:ee:9c:45: aa:e3:08:06:6b:6e:47:64:95:24:5d:54:d3:d2:76: 40:e6:c8:04:dd:2e:12:1c:37:d6:38:7b:6b:27:f6: 31:88:11:f9:b9:1b:05:cf:2c:fa:f8:69:4d:63:b4: 39:fd:00:0b:4a:11:a6:29:b4:a8:a4:d0:50:76:ce: ee:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:EE:AC:DA:F6:37:00:B5:02:BE:D7:E8:AB:72:93:45:E8:D6:4A:A8 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/jO6s2vY3ALUCvtfoq3KTRejWSqg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.39.64.0/19 Signature Algorithm: sha256WithRSAEncryption bb:14:7c:79:14:7b:58:a2:08:9c:a8:6e:1b:9d:30:aa:3f:18: 42:28:ed:55:c9:42:c8:8d:b7:7e:16:28:73:f7:1e:6e:20:a1: a6:74:47:f6:ca:3a:80:7e:dc:98:aa:38:96:b5:e2:26:ff:10: 34:ec:82:14:57:f4:df:f2:b6:82:ff:a6:b6:b8:db:7a:db:3f: 5d:20:f8:d1:29:f0:06:c4:64:e6:3e:76:93:69:bf:86:bf:d7: 6b:de:4b:5e:69:7b:87:46:b8:8f:4b:20:05:de:12:d7:27:f8: e2:19:c5:66:8b:4f:e7:fd:78:d1:76:57:09:46:70:0e:83:be: 5c:f1:62:2d:5b:c0:36:31:b3:ee:9c:64:14:cd:d7:06:e4:fa: b7:4f:7d:bb:4d:38:cf:9c:e2:1b:2e:e4:6a:b4:95:14:41:33: d4:1d:92:5b:ac:95:44:5e:09:0f:9e:59:3c:c5:72:19:a9:2d: f2:d8:cd:00:f6:79:60:4a:0a:ed:95:6e:89:ef:82:78:6c:53: 92:82:f3:d6:a6:36:b7:f9:29:85:18:37:a9:06:06:25:d5:18: 43:7e:3c:fd:3e:32:96:ca:58:81:fa:bd:f0:2b:9e:52:13:47: ef:a5:31:05:fa:36:b0:7c:e2:e8:21:7d:1e:e7:2f:ca:ea:50: 6d:7a:e4:44 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEgkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE4MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhDRUVBQ0RBRjYzNzAw QjUwMkJFRDdFOEFCNzI5MzQ1RThENjRBQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBaWdJzBn4ODuhM8n6PkfqCKU/kDnI5EAHHC/peWTC49+cwMsF w8IE5NjG0edsuFVZdlPOGmyNuba09vzgQmyGq/Y7oXapCoPxJuLUqOLr9+exbcC3 rd+aFn/VyDTy/GemzmgNHqqx1t1M4IAf/U1lnGLPotd8M2W6BdVrB5iTFhBkq/MI O3euHJkj/2JH+ROtam/GEp4DUFiMhNE65uJS498tZdr0Fvk/Q8yxUbpZs2fRli0J 0jRd65D3cCT3cu6cRarjCAZrbkdklSRdVNPSdkDmyATdLhIcN9Y4e2sn9jGIEfm5 GwXPLPr4aU1jtDn9AAtKEaYptKik0FB2zu7FAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUjO6s2vY3ALUCvtfoq3KTRejWSqgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9qTzZzMnZZM0FMVUN2dGZvcTNL VFJlaldTcWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFyidA MA0GCSqGSIb3DQEBCwUAA4IBAQC7FHx5FHtYogicqG4bnTCqPxhCKO1VyULIjbd+ Fihz9x5uIKGmdEf2yjqAftyYqjiWteIm/xA07IIUV/Tf8raC/6a2uNt62z9dIPjR KfAGxGTmPnaTab+Gv9dr3kteaXuHRriPSyAF3hLXJ/jiGcVmi0/n/XjRdlcJRnAO g75c8WItW8A2MbPunGQUzdcG5Pq3T327TTjPnOIbLuRqtJUUQTPUHZJbrJVEXgkP nlk8xXIZqS3y2M0A9nlgSgrtlW6J74J4bFOSgvPWpja3+SmFGDepBgYl1RhDfjz9 PjKWyliB+r3wK55SE0fvpTEF+jawfOLoIX0e5y/K6lBteuRE -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:07 2024 by rpki-client on console-ams.rpki-client.org