$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/kCzePJajaJJ0hD8HpIMs8Y--wqI.roa File: kCzePJajaJJ0hD8HpIMs8Y--wqI.roa (raw, json) Hash identifier: p8pw8fAkIe4vNewG1ezFd7kUq/ublPMJNRJlHS3NCB0= Subject key identifier: 90:2C:DE:3C:96:A3:68:92:74:84:3F:07:A4:83:2C:F1:8F:BE:C2:A2 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 117D Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/kCzePJajaJJ0hD8HpIMs8Y--wqI.roa Signing time: Mon 26 Aug 2024 05:17:35 +0000 ROA not before: Mon 26 Aug 2024 05:17:35 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 125.232.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4477 (0x117d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:35 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=902CDE3C96A3689274843F07A4832CF18FBEC2A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:8a:2e:a2:21:00:31:b6:0b:9c:fc:9c:cc:ed: 70:01:e8:ca:49:75:15:64:0b:49:43:62:2f:db:5e: ca:0c:b9:95:f6:05:93:0e:ce:d4:93:ab:a2:f5:25: 69:c8:04:12:42:c2:c1:59:8c:95:ef:a2:0b:bb:1a: ae:15:12:22:78:d6:e8:db:9a:ab:8e:17:78:0f:48: b2:dd:36:eb:2a:98:88:dd:04:58:9d:9c:cc:5d:d3: db:9a:7b:12:b6:9d:92:fa:a9:92:2b:c1:ab:98:62: 7e:07:d6:e4:da:99:4a:55:bc:81:af:ec:6e:5b:21: d0:06:cd:48:10:72:49:92:85:60:48:0d:08:7d:36: fb:82:21:ae:09:78:e2:a7:f4:be:50:d6:b1:5f:8f: ff:09:a2:8c:8b:8d:15:64:ef:09:39:43:78:30:63: 5d:84:30:20:99:4b:68:a7:73:b6:f1:90:7f:01:4d: e9:55:f8:68:f9:a6:e3:e7:84:ee:1d:72:40:ab:2f: d9:c8:c6:fa:d8:c2:7f:79:c6:ca:cb:96:d1:2a:3f: de:5b:dd:7c:18:01:6e:51:06:e9:d7:75:55:ef:7f: 4a:dc:5a:75:11:d0:3e:fa:7b:e0:51:8f:11:f9:c4: f0:b6:82:b9:c5:b9:e3:82:b5:2b:88:7a:a1:73:ba: eb:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:2C:DE:3C:96:A3:68:92:74:84:3F:07:A4:83:2C:F1:8F:BE:C2:A2 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/kCzePJajaJJ0hD8HpIMs8Y--wqI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 125.232.0.0/15 Signature Algorithm: sha256WithRSAEncryption b0:8b:cc:c8:02:f0:cf:46:7e:2c:b8:9a:16:42:9a:13:3a:c3: 95:50:a4:51:0d:4e:3e:e1:06:0d:74:6d:5d:49:4c:77:c2:9f: 04:b4:fb:a7:54:65:4e:e3:a7:fd:e1:43:5d:1d:59:a6:a8:f4: ed:ae:27:86:b0:48:3e:2a:11:f5:84:8d:5d:59:a5:ce:74:5b: 20:1d:a6:47:c4:79:87:a2:ed:cf:25:43:46:4c:ff:b1:58:bd: 80:93:2c:21:21:8d:b3:7e:69:77:af:2a:09:c5:86:45:af:39: e5:ef:ab:f1:22:c9:9e:db:63:51:91:e8:cc:5c:40:92:fe:28: 8c:e1:f1:00:e5:1f:1f:10:bb:e3:c8:5f:80:39:3b:74:df:1a: 01:e9:f8:9f:15:34:81:98:3b:70:8b:b2:72:28:09:fb:f2:8c: fd:9f:c4:03:99:2f:d7:61:fb:74:16:9b:70:98:65:c0:f6:57: 87:18:af:bc:7a:44:ab:48:da:16:40:be:9f:6b:02:42:99:1b: 66:59:c2:1b:1c:12:ee:e6:cb:93:d0:80:be:6f:4b:a7:f4:44: b4:b5:fb:75:f6:c7:2b:09:5a:2a:ef:d2:11:e7:cb:27:ff:bb: 8f:70:24:6e:e4:45:99:b9:d1:e6:f8:9b:57:08:61:f0:1e:44: 89:3c:fb:d8 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICEX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkwMkNERTNDOTZBMzY4 OTI3NDg0M0YwN0E0ODMyQ0YxOEZCRUMyQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCSii6iIQAxtguc/JzM7XAB6MpJdRVkC0lDYi/bXsoMuZX2BZMO ztSTq6L1JWnIBBJCwsFZjJXvogu7Gq4VEiJ41ujbmquOF3gPSLLdNusqmIjdBFid nMxd09uaexK2nZL6qZIrwauYYn4H1uTamUpVvIGv7G5bIdAGzUgQckmShWBIDQh9 NvuCIa4JeOKn9L5Q1rFfj/8JooyLjRVk7wk5Q3gwY12EMCCZS2inc7bxkH8BTelV +Gj5puPnhO4dckCrL9nIxvrYwn95xsrLltEqP95b3XwYAW5RBunXdVXvf0rcWnUR 0D76e+BRjxH5xPC2grnFueOCtSuIeqFzuuuTAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUkCzePJajaJJ0hD8HpIMs8Y++wqIwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9rQ3plUEphamFKSjBoRDhIcElN czhZLS13cUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBfegw DQYJKoZIhvcNAQELBQADggEBALCLzMgC8M9Gfiy4mhZCmhM6w5VQpFENTj7hBg10 bV1JTHfCnwS0+6dUZU7jp/3hQ10dWaao9O2uJ4awSD4qEfWEjV1Zpc50WyAdpkfE eYei7c8lQ0ZM/7FYvYCTLCEhjbN+aXevKgnFhkWvOeXvq/EiyZ7bY1GR6MxcQJL+ KIzh8QDlHx8Qu+PIX4A5O3TfGgHp+J8VNIGYO3CLsnIoCfvyjP2fxAOZL9dh+3QW m3CYZcD2V4cYr7x6RKtI2hZAvp9rAkKZG2ZZwhscEu7my5PQgL5vS6f0RLS1+3X2 xysJWirv0hHnyyf/u49wJG7kRZm50eb4m1cIYfAeRIk8+9g= -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:07 2024 by rpki-client on console-ams.rpki-client.org