$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/nO8eXTusFu9VhMvvSJTAq7eatwY.roa File: nO8eXTusFu9VhMvvSJTAq7eatwY.roa (raw, json) Hash identifier: a/iAlJp+0+flxZNmzyZFwm2F5T2sC+qOaxZP6zk8ILk= Subject key identifier: 9C:EF:1E:5D:3B:AC:16:EF:55:84:CB:EF:48:94:C0:AB:B7:9A:B7:06 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1258 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nO8eXTusFu9VhMvvSJTAq7eatwY.roa Signing time: Tue 15 Oct 2024 08:17:49 +0000 ROA not before: Tue 15 Oct 2024 08:17:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 800 IP address blocks: 175.111.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:24:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4696 (0x1258) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Oct 15 08:17:49 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9CEF1E5D3BAC16EF5584CBEF4894C0ABB79AB706 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:60:7c:58:04:09:7f:65:1b:ef:bc:25:9c:9e: 64:18:8a:6e:41:fc:ca:40:3c:61:24:67:df:b2:32: ec:f6:59:c5:be:e0:77:08:41:c1:24:48:af:2e:7e: 44:28:c1:f9:d6:fe:21:15:fd:6f:0f:4c:9e:98:d4: b0:5a:45:9d:5e:c3:26:fa:74:e2:ec:73:4d:ac:cd: c4:5f:1d:1a:4b:68:f6:08:5c:21:58:2d:bc:48:20: 8f:46:2f:39:97:ee:76:44:eb:d5:4c:27:3b:fc:64: 95:ff:98:ee:a4:4a:e9:38:ea:51:4c:fc:70:6c:39: fa:46:2a:d5:eb:d3:7c:9e:16:f7:d0:ef:7a:0c:3e: 5e:93:5d:be:70:ea:ac:80:11:e2:70:7a:ff:93:a5: 21:12:08:32:28:11:36:23:6b:77:28:45:8c:65:a3: 5e:de:e7:b5:29:b9:69:83:e5:42:26:9c:d8:30:50: cf:28:f7:6f:95:4b:02:10:18:84:32:07:d1:48:e8: 9e:b9:cb:73:ab:4b:17:13:0f:c3:45:23:6f:fe:46: 76:30:ab:c8:2a:80:53:5a:7c:38:b0:c9:28:59:04: be:b8:5a:3c:92:e5:70:1d:03:63:fa:2d:ec:a7:5d: 05:55:78:b9:0d:d4:5c:05:0e:94:d5:d5:ea:ac:f7: b3:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:EF:1E:5D:3B:AC:16:EF:55:84:CB:EF:48:94:C0:AB:B7:9A:B7:06 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nO8eXTusFu9VhMvvSJTAq7eatwY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 175.111.238.0/24 Signature Algorithm: sha256WithRSAEncryption b6:fe:b6:94:de:48:13:f5:b4:48:5c:6d:8c:a3:4f:c2:5f:c3: 71:65:b3:d2:ca:99:45:53:53:90:17:72:2c:9b:0a:ff:c8:4e: 5f:3a:b6:22:34:2f:be:33:ed:0a:23:11:76:bf:1e:57:0d:db: 77:6c:75:35:5c:dd:60:27:9d:6c:a6:e9:24:65:f3:30:9c:a8: a6:99:49:af:af:d9:9a:6c:b6:1c:c7:56:6e:da:f4:15:74:4a: 8d:39:2f:62:0e:5e:51:0a:cd:0c:63:bc:90:2b:ab:e5:13:cb: b7:cb:c1:3e:ca:f4:52:68:14:cd:1a:2d:bc:62:3d:9e:78:49: f1:b8:f9:14:16:a8:88:48:ae:12:3c:d4:0f:2f:83:18:c0:f8: 28:71:1c:c6:20:9a:7e:e5:87:78:5a:74:ff:8a:fa:5a:cf:06: 52:38:2e:6b:19:0e:ee:8f:5e:c4:37:cb:c9:59:c9:9f:f4:09: 53:55:97:c8:fd:b8:3a:1b:f6:34:bf:4a:b9:c3:2e:e8:b3:91: 9b:bb:60:a5:71:e9:b8:cc:3d:8f:14:31:20:b8:bb:73:c8:9f: d6:0c:ab:cd:e0:ba:c3:77:ca:34:ad:2c:7a:cb:27:58:20:0f: a2:4d:6a:8e:5d:ad:27:24:74:8f:0e:60:05:55:30:57:06:7b: cb:fa:c9:a7 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICElgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDEwMTUw ODE3NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlDRUYxRTVEM0JBQzE2 RUY1NTg0Q0JFRjQ4OTRDMEFCQjc5QUI3MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnYHxYBAl/ZRvvvCWcnmQYim5B/MpAPGEkZ9+yMuz2WcW+4HcI QcEkSK8ufkQowfnW/iEV/W8PTJ6Y1LBaRZ1ewyb6dOLsc02szcRfHRpLaPYIXCFY LbxIII9GLzmX7nZE69VMJzv8ZJX/mO6kSuk46lFM/HBsOfpGKtXr03yeFvfQ73oM Pl6TXb5w6qyAEeJwev+TpSESCDIoETYja3coRYxlo17e57UpuWmD5UImnNgwUM8o 92+VSwIQGIQyB9FI6J65y3OrSxcTD8NFI2/+RnYwq8gqgFNafDiwyShZBL64WjyS 5XAdA2P6LeynXQVVeLkN1FwFDpTV1eqs97NjAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUnO8eXTusFu9VhMvvSJTAq7eatwYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9uTzhlWFR1c0Z1OVZoTXZ2U0pU QXE3ZWF0d1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAr2/u MA0GCSqGSIb3DQEBCwUAA4IBAQC2/raU3kgT9bRIXG2Mo0/CX8NxZbPSyplFU1OQ F3Ismwr/yE5fOrYiNC++M+0KIxF2vx5XDdt3bHU1XN1gJ51spukkZfMwnKimmUmv r9mabLYcx1Zu2vQVdEqNOS9iDl5RCs0MY7yQK6vlE8u3y8E+yvRSaBTNGi28Yj2e eEnxuPkUFqiISK4SPNQPL4MYwPgocRzGIJp+5Yd4WnT/ivpazwZSOC5rGQ7uj17E N8vJWcmf9AlTVZfI/bg6G/Y0v0q5wy7os5Gbu2Clcem4zD2PFDEguLtzyJ/WDKvN 4LrDd8o0rSx6yydYIA+iTWqOXa0nJHSPDmAFVTBXBnvL+smn -----END CERTIFICATE-----Generated at Fri Nov 22 00:15:15 2024 by rpki-client on console-ams.rpki-client.org