$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/o8qFcG_wAwXiChsZBonRQSG0QSc.roa File: o8qFcG_wAwXiChsZBonRQSG0QSc.roa (raw, json) Hash identifier: oVjaWfVLPWtsmIELp431ujx/fZx9XFYFQPlSthBsYF0= Subject key identifier: A3:CA:85:70:6F:F0:03:05:E2:0A:1B:19:06:89:D1:41:21:B4:41:27 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 11DC Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/o8qFcG_wAwXiChsZBonRQSG0QSc.roa Signing time: Mon 26 Aug 2024 05:18:00 +0000 ROA not before: Mon 26 Aug 2024 05:18:00 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 220.128.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4572 (0x11dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:18:00 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=A3CA85706FF00305E20A1B190689D14121B44127 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:84:54:67:cc:8f:37:04:9e:00:cf:f6:f1:e0: 0f:63:3c:16:14:06:3c:61:94:f5:54:22:c6:32:b6: a3:c7:bc:1c:15:3e:01:2e:ca:4a:5b:fd:0c:bb:ea: b9:b7:da:bb:18:8e:2b:77:27:41:c3:33:20:73:f9: e7:33:5c:e4:a0:20:40:77:da:dc:d5:16:d8:35:bc: 96:06:40:ca:61:5b:84:e9:d8:f7:ba:dc:0f:63:38: 84:58:3d:04:37:13:3f:a0:d7:0c:0b:2a:3a:55:57: 00:b4:63:df:52:43:26:f1:e7:7a:ee:0d:9e:21:04: 05:6c:0e:da:39:d2:8b:78:3a:08:4f:37:04:3c:c9: db:10:a4:bc:09:fa:75:f7:22:18:38:4c:ff:f4:ea: 99:7f:67:39:d2:b4:c8:a6:ef:e6:3a:73:8e:40:ea: 97:d8:27:1a:50:46:26:be:34:41:58:c0:5d:d8:1c: 27:6a:81:47:7e:37:52:a4:18:4c:98:a4:0e:ff:44: 65:4b:ae:dd:3b:08:ca:44:bc:11:b2:48:75:ee:8a: a1:47:71:ba:70:25:b2:f1:d5:a6:e3:4e:21:e0:fb: 7c:fd:83:64:90:d9:9e:48:4c:00:8a:02:fb:5e:ec: 0c:45:b9:82:b1:0a:17:93:41:d6:3d:05:08:33:54: 3c:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:CA:85:70:6F:F0:03:05:E2:0A:1B:19:06:89:D1:41:21:B4:41:27 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/o8qFcG_wAwXiChsZBonRQSG0QSc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.128.67.0/24 Signature Algorithm: sha256WithRSAEncryption a5:60:83:06:2e:59:90:d2:f0:32:1d:07:d1:84:89:a2:38:ac: b8:2b:26:03:b0:6a:ba:24:eb:83:d8:57:12:ba:bb:75:7b:de: e5:94:b9:ed:e1:dc:e9:12:16:3f:58:f4:05:8a:4b:f0:dd:47: ad:5f:f3:53:25:32:7a:ea:1a:51:9c:f9:02:5b:36:cc:16:ed: 7f:9d:01:99:2e:a6:27:04:81:98:a4:6e:fe:d4:af:42:56:8e: fb:3a:5b:da:ea:21:55:b1:33:52:0d:a0:3e:6c:8e:5b:ff:13: e6:0d:48:fb:65:0d:1a:cd:ec:32:e7:f9:c3:93:eb:48:e3:c9: 8e:0c:24:7f:52:91:de:48:77:cd:c8:da:04:ee:07:1d:ef:af: e3:27:fc:80:60:86:16:af:9b:c3:e5:cf:7a:ca:fe:6b:bf:33: 0a:72:ab:23:90:70:49:c8:ef:0b:6c:dd:5b:0c:e5:b1:7a:75: 78:90:ac:f6:f8:63:b8:06:51:95:e7:a4:33:b9:dd:ab:55:a3: 4e:1d:de:c1:79:1c:89:69:9c:3f:02:eb:49:94:31:65:3f:08: 94:0e:1d:2b:10:27:59:f4:9b:4f:87:ea:09:bf:2d:34:50:11: d0:35:74:d4:c3:aa:bc:7f:be:73:92:df:39:2c:a2:a6:b6:c2: b2:09:62:8e -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEdwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE4MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEzQ0E4NTcwNkZGMDAz MDVFMjBBMUIxOTA2ODlEMTQxMjFCNDQxMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7hFRnzI83BJ4Az/bx4A9jPBYUBjxhlPVUIsYytqPHvBwVPgEu ykpb/Qy76rm32rsYjit3J0HDMyBz+eczXOSgIEB32tzVFtg1vJYGQMphW4Tp2Pe6 3A9jOIRYPQQ3Ez+g1wwLKjpVVwC0Y99SQybx53ruDZ4hBAVsDto50ot4OghPNwQ8 ydsQpLwJ+nX3Ihg4TP/06pl/ZznStMim7+Y6c45A6pfYJxpQRia+NEFYwF3YHCdq gUd+N1KkGEyYpA7/RGVLrt07CMpEvBGySHXuiqFHcbpwJbLx1abjTiHg+3z9g2SQ 2Z5ITACKAvte7AxFuYKxCheTQdY9BQgzVDz/AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUo8qFcG/wAwXiChsZBonRQSG0QScwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9vOHFGY0dfd0F3WGlDaHNaQm9u UlFTRzBRU2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBD MA0GCSqGSIb3DQEBCwUAA4IBAQClYIMGLlmQ0vAyHQfRhImiOKy4KyYDsGq6JOuD 2FcSurt1e97llLnt4dzpEhY/WPQFikvw3UetX/NTJTJ66hpRnPkCWzbMFu1/nQGZ LqYnBIGYpG7+1K9CVo77Olva6iFVsTNSDaA+bI5b/xPmDUj7ZQ0azewy5/nDk+tI 48mODCR/UpHeSHfNyNoE7gcd76/jJ/yAYIYWr5vD5c96yv5rvzMKcqsjkHBJyO8L bN1bDOWxenV4kKz2+GO4BlGV56Qzud2rVaNOHd7BeRyJaZw/AutJlDFlPwiUDh0r ECdZ9JtPh+oJvy00UBHQNXTUw6q8f75zkt85LKKmtsKyCWKO -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:32 2024 by rpki-client on console-ams.rpki-client.org