$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/xepr0oiecoZfg8vJYELdF0gDClE.roa File: xepr0oiecoZfg8vJYELdF0gDClE.roa (raw, json) Hash identifier: rDqK9f8DgrYhLARGKfTx1OP5Kki4h/IyCSlCWSa4FwM= Subject key identifier: C5:EA:6B:D2:88:9E:72:86:5F:83:CB:C9:60:42:DD:17:48:03:0A:51 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 11BD Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xepr0oiecoZfg8vJYELdF0gDClE.roa Signing time: Mon 26 Aug 2024 05:17:53 +0000 ROA not before: Mon 26 Aug 2024 05:17:53 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9505 IP address blocks: 203.78.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4541 (0x11bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:53 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=C5EA6BD2889E72865F83CBC96042DD1748030A51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:6f:9d:0b:bd:56:44:74:8a:d8:25:83:02:03: 17:ed:83:1d:e2:f1:de:4e:fa:f2:b4:48:c6:85:ac: 47:4c:05:be:5e:ce:8f:5a:29:7f:c3:fd:6b:3c:8e: 1f:e0:e8:ce:31:bf:86:af:01:f5:6c:dc:66:da:0e: 3b:21:be:f1:18:0f:c0:9d:bf:59:ef:32:f4:d6:57: 9c:54:f6:7a:31:10:85:2b:3e:32:ed:66:a8:95:f1: 4f:cb:c2:00:9d:2c:4d:d2:7b:bb:fa:35:0d:d9:6b: 66:93:8e:8d:dc:2b:b6:bf:a8:45:27:f4:a1:e5:eb: 22:aa:95:03:ea:52:cc:58:c3:ef:22:21:3b:6a:f5: 59:06:94:15:73:30:d0:80:5a:07:95:60:54:9b:a7: ac:23:e5:60:49:ee:1d:a5:0c:e6:4f:47:13:24:f1: a4:53:42:51:12:85:85:3b:ba:18:8c:89:14:4b:55: dd:bd:e6:be:36:fb:26:b1:d9:6d:70:89:ec:66:a8: 50:32:33:ec:1b:24:59:2b:87:22:8d:61:fb:95:02: cb:67:e7:64:44:f5:83:ad:c9:e8:56:b7:f1:81:6e: 24:67:7e:3a:fe:60:8b:16:63:49:53:65:f7:df:36: c5:c7:0a:dc:c1:e1:cd:e3:54:18:01:95:63:2f:b0: 48:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:EA:6B:D2:88:9E:72:86:5F:83:CB:C9:60:42:DD:17:48:03:0A:51 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xepr0oiecoZfg8vJYELdF0gDClE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.78.176.0/20 Signature Algorithm: sha256WithRSAEncryption 18:d8:57:76:7d:02:27:8a:c0:0f:82:fe:ed:f0:ac:b9:6e:68: 37:b8:9a:fb:24:7d:7b:d2:a3:3d:cf:ee:01:90:30:8c:dc:20: 52:7b:50:74:90:76:d1:90:68:51:72:3f:dc:a4:f7:76:85:27: 8f:19:a8:e4:8a:5f:c7:62:df:7a:05:18:02:a8:e2:80:ae:de: 21:ec:d5:71:a6:21:ad:92:d2:aa:97:75:a6:e2:1f:07:be:43: c4:88:9f:b2:3c:b5:91:f0:10:4c:ce:2e:02:5d:1f:92:c7:c9: dd:9c:56:2d:5a:69:b3:fb:15:9f:06:d2:c0:9e:ab:61:81:7c: 65:3c:06:52:93:36:5b:12:86:18:cf:0c:bb:69:7f:51:29:92: 2f:b0:08:25:c1:38:6e:ef:13:3e:b9:d7:d6:00:b0:35:76:25: b4:2c:ac:67:66:d2:82:78:0d:ff:6b:9c:30:98:a1:03:94:37: ca:53:f2:70:b1:ff:2d:ea:07:c7:c7:12:c9:fd:21:5e:3c:f1: 8f:6f:85:23:48:b6:1a:7a:29:37:ac:ca:30:aa:69:88:9d:f9: 25:e8:78:99:31:6d:dd:a9:13:53:90:c0:2c:64:1a:7d:66:cf: db:2d:1f:20:18:b6:c9:5a:43:d3:e9:ee:e8:48:12:df:80:0c: 3a:b8:22:01 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3NTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM1RUE2QkQyODg5RTcy ODY1RjgzQ0JDOTYwNDJERDE3NDgwMzBBNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjb50LvVZEdIrYJYMCAxftgx3i8d5O+vK0SMaFrEdMBb5ezo9a KX/D/Ws8jh/g6M4xv4avAfVs3GbaDjshvvEYD8Cdv1nvMvTWV5xU9noxEIUrPjLt ZqiV8U/LwgCdLE3Se7v6NQ3Za2aTjo3cK7a/qEUn9KHl6yKqlQPqUsxYw+8iITtq 9VkGlBVzMNCAWgeVYFSbp6wj5WBJ7h2lDOZPRxMk8aRTQlEShYU7uhiMiRRLVd29 5r42+yax2W1wiexmqFAyM+wbJFkrhyKNYfuVAstn52RE9YOtyehWt/GBbiRnfjr+ YIsWY0lTZfffNsXHCtzB4c3jVBgBlWMvsEhlAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUxepr0oiecoZfg8vJYELdF0gDClEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC94ZXByMG9pZWNvWmZnOHZKWUVM ZEYwZ0RDbEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy06w MA0GCSqGSIb3DQEBCwUAA4IBAQAY2Fd2fQInisAPgv7t8Ky5bmg3uJr7JH170qM9 z+4BkDCM3CBSe1B0kHbRkGhRcj/cpPd2hSePGajkil/HYt96BRgCqOKArt4h7NVx piGtktKql3Wm4h8HvkPEiJ+yPLWR8BBMzi4CXR+Sx8ndnFYtWmmz+xWfBtLAnqth gXxlPAZSkzZbEoYYzwy7aX9RKZIvsAglwThu7xM+udfWALA1diW0LKxnZtKCeA3/ a5wwmKEDlDfKU/Jwsf8t6gfHxxLJ/SFePPGPb4UjSLYaeik3rMowqmmInfkl6HiZ MW3dqRNTkMAsZBp9Zs/bLR8gGLbJWkPT6e7oSBLfgAw6uCIB -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:51 2024 by rpki-client on console-fra.rpki-client.org