$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/zy1lZ2Ii8yvkEMTDGWeqpC-JIX0.roa File: zy1lZ2Ii8yvkEMTDGWeqpC-JIX0.roa (raw, json) Hash identifier: kwXNF72Z0OTe1SFsNGHz8mrNPi0jlyio53aewCHhk4Q= Subject key identifier: CF:2D:65:67:62:22:F3:2B:E4:10:C4:C3:19:67:AA:A4:2F:89:21:7D Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 11A0 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/zy1lZ2Ii8yvkEMTDGWeqpC-JIX0.roa Signing time: Mon 26 Aug 2024 05:17:44 +0000 ROA not before: Mon 26 Aug 2024 05:17:44 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131661 IP address blocks: 210.62.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4512 (0x11a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 26 05:17:44 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CF2D65676222F32BE410C4C31967AAA42F89217D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:02:4b:18:6a:66:f4:2a:27:72:1e:95:8a:eb: a3:b7:fb:e8:e4:11:af:1c:7c:ea:0d:42:54:86:ab: 68:ca:12:5a:12:09:2a:6a:f7:94:a6:75:ec:11:ad: 90:01:c7:49:80:a8:a0:16:02:75:67:ce:a0:1c:d4: c7:e1:3d:ee:1b:42:c0:bb:9a:44:5c:b5:f2:7f:9d: 0f:ea:d1:ce:ab:ed:ca:91:5c:0a:51:df:5d:7b:65: 83:9b:78:45:a5:e0:ba:c4:25:eb:e7:0a:78:50:a0: bb:3d:9b:c4:b1:8e:8b:1d:45:3a:13:cc:f8:c5:62: 32:54:14:94:3e:88:56:59:42:24:54:9d:ac:62:d7: bc:9c:1e:4c:96:10:e4:d9:0e:f5:c4:7d:28:69:8a: 8f:ce:2d:78:c4:25:84:4b:8a:24:44:d2:f1:95:35: b9:1f:81:6f:85:6b:1b:7d:cb:43:50:59:36:ac:ac: b5:28:76:00:9d:2e:15:2e:d3:08:2c:3e:3d:62:8b: 57:ab:21:f2:8c:e4:98:84:3d:62:02:07:29:e0:ba: 2b:3f:5b:a8:71:a3:6a:cb:c0:7f:2c:70:a6:46:5e: 4f:41:cc:14:64:d8:6d:5a:0c:b7:c9:4b:e4:b4:c3: 80:28:b3:f5:c8:20:ae:b1:0d:e8:f7:49:7d:1a:8f: 7a:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:2D:65:67:62:22:F3:2B:E4:10:C4:C3:19:67:AA:A4:2F:89:21:7D X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/zy1lZ2Ii8yvkEMTDGWeqpC-JIX0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.62.250.0/24 Signature Algorithm: sha256WithRSAEncryption 74:9d:5b:6a:af:8d:5c:ac:89:34:5c:d4:5f:09:3e:f4:50:28: 74:36:e2:e2:85:13:7d:3c:44:ff:b1:87:6f:fb:bf:b2:e3:f7: 1d:ac:34:4b:f0:70:85:e9:53:3d:65:2e:3f:06:c5:a6:e9:53: b9:f6:97:b5:02:14:65:48:7c:9a:ef:1c:b2:a7:4a:d3:a5:b2: 2f:ff:77:9b:7d:56:88:a8:66:df:42:92:18:60:c5:de:fa:c2: 92:eb:e8:5e:3c:71:8a:9b:c0:4b:17:75:45:5b:67:36:2c:2e: c0:cd:38:5b:a2:24:82:7f:ae:ab:68:60:58:3f:b5:29:e7:db: a5:ca:29:28:a4:01:04:7f:c9:8a:e9:66:61:48:db:65:21:65: 82:cb:89:c5:13:4f:42:85:39:01:42:aa:4e:25:2f:6b:a2:ef: 81:f5:68:ee:7c:c2:53:98:8e:3a:90:9d:d6:77:ff:3f:65:b9: 0e:a6:4f:00:04:9b:a3:68:6c:f9:7a:e0:21:52:1c:8d:39:d8: ac:3d:51:41:7b:ec:3d:c5:6a:a7:b2:a0:01:19:ec:31:4a:27: 0b:d2:4f:bc:7c:c7:ce:a3:be:0c:e9:31:db:9c:c9:37:38:8f: 07:f7:43:88:96:33:ee:57:bd:a8:a7:0a:7f:2d:2b:5b:83:81: 96:c4:52:aa -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw NTE3NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENGMkQ2NTY3NjIyMkYz MkJFNDEwQzRDMzE5NjdBQUE0MkY4OTIxN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkAksYamb0KidyHpWK66O3++jkEa8cfOoNQlSGq2jKEloSCSpq 95SmdewRrZABx0mAqKAWAnVnzqAc1MfhPe4bQsC7mkRctfJ/nQ/q0c6r7cqRXApR 3117ZYObeEWl4LrEJevnCnhQoLs9m8SxjosdRToTzPjFYjJUFJQ+iFZZQiRUnaxi 17ycHkyWEOTZDvXEfShpio/OLXjEJYRLiiRE0vGVNbkfgW+Faxt9y0NQWTasrLUo dgCdLhUu0wgsPj1ii1erIfKM5JiEPWICBynguis/W6hxo2rLwH8scKZGXk9BzBRk 2G1aDLfJS+S0w4Aos/XIIK6xDej3SX0aj3pNAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUzy1lZ2Ii8yvkEMTDGWeqpC+JIX0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC96eTFsWjJJaTh5dmtFTVRER1dl cXBDLUpJWDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0j76 MA0GCSqGSIb3DQEBCwUAA4IBAQB0nVtqr41crIk0XNRfCT70UCh0NuLihRN9PET/ sYdv+7+y4/cdrDRL8HCF6VM9ZS4/BsWm6VO59pe1AhRlSHya7xyyp0rTpbIv/3eb fVaIqGbfQpIYYMXe+sKS6+hePHGKm8BLF3VFW2c2LC7AzThboiSCf66raGBYP7Up 59ulyikopAEEf8mK6WZhSNtlIWWCy4nFE09ChTkBQqpOJS9rou+B9WjufMJTmI46 kJ3Wd/8/ZbkOpk8ABJujaGz5euAhUhyNOdisPVFBe+w9xWqnsqABGewxSicL0k+8 fMfOo74M6THbnMk3OI8H90OIljPuV72opwp/LStbg4GWxFKq -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:07 2024 by rpki-client on console-ams.rpki-client.org