$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/HHGkp988dfvCLSMp87LnoAz97YY.roa File: HHGkp988dfvCLSMp87LnoAz97YY.roa (raw, json) Hash identifier: C57RPKqXmopsIgqLJfguFEEdi29nWOnx+3AeRauaKLM= Subject key identifier: 1C:71:A4:A7:DF:3C:75:FB:C2:2D:23:29:F3:B2:E7:A0:0C:FD:ED:86 Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C Certificate serial: 056A Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/HHGkp988dfvCLSMp87LnoAz97YY.roa Signing time: Fri 01 Sep 2023 09:00:32 +0000 ROA not before: Fri 01 Sep 2023 09:00:32 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 9678 IP address blocks: 2401:95c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 15:25:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1386 (0x56a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C Validity Not Before: Sep 1 09:00:32 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=1C71A4A7DF3C75FBC22D2329F3B2E7A00CFDED86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:cc:b3:7f:6e:3f:de:f4:11:3e:54:d8:83:8b: 4e:71:07:e0:66:a8:69:3b:6d:f0:9f:ad:ed:dd:d9: 85:dd:a9:87:94:c7:0a:3c:5e:18:f9:c0:6c:8e:4b: 61:f2:53:fa:b3:32:12:52:b8:80:fc:dd:49:3c:27: 20:5c:d7:d3:43:9b:d4:f2:83:0c:7c:2c:dc:2c:e6: 56:87:83:31:85:e5:b3:e7:77:c1:cc:87:f2:65:e9: 01:36:17:c7:f5:f1:19:fa:33:f5:17:35:e2:7b:86: f2:48:f8:83:df:8c:15:89:53:ac:fe:e2:31:b0:d0: 68:f8:06:7b:ce:77:e0:07:e4:50:13:95:19:ec:e3: 5e:c9:31:3c:68:96:b6:6e:4e:9b:d9:85:8f:af:d7: e8:f2:ce:aa:5b:58:38:a5:1c:5e:65:77:96:5f:3c: e6:26:eb:38:bd:9f:94:43:e0:59:80:29:24:bc:22: bd:4f:91:9e:e0:7e:62:43:aa:f4:13:a1:55:59:24: d4:e4:43:70:5e:f5:d4:d8:5e:b5:02:cb:0e:94:cf: c6:90:4e:62:bb:a1:0a:9d:b1:7f:39:53:6e:fd:88: b4:6e:b8:c5:8c:f6:57:78:31:90:26:b8:4a:2d:06: 8c:e3:9d:dc:27:7f:dc:86:81:8a:f6:ed:8a:f6:f0: 4c:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:71:A4:A7:DF:3C:75:FB:C2:2D:23:29:F3:B2:E7:A0:0C:FD:ED:86 X509v3 Authority Key Identifier: keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/HHGkp988dfvCLSMp87LnoAz97YY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:95c0::/32 Signature Algorithm: sha256WithRSAEncryption 37:2a:c8:a7:f2:83:eb:c9:0d:57:35:32:29:97:34:db:83:51: 96:e8:df:cc:01:cb:dc:c1:08:f0:1c:15:ce:e9:3f:01:d6:e0: fc:db:b5:02:54:8c:f3:1a:e2:fc:c3:4e:b0:a1:b9:03:01:5a: 61:c8:54:4e:a5:8a:f7:64:7d:ce:7f:49:fc:b9:c0:8e:88:75: b1:00:85:a1:b3:c4:e7:0e:bd:8c:dc:6a:5a:b4:76:a0:0f:19: c8:0d:b1:b7:ba:45:44:7f:c1:e3:f8:bd:d5:84:e5:bd:6e:94: 2a:e6:e0:27:2b:fd:a5:52:76:cc:14:f4:64:e2:78:de:7a:89: 1d:ee:e5:94:3d:26:7a:cb:4b:1c:65:0b:67:eb:4a:d1:83:23: 45:c5:9e:8c:9b:31:c9:07:b2:3c:06:47:40:ee:5e:02:51:c9: f6:22:86:9e:3f:73:1b:8f:d2:ff:31:2c:af:95:24:61:d1:55: 17:ff:be:0d:c2:44:d9:fc:ad:f7:66:bb:ce:f1:9a:8d:1e:b4: 19:c0:14:bc:a9:6f:ad:6d:7e:b6:6c:2d:be:da:9e:df:49:fa: c2:46:f4:65:84:4e:ba:f9:de:f7:dc:5d:90:89:3c:bf:08:43: 34:27:37:97:47:8b:cf:73:89:bb:9b:ab:5f:eb:28:90:0e:3e: 55:59:39:cf -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICBWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yMzA5MDEw OTAwMzJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFDNzFBNEE3REYzQzc1 RkJDMjJEMjMyOUYzQjJFN0EwMENGREVEODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAzLN/bj/e9BE+VNiDi05xB+BmqGk7bfCfre3d2YXdqYeUxwo8 Xhj5wGyOS2HyU/qzMhJSuID83Uk8JyBc19NDm9Tygwx8LNws5laHgzGF5bPnd8HM h/Jl6QE2F8f18Rn6M/UXNeJ7hvJI+IPfjBWJU6z+4jGw0Gj4BnvOd+AH5FATlRns 417JMTxolrZuTpvZhY+v1+jyzqpbWDilHF5ld5ZfPOYm6zi9n5RD4FmAKSS8Ir1P kZ7gfmJDqvQToVVZJNTkQ3Be9dTYXrUCyw6Uz8aQTmK7oQqdsX85U279iLRuuMWM 9ld4MZAmuEotBozjndwnf9yGgYr27Yr28EyPAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUHHGkp988dfvCLSMp87LnoAz97YYwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL0hIR2twOTg4ZGZ2Q0xTTXA4 N0xub0F6OTdZWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk AZXAMA0GCSqGSIb3DQEBCwUAA4IBAQA3Ksin8oPryQ1XNTIplzTbg1GW6N/MAcvc wQjwHBXO6T8B1uD827UCVIzzGuL8w06wobkDAVphyFROpYr3ZH3Of0n8ucCOiHWx AIWhs8TnDr2M3GpatHagDxnIDbG3ukVEf8Hj+L3VhOW9bpQq5uAnK/2lUnbMFPRk 4njeeokd7uWUPSZ6y0scZQtn60rRgyNFxZ6MmzHJB7I8BkdA7l4CUcn2IoaeP3Mb j9L/MSyvlSRh0VUX/74NwkTZ/K33ZrvO8ZqNHrQZwBS8qW+tbX62bC2+2p7fSfrC RvRlhE66+d733F2QiTy/CEM0JzeXR4vPc4m7m6tf6yiQDj5VWTnP -----END CERTIFICATE-----Generated at Sat Jun 1 22:20:16 2024 by rpki-client on console-fra.rpki-client.org