$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/C0qfGNK8M8wSE0WS1Jo6i0BcdbU.roa File: C0qfGNK8M8wSE0WS1Jo6i0BcdbU.roa (raw, json) Hash identifier: kNuMKHWwvvg5c+Jj1R0QAj1b2H6lhLc9MBxFMEqW0x4= Subject key identifier: 0B:4A:9F:18:D2:BC:33:CC:12:13:45:92:D4:9A:3A:8B:40:5C:75:B5 Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Certificate serial: 0C64 Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/C0qfGNK8M8wSE0WS1Jo6i0BcdbU.roa Signing time: Wed 13 Nov 2024 05:45:59 +0000 ROA not before: Wed 13 Nov 2024 05:45:59 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 4780 IP address blocks: 114.29.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3172 (0xc64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Validity Not Before: Nov 13 05:45:59 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0B4A9F18D2BC33CC12134592D49A3A8B405C75B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c8:f2:b0:55:8b:62:f7:ec:07:1c:9b:de:b4: f5:27:77:44:2d:df:3b:2d:0e:ed:71:dd:63:90:f0: 48:e0:5a:bf:5b:03:ab:a4:a3:20:a0:37:51:cf:5f: 2b:6e:dc:cc:8a:87:ee:6d:ab:69:d7:e9:e5:8f:d4: a9:e7:3d:02:72:01:0d:c8:b5:d0:0f:a3:fb:99:33: 10:bc:b6:5b:f5:b5:ff:a3:94:03:46:49:ab:c4:34: 44:8f:48:31:05:b5:b9:e0:59:52:68:4f:6a:a3:f2: 93:e6:f2:f7:65:d9:b0:c3:7b:4c:80:2b:48:41:67: a9:47:16:2c:39:24:1c:e2:f7:cf:04:bd:42:a6:76: b8:95:69:1e:ab:3c:5b:be:3d:7e:ac:0b:9b:9e:8a: 41:17:81:9e:1b:40:95:35:50:13:bf:89:be:80:d8: 27:61:de:89:15:4b:3d:e8:d3:1d:5f:9d:8a:5f:84: 03:bb:ff:2e:fb:55:74:41:99:4a:2e:c3:37:b5:f0: e2:c9:a2:38:b8:a4:e3:18:fb:0f:b1:77:79:01:b2: 47:3d:db:6a:7f:76:7e:76:3c:c4:96:e5:97:99:5b: 63:06:07:d5:b3:8d:ae:03:03:fe:9f:62:17:66:15: 22:6c:e1:dd:1c:cb:da:08:cb:6e:f2:11:f5:07:fd: 47:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:4A:9F:18:D2:BC:33:CC:12:13:45:92:D4:9A:3A:8B:40:5C:75:B5 X509v3 Authority Key Identifier: keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/C0qfGNK8M8wSE0WS1Jo6i0BcdbU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.29.240.0/22 Signature Algorithm: sha256WithRSAEncryption 32:0a:cb:01:10:51:c3:ae:95:c7:b4:be:97:b2:2a:b8:1a:a6: c8:b5:62:19:58:d1:71:3e:a8:ca:6f:35:f3:7a:00:ef:3b:e0: 90:40:0e:74:e6:86:d0:22:33:b2:90:d7:a6:c3:f6:a1:2b:43: 21:7b:2d:37:4b:03:44:07:bd:00:e1:73:e5:2f:b0:2b:44:f2: 13:3f:97:61:bc:3c:00:8c:79:91:5d:21:25:1e:7a:02:eb:31: d1:76:74:80:1b:10:ed:78:d1:cb:85:df:d3:ed:17:bf:40:26: 62:44:04:1a:a1:fd:01:16:27:9b:e5:d6:16:07:3a:d6:32:fc: 79:3e:61:f3:79:a4:c3:26:45:d8:73:49:f5:31:dd:f3:0e:ea: 2b:ad:31:b4:45:7f:71:99:9e:ec:1f:62:9b:f2:89:1e:40:94: 0e:89:af:1f:88:8e:23:2a:77:87:99:16:ed:a4:be:b0:30:a1: 9c:85:02:d9:9a:77:9c:84:ab:95:b3:3d:01:12:4e:7e:aa:ec: 1b:56:3f:cc:4e:00:35:86:72:ef:06:d0:a1:55:8b:8d:d4:77: ee:23:2b:c8:3d:10:81:05:e3:15:d5:bc:46:83:71:3d:0c:cd: b0:2c:fc:d4:08:fd:cd:47:5e:09:27:ec:d8:45:5d:5b:21:af: f9:c8:2e:9d -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDGQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNDExMTMw NTQ1NTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBCNEE5RjE4RDJCQzMz Q0MxMjEzNDU5MkQ0OUEzQThCNDA1Qzc1QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGyPKwVYti9+wHHJvetPUnd0Qt3zstDu1x3WOQ8EjgWr9bA6uk oyCgN1HPXytu3MyKh+5tq2nX6eWP1KnnPQJyAQ3ItdAPo/uZMxC8tlv1tf+jlANG SavENESPSDEFtbngWVJoT2qj8pPm8vdl2bDDe0yAK0hBZ6lHFiw5JBzi988EvUKm driVaR6rPFu+PX6sC5ueikEXgZ4bQJU1UBO/ib6A2Cdh3okVSz3o0x1fnYpfhAO7 /y77VXRBmUouwze18OLJoji4pOMY+w+xd3kBskc922p/dn52PMSW5ZeZW2MGB9Wz ja4DA/6fYhdmFSJs4d0cy9oIy27yEfUH/UfFAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUC0qfGNK8M8wSE0WS1Jo6i0BcdbUwHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6 /hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0MwcWZHTks4TTh3U0UwV1MxSm82aTBC Y2RiVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ KoZIhvcNAQELBQADggEBADIKywEQUcOulce0vpeyKrgapsi1YhlY0XE+qMpvNfN6 AO874JBADnTmhtAiM7KQ16bD9qErQyF7LTdLA0QHvQDhc+UvsCtE8hM/l2G8PACM eZFdISUeegLrMdF2dIAbEO140cuF39PtF79AJmJEBBqh/QEWJ5vl1hYHOtYy/Hk+ YfN5pMMmRdhzSfUx3fMO6iutMbRFf3GZnuwfYpvyiR5AlA6Jrx+IjiMqd4eZFu2k vrAwoZyFAtmad5yEq5WzPQESTn6q7BtWP8xOADWGcu8G0KFVi43Ud+4jK8g9EIEF 4xXVvEaDcT0MzbAs/NQI/c1HXgkn7NhFXVshr/nILp0= -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:39 2024 by rpki-client on console-fra.rpki-client.org