$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/HXQPTWUFNx5D0ZQK0qVMGn80Wvk.roa File: HXQPTWUFNx5D0ZQK0qVMGn80Wvk.roa (raw, json) Hash identifier: HHFxUEuVCzAVqtRK+oBHLaUoOgTRScCZLx1lMjYyg9I= Subject key identifier: 1D:74:0F:4D:65:05:37:1E:43:D1:94:0A:D2:A5:4C:1A:7F:34:5A:F9 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0D54 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/HXQPTWUFNx5D0ZQK0qVMGn80Wvk.roa Signing time: Mon 26 Aug 2024 05:19:41 +0000 ROA not before: Mon 26 Aug 2024 05:19:41 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 54994 IP address blocks: 61.61.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3412 (0xd54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 26 05:19:41 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1D740F4D6505371E43D1940AD2A54C1A7F345AF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:be:28:e4:16:2b:3b:40:43:ce:77:74:6b:7d: cd:02:50:3e:2e:49:c0:09:74:94:7c:1b:cf:95:2c: e7:57:08:a9:75:a4:a0:2c:0f:cb:a3:a1:0b:2e:ad: 1f:ed:a5:d0:46:fc:80:09:4c:24:3a:c4:af:f1:5b: 8a:d3:17:65:17:f7:1a:ee:6c:ac:3d:10:24:b8:5e: 7a:71:c7:7a:b2:72:46:88:a0:fe:3b:27:81:8c:e3: 9d:e8:d7:74:f5:9d:87:d6:53:29:29:66:ec:c2:14: cb:f5:34:a2:87:8b:5d:06:87:4f:fd:8e:2f:3a:f1: 19:4c:46:8a:ff:e9:21:c0:2f:71:96:9c:0f:c2:48: e7:01:e6:cd:f7:80:3f:ff:fc:5c:b0:8a:08:2a:1a: 9d:06:82:6f:c2:de:cd:72:e6:f5:91:3d:c8:fe:4f: bc:de:07:46:cc:dc:c7:2c:e0:98:60:49:c0:96:48: 5e:51:f9:09:af:7e:71:d4:c4:9f:2d:95:e2:a7:e1: 1c:5b:fe:f1:61:09:4a:7d:f6:55:04:e0:81:74:11: 53:93:45:80:99:f9:96:0d:4b:13:26:85:24:78:4f: c3:86:97:13:be:58:23:f8:08:05:53:66:fa:c9:fa: 3e:00:56:2a:2d:20:ad:b9:4c:e3:1e:aa:7c:f5:60: 6f:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:74:0F:4D:65:05:37:1E:43:D1:94:0A:D2:A5:4C:1A:7F:34:5A:F9 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/HXQPTWUFNx5D0ZQK0qVMGn80Wvk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.69.0/24 Signature Algorithm: sha256WithRSAEncryption 06:e8:d9:6e:d7:9f:9d:29:01:c9:79:2e:a6:3b:2c:71:06:b1: 3d:97:8a:5b:7e:dd:ff:16:15:0e:7b:5e:6f:67:56:e4:5d:95: 82:a6:da:d7:3c:e5:0b:7e:8f:3a:d2:0f:47:83:b0:83:3a:06: df:2d:c3:0d:70:f8:72:c0:d2:61:18:f9:80:99:52:a6:a1:93: 2d:ec:4d:b3:86:93:52:6f:94:10:44:81:82:d2:e1:63:bc:89: 86:81:6d:2a:ea:7b:2e:72:5b:b2:14:20:77:fe:a3:7c:07:e0: 97:01:8a:0e:79:87:6f:db:9b:c9:5b:10:02:ae:b3:c6:f4:f7: ce:25:d4:0d:8b:eb:ba:55:20:1a:0b:6b:48:52:85:44:6e:74: e5:b5:cf:05:dd:7a:19:43:37:e7:6f:6a:87:12:bb:73:78:83: 0f:10:de:f9:8e:73:6c:6e:c4:04:10:f3:3b:9a:02:0a:22:cc: c6:6e:e0:a2:dc:5b:a3:33:7e:b0:d5:c3:e0:0a:a8:36:35:43: 84:53:43:0a:66:a3:fd:df:8c:6a:79:7f:9b:ea:1c:a5:ec:9b: a3:b5:69:ef:d9:4c:7d:12:c1:3f:4a:69:ac:d7:cf:63:d1:f5: 9b:ae:45:4a:b7:57:16:f4:f8:f8:47:e1:e6:ca:6c:14:3b:3c: 76:a3:de:94 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDVQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw NTE5NDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFENzQwRjRENjUwNTM3 MUU0M0QxOTQwQUQyQTU0QzFBN0YzNDVBRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/vijkFis7QEPOd3Rrfc0CUD4uScAJdJR8G8+VLOdXCKl1pKAs D8ujoQsurR/tpdBG/IAJTCQ6xK/xW4rTF2UX9xrubKw9ECS4Xnpxx3qyckaIoP47 J4GM453o13T1nYfWUykpZuzCFMv1NKKHi10Gh0/9ji868RlMRor/6SHAL3GWnA/C SOcB5s33gD///FywiggqGp0Ggm/C3s1y5vWRPcj+T7zeB0bM3Mcs4JhgScCWSF5R +QmvfnHUxJ8tleKn4Rxb/vFhCUp99lUE4IF0EVOTRYCZ+ZYNSxMmhSR4T8OGlxO+ WCP4CAVTZvrJ+j4AViotIK25TOMeqnz1YG8xAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUHXQPTWUFNx5D0ZQK0qVMGn80WvkwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL0hYUVBUV1VGTng1RDBaUUswcVZNR244 MFd2ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PUUwDQYJ KoZIhvcNAQELBQADggEBAAbo2W7Xn50pAcl5LqY7LHEGsT2Xilt+3f8WFQ57Xm9n VuRdlYKm2tc85Qt+jzrSD0eDsIM6Bt8tww1w+HLA0mEY+YCZUqahky3sTbOGk1Jv lBBEgYLS4WO8iYaBbSrqey5yW7IUIHf+o3wH4JcBig55h2/bm8lbEAKus8b0984l 1A2L67pVIBoLa0hShURudOW1zwXdehlDN+dvaocSu3N4gw8Q3vmOc2xuxAQQ8zua AgoizMZu4KLcW6MzfrDVw+AKqDY1Q4RTQwpmo/3fjGp5f5vqHKXsm6O1ae/ZTH0S wT9KaazXz2PR9ZuuRUq3Vxb0+PhH4ebKbBQ7PHaj3pQ= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:52 2024 by rpki-client on console-fra.rpki-client.org