$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/h9ZO6g9jmAooKGfKMLSm1ekw3ko.roa File: h9ZO6g9jmAooKGfKMLSm1ekw3ko.roa (raw, json) Hash identifier: FBMcJfCfJN9oWItvzAxUI3y2YDZYWvdY+JlGrDADd14= Subject key identifier: 87:D6:4E:EA:0F:63:98:0A:28:28:67:CA:30:B4:A6:D5:E9:30:DE:4A Certificate issuer: /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948 Certificate serial: 1359 Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/h9ZO6g9jmAooKGfKMLSm1ekw3ko.roa Signing time: Mon 26 Aug 2024 05:25:29 +0000 ROA not before: Mon 26 Aug 2024 05:25:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 16509 IP address blocks: 2403:aac0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:24:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4953 (0x1359) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948 Validity Not Before: Aug 26 05:25:29 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=87D64EEA0F63980A282867CA30B4A6D5E930DE4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:28:35:d2:77:59:ca:2c:f4:f3:21:8a:da:39: 53:83:33:1c:1e:ef:37:4f:d1:91:cf:4b:ee:b4:38: 42:9a:61:35:60:22:b5:50:e9:74:c7:32:ed:f6:ec: 95:8f:e2:98:b1:bd:d2:54:4d:ef:f3:ef:02:0d:a8: 49:56:a4:94:29:2b:77:c7:7b:f1:ff:40:d5:c7:c8: 60:71:88:ce:e1:dd:b3:68:27:11:fb:9f:25:30:6e: 20:aa:77:d6:25:bb:d3:17:e2:48:5c:85:13:e1:5c: 50:24:ee:1b:6c:a4:2a:9d:be:e7:8d:e7:9e:de:d6: eb:63:0f:2c:70:27:53:0f:89:d4:85:de:fe:18:c9: 7c:d4:ff:56:21:a2:78:06:71:c6:aa:ce:ef:b0:7a: bd:ae:fd:59:57:3a:d4:60:11:a0:de:73:c7:1d:ac: 32:6c:d9:50:a1:bf:f0:10:ca:9c:c5:87:39:7d:d6: ab:99:51:a0:3d:1e:73:d5:5a:c1:e7:6a:fc:5b:57: 17:c2:21:31:7c:b2:2d:f2:ee:76:8b:d0:0d:27:12: 3f:63:d0:75:fe:46:ed:97:68:00:f8:b3:82:a1:2d: 8b:fc:a2:5c:43:59:62:7e:61:cf:ff:f8:da:48:33: 63:a0:1a:52:ab:e7:23:46:e1:b0:5f:e0:a6:49:ce: e2:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:D6:4E:EA:0F:63:98:0A:28:28:67:CA:30:B4:A6:D5:E9:30:DE:4A X509v3 Authority Key Identifier: keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/h9ZO6g9jmAooKGfKMLSm1ekw3ko.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:aac0::/32 Signature Algorithm: sha256WithRSAEncryption 63:5d:dd:cb:d7:56:9c:94:9b:de:d3:9f:20:a5:8b:99:dd:b7: 60:ec:14:f0:2e:dd:a8:d1:59:12:1d:b1:cc:79:99:8a:d3:44: 97:b4:6f:a5:78:ff:e5:d8:20:ab:c4:c0:3e:56:fa:0c:30:5b: 89:8e:e7:81:1c:e8:9d:56:f5:1f:78:53:ec:50:19:1c:66:13: 60:73:7e:99:7d:15:62:7d:2f:d4:89:5a:02:6d:de:aa:ce:49: d1:46:db:80:ac:a2:e5:c6:b5:59:b1:18:30:0b:ea:c9:20:bf: c7:7e:aa:f4:df:1c:cc:17:f0:35:f4:31:cb:9e:cc:2b:1a:43: 92:6c:0a:ca:db:2d:1e:d5:5b:4f:7a:0b:df:ff:a6:19:78:37: 27:5b:30:98:7c:a3:61:c3:39:7c:c8:21:63:f6:0e:52:e8:27: a0:13:85:53:54:fa:9e:56:e3:f3:ac:7d:d1:34:7b:20:7f:09: 2c:ca:d2:04:57:ca:fa:c4:9f:1f:0e:44:8a:d0:6d:7e:5f:c2: df:32:0b:0d:ae:ee:96:41:5b:c4:d5:3e:40:40:ac:0b:87:d6: 40:11:75:ff:d2:ef:0c:9f:a1:d7:f2:d3:de:25:a6:74:5d:5f: 7e:91:2f:d8:69:63:29:91:6d:9c:cc:1a:1b:10:7c:28:e7:94: 56:f9:2f:d7 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICE1kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5 QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yNDA4MjYw NTI1MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg3RDY0RUVBMEY2Mzk4 MEEyODI4NjdDQTMwQjRBNkQ1RTkzMERFNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwKDXSd1nKLPTzIYraOVODMxwe7zdP0ZHPS+60OEKaYTVgIrVQ 6XTHMu327JWP4pixvdJUTe/z7wINqElWpJQpK3fHe/H/QNXHyGBxiM7h3bNoJxH7 nyUwbiCqd9Ylu9MX4khchRPhXFAk7htspCqdvueN557e1utjDyxwJ1MPidSF3v4Y yXzU/1YhongGccaqzu+wer2u/VlXOtRgEaDec8cdrDJs2VChv/AQypzFhzl91quZ UaA9HnPVWsHnavxbVxfCITF8si3y7naL0A0nEj9j0HX+Ru2XaAD4s4KhLYv8olxD WWJ+Yc//+NpIM2OgGlKr5yNG4bBf4KZJzuKjAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQUh9ZO6g9jmAooKGfKMLSm1ekw3kowHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf 9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC9oOVpPNmc5am1Bb29LR2ZLTUxT bTFla3cza28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAOq wDANBgkqhkiG9w0BAQsFAAOCAQEAY13dy9dWnJSb3tOfIKWLmd23YOwU8C7dqNFZ Eh2xzHmZitNEl7RvpXj/5dggq8TAPlb6DDBbiY7ngRzonVb1H3hT7FAZHGYTYHN+ mX0VYn0v1IlaAm3eqs5J0UbbgKyi5ca1WbEYMAvqySC/x36q9N8czBfwNfQxy57M KxpDkmwKytstHtVbT3oL3/+mGXg3J1swmHyjYcM5fMghY/YOUugnoBOFU1T6nlbj 86x90TR7IH8JLMrSBFfK+sSfHw5EitBtfl/C3zILDa7ulkFbxNU+QECsC4fWQBF1 /9LvDJ+h1/LT3iWmdF1ffpEv2GljKZFtnMwaGxB8KOeUVvkv1w== -----END CERTIFICATE-----Generated at Fri Nov 22 00:15:17 2024 by rpki-client on console-ams.rpki-client.org