$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/H-XSrV8TIWEwfZt1mPa4JuKYYCQ.roa File: H-XSrV8TIWEwfZt1mPa4JuKYYCQ.roa (raw, json) Hash identifier: /msIDDjE12vYER0n1/VEFT2OngRWB0pVqIc/M2LxJsQ= Subject key identifier: 1F:E5:D2:AD:5F:13:21:61:30:7D:9B:75:98:F6:B8:26:E2:98:60:24 Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Certificate serial: 0CF7 Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/H-XSrV8TIWEwfZt1mPa4JuKYYCQ.roa Signing time: Mon 26 Aug 2024 05:12:53 +0000 ROA not before: Mon 26 Aug 2024 05:12:53 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9244 IP address blocks: 61.247.160.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Sep 2024 17:21:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3319 (0xcf7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Validity Not Before: Aug 26 05:12:53 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1FE5D2AD5F132161307D9B7598F6B826E2986024 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:98:c6:50:67:c6:33:55:96:26:8c:f6:16:3b: 8f:65:7a:50:3e:3a:c6:a8:c4:b3:f0:31:c4:77:54: 11:82:a5:a1:69:89:dd:b4:60:03:f7:a1:35:26:46: 4f:bd:ed:3e:38:85:b2:37:20:dd:04:c8:9e:b0:63: 29:de:cf:b4:70:dc:c3:d4:30:cd:1d:7c:4e:ea:d9: 95:d0:3b:cf:d4:e6:c7:10:fc:5f:4f:f5:57:65:57: 70:3a:22:d7:26:4a:ce:58:6f:6e:09:c6:1b:44:1d: ae:a7:4b:46:b2:bb:43:ac:59:78:67:db:3c:0c:bd: 3c:9b:dd:5f:53:d8:52:3d:a6:13:6a:bb:7a:6c:00: d7:5c:a1:a1:bc:a2:f5:79:29:cf:d0:2d:10:75:8f: 5f:2f:86:a0:e8:6c:94:35:14:a1:6e:41:78:46:ff: 73:e3:63:e5:55:31:5b:c8:ef:0c:18:d6:e4:34:30: a2:27:aa:97:00:da:b7:a6:02:aa:b7:7e:df:d7:a7: 87:92:cb:58:97:65:5b:33:a5:85:17:0a:08:5c:95: 88:7b:9e:92:83:70:01:a9:1e:14:a5:11:47:c8:fa: b2:5b:ec:8b:bd:06:1b:43:12:dc:32:d9:0c:dc:0b: f6:15:f8:27:b2:39:fd:64:dc:e9:a1:6b:c0:f0:1d: ce:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:E5:D2:AD:5F:13:21:61:30:7D:9B:75:98:F6:B8:26:E2:98:60:24 X509v3 Authority Key Identifier: keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/H-XSrV8TIWEwfZt1mPa4JuKYYCQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.247.160.0/20 Signature Algorithm: sha256WithRSAEncryption 24:8d:c1:24:8e:7b:e5:1d:19:06:87:a6:d2:79:c2:34:c3:50: 58:b0:b7:74:4b:d5:54:a4:25:2b:e1:7c:59:57:d0:9e:18:12: 32:10:5d:88:3f:21:e0:b6:a6:b1:9b:26:1e:7a:1e:17:a2:74: 18:4c:10:46:8a:c4:4a:25:37:dd:ca:75:bc:e3:b9:b9:69:f7: de:53:d3:84:9e:e2:6e:47:e5:ca:fd:ab:54:95:55:95:19:87: a9:7e:55:1b:83:89:55:e4:7a:55:cf:e9:60:d6:f2:7c:b8:2d: a7:45:95:0a:80:d8:74:a2:a6:f3:e8:81:04:3a:e2:b5:cc:b2: 7c:a6:c4:75:4c:17:32:60:2f:96:5f:75:ca:85:36:ae:e5:12: 9f:e4:42:97:a1:f7:ae:52:bb:d6:e3:09:55:d9:6a:cd:89:89: 80:ff:8b:55:90:95:f8:fd:3f:48:97:1e:d0:fc:cf:a0:eb:c4: a5:82:b8:e1:29:ec:9b:2b:c8:e0:bd:b1:0c:45:1f:47:ba:db: 2e:a6:8d:35:2f:5e:ea:66:26:b2:97:6d:d2:a3:da:6a:eb:16: e8:29:72:2a:f0:39:da:f2:7e:48:2d:bb:4e:9f:50:4c:49:8b: bd:71:35:4b:b6:43:da:a2:4f:69:90:e5:f8:07:87:49:d4:14: aa:61:d5:65 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNDA4MjYw NTEyNTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFGRTVEMkFENUYxMzIx NjEzMDdEOUI3NTk4RjZCODI2RTI5ODYwMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVmMZQZ8YzVZYmjPYWO49lelA+OsaoxLPwMcR3VBGCpaFpid20 YAP3oTUmRk+97T44hbI3IN0EyJ6wYynez7Rw3MPUMM0dfE7q2ZXQO8/U5scQ/F9P 9VdlV3A6ItcmSs5Yb24JxhtEHa6nS0ayu0OsWXhn2zwMvTyb3V9T2FI9phNqu3ps ANdcoaG8ovV5Kc/QLRB1j18vhqDobJQ1FKFuQXhG/3PjY+VVMVvI7wwY1uQ0MKIn qpcA2remAqq3ft/Xp4eSy1iXZVszpYUXCghclYh7npKDcAGpHhSlEUfI+rJb7Iu9 BhtDEtwy2QzcC/YV+CeyOf1k3Omha8DwHc7DAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUH+XSrV8TIWEwfZt1mPa4JuKYYCQwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL0gtWFNyVjhUSVdFd2ZadDFt UGE0SnVLWVlDUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9 96AwDQYJKoZIhvcNAQELBQADggEBACSNwSSOe+UdGQaHptJ5wjTDUFiwt3RL1VSk JSvhfFlX0J4YEjIQXYg/IeC2prGbJh56HheidBhMEEaKxEolN93Kdbzjublp995T 04Se4m5H5cr9q1SVVZUZh6l+VRuDiVXkelXP6WDW8ny4LadFlQqA2HSipvPogQQ6 4rXMsnymxHVMFzJgL5ZfdcqFNq7lEp/kQpeh965Su9bjCVXZas2JiYD/i1WQlfj9 P0iXHtD8z6DrxKWCuOEp7JsryOC9sQxFH0e62y6mjTUvXupmJrKXbdKj2mrrFugp cirwOdryfkgtu06fUExJi71xNUu2Q9qiT2mQ5fgHh0nUFKph1WU= -----END CERTIFICATE-----Generated at Sat Sep 28 14:43:46 2024 by rpki-client on console-ams.rpki-client.org