$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/IgL8zeEbeJfn8fJBAvUjZRg_dcE.roa File: IgL8zeEbeJfn8fJBAvUjZRg_dcE.roa (raw, json) Hash identifier: ZkedyTGi+7OsDNWoBiAB8yY9dQdyNfFhlzHW8DbMPa8= Subject key identifier: 22:02:FC:CD:E1:1B:78:97:E7:F1:F2:41:02:F5:23:65:18:3F:75:C1 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 0FA9 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IgL8zeEbeJfn8fJBAvUjZRg_dcE.roa Signing time: Fri 01 Sep 2023 08:57:21 +0000 ROA not before: Fri 01 Sep 2023 08:57:21 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 3462 IP address blocks: 210.71.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 03:55:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4009 (0xfa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 1 08:57:21 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=2202FCCDE11B7897E7F1F24102F52365183F75C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ef:bc:21:cd:a4:2f:10:db:c8:6b:4c:df:a3: 22:a0:9a:52:35:3c:f2:50:97:46:c4:b1:9d:c6:4b: 85:6c:00:36:da:0c:0a:01:cb:bb:de:78:ed:ab:04: b5:40:94:98:4d:b8:1d:71:3b:0a:c4:90:c3:d2:44: a5:29:1b:e8:91:88:f3:45:4b:74:8c:d5:7e:b6:74: e6:6e:8b:93:a1:7b:0d:a4:db:53:9a:ec:e0:db:1a: 8d:ef:2f:41:1e:5d:a4:62:35:bd:24:7d:a7:fa:60: f5:b1:5e:93:c5:18:17:45:52:31:c9:76:c1:76:9e: 9f:38:96:af:5d:fe:e5:69:ef:65:82:88:65:b6:19: 44:3e:0c:5d:5e:a7:5f:53:13:8c:43:df:f0:b5:3a: 74:a3:ea:0d:f5:a1:b7:00:df:e3:c8:5d:61:79:8b: 21:8b:60:8b:bd:72:c0:6a:15:26:7e:66:b2:9f:10: 7a:13:98:87:2a:4d:9d:da:67:44:e9:a4:70:bd:3c: 22:3d:6b:c3:82:11:c7:42:78:9b:b9:cd:5c:ef:f9: 5d:b9:d1:6b:31:8a:a7:8d:85:5f:1d:7a:b2:89:53: 86:70:94:8d:5e:a7:b3:5f:27:bf:32:5c:90:3a:e2: fd:56:fb:c7:59:4f:50:06:4a:22:d5:0b:0d:c9:37: 03:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:02:FC:CD:E1:1B:78:97:E7:F1:F2:41:02:F5:23:65:18:3F:75:C1 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IgL8zeEbeJfn8fJBAvUjZRg_dcE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.71.128.0/17 Signature Algorithm: sha256WithRSAEncryption 9c:95:77:50:3b:8b:8e:b0:0f:dd:68:12:31:78:48:c1:7e:31: 69:99:d3:df:51:62:3b:5f:22:fe:c5:58:68:9f:66:61:2f:69: d7:71:bf:78:51:66:5c:c1:9e:a9:ac:a3:91:4a:88:cf:f8:c5: 18:25:10:df:b4:29:64:9d:6c:44:77:b8:bd:fa:05:3a:aa:53: 8f:f2:70:ca:ab:89:ad:53:f9:14:b1:82:e5:af:2a:33:f0:cc: ba:ed:2a:1d:29:e1:90:64:2f:54:ae:af:96:b8:e0:d9:40:85: 40:b6:fa:62:12:45:2f:11:d3:07:c9:f8:32:a8:70:9d:2a:5b: 09:27:f9:eb:0e:3f:ba:1a:e6:86:7a:9f:58:4d:07:25:72:0b: 8d:06:72:85:1a:4a:2f:a4:ff:9d:d2:a2:16:8a:90:f2:39:6b: dc:7c:a2:b6:02:85:0a:4e:60:b2:62:9b:fd:e3:e5:ce:a2:bf: 4f:63:24:3c:2f:74:bd:f3:55:d1:5a:33:01:69:e7:70:a2:80: f6:38:47:c0:e6:c3:ac:e9:3b:0d:1a:cb:00:3d:90:17:2f:0c: e2:e5:9b:22:ad:c9:4a:62:27:9c:24:25:f9:cd:e9:51:e5:ca: 39:ed:69:73:3f:f8:be:10:92:e9:6c:4d:ed:cb:ba:c5:44:d5: ff:92:50:7a -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICD6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw ODU3MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIyMDJGQ0NERTExQjc4 OTdFN0YxRjI0MTAyRjUyMzY1MTgzRjc1QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCv77whzaQvENvIa0zfoyKgmlI1PPJQl0bEsZ3GS4VsADbaDAoB y7veeO2rBLVAlJhNuB1xOwrEkMPSRKUpG+iRiPNFS3SM1X62dOZui5Ohew2k21Oa 7ODbGo3vL0EeXaRiNb0kfaf6YPWxXpPFGBdFUjHJdsF2np84lq9d/uVp72WCiGW2 GUQ+DF1ep19TE4xD3/C1OnSj6g31obcA3+PIXWF5iyGLYIu9csBqFSZ+ZrKfEHoT mIcqTZ3aZ0TppHC9PCI9a8OCEcdCeJu5zVzv+V250WsxiqeNhV8derKJU4ZwlI1e p7NfJ78yXJA64v1W+8dZT1AGSiLVCw3JNwOFAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUIgL8zeEbeJfn8fJBAvUjZRg/dcEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9JZ0w4emVFYmVKZm44ZkpCQXZV alpSZ19kY0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH0keA MA0GCSqGSIb3DQEBCwUAA4IBAQCclXdQO4uOsA/daBIxeEjBfjFpmdPfUWI7XyL+ xVhon2ZhL2nXcb94UWZcwZ6prKORSojP+MUYJRDftClknWxEd7i9+gU6qlOP8nDK q4mtU/kUsYLlryoz8My67SodKeGQZC9Urq+WuODZQIVAtvpiEkUvEdMHyfgyqHCd KlsJJ/nrDj+6GuaGep9YTQclcguNBnKFGkovpP+d0qIWipDyOWvcfKK2AoUKTmCy Ypv94+XOor9PYyQ8L3S981XRWjMBaedwooD2OEfA5sOs6TsNGssAPZAXLwzi5Zsi rclKYiecJCX5zelR5co57WlzP/i+EJLpbE3ty7rFRNX/klB6 -----END CERTIFICATE-----Generated at Tue Jun 18 13:13:37 2024 by rpki-client on console-fra.rpki-client.org