$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/PENmNGpecpRMVqyy0tE-vMHHlxI.roa File: PENmNGpecpRMVqyy0tE-vMHHlxI.roa (raw, json) Hash identifier: 16KaLkwLRV4R7xZ0+MdwlMLZbB1fB8mLsv5c7BBwE24= Subject key identifier: 3C:43:66:34:6A:5E:72:94:4C:56:AC:B2:D2:D1:3E:BC:C1:C7:97:12 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 0F74 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/PENmNGpecpRMVqyy0tE-vMHHlxI.roa Signing time: Fri 01 Sep 2023 08:57:06 +0000 ROA not before: Fri 01 Sep 2023 08:57:06 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 17421 IP address blocks: 223.136.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 03:55:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3956 (0xf74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 1 08:57:06 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=3C4366346A5E72944C56ACB2D2D13EBCC1C79712 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:34:32:7e:76:b4:a3:12:6c:85:f6:de:70:5d: 04:91:15:bd:06:70:8b:d3:4a:39:66:cd:ee:d0:ca: a6:00:50:45:08:0e:50:31:ca:21:f4:a2:f3:a1:d4: a1:91:64:11:ac:e2:9d:dd:21:83:34:4e:fc:d1:87: 03:de:aa:61:2a:34:21:2d:db:f3:f2:5a:73:b2:19: 9f:34:4b:ed:be:40:20:f1:b0:d6:16:dd:33:84:a0: dd:18:4e:e7:f2:5e:17:9f:70:37:6b:5c:a4:38:5d: 1a:81:f4:b6:31:2f:f5:37:1a:60:26:65:2d:6c:04: a9:be:37:aa:65:4e:1e:84:23:ed:ea:68:96:b7:3a: 83:af:8a:b1:2e:77:fa:af:bb:79:8d:15:ae:19:a5: 30:c4:0b:e6:ab:c5:0d:8c:2f:64:00:3d:a1:75:8c: e1:ac:15:0b:ad:04:3c:da:f3:01:ab:ac:00:14:1b: 4a:2d:84:ca:28:d6:f8:fd:5e:7d:15:98:5f:93:8c: e5:1a:f4:4c:37:0c:86:80:6e:0e:86:1f:d4:4b:84: 32:4a:fd:57:39:01:d0:9b:0a:aa:f0:e0:6c:93:ea: 6b:2b:db:b6:88:1d:d1:01:dd:51:ab:e0:b9:eb:46: 8f:ad:65:dc:61:a0:37:99:36:50:3c:0b:14:5f:c4: ec:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:43:66:34:6A:5E:72:94:4C:56:AC:B2:D2:D1:3E:BC:C1:C7:97:12 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/PENmNGpecpRMVqyy0tE-vMHHlxI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.136.0.0/13 Signature Algorithm: sha256WithRSAEncryption 14:07:5b:4d:9d:16:04:cd:5c:26:2b:a3:8a:1a:d2:6e:7d:d9: 07:e7:be:e2:46:10:f3:ac:0a:a1:bd:40:b6:a1:59:4c:24:4d: 85:cf:ef:79:63:4e:69:91:15:f6:75:6e:55:6e:0e:0b:0c:ee: 5c:ff:ba:8b:02:7f:c0:17:7f:92:e2:62:98:df:27:d7:ad:07: c3:de:46:2c:a5:64:5f:35:31:f5:c3:9c:fb:7d:b3:67:47:d2: 8e:ed:1d:37:f6:c7:c0:c7:2d:e4:56:f8:f9:20:01:4c:3a:59: 96:4b:0e:2f:3a:da:45:05:53:17:91:12:1c:e8:4e:77:68:b1: 44:2b:76:b6:b2:42:c8:9e:db:f2:75:f6:01:82:88:31:c2:0c: e2:87:3c:07:7d:6c:a5:b9:d4:f9:4e:c5:ca:46:fe:21:63:f0: 10:df:da:3e:81:7d:9e:dc:49:1c:73:14:a3:5b:e1:17:59:0f: 9e:57:5c:aa:1c:ea:4a:28:34:57:d5:a4:c2:e1:07:c9:56:bc: 27:2b:b9:b2:11:e8:62:05:4e:34:96:fd:35:92:73:57:f8:54: dd:8a:ce:6d:88:7a:f1:cb:84:33:c7:84:24:ba:f7:a1:a9:a8: d8:79:f4:5a:01:6e:3e:26:a6:69:13:bd:ac:2c:d5:92:70:f4: 31:f5:97:67 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICD3QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw ODU3MDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNDNDM2NjM0NkE1RTcy OTQ0QzU2QUNCMkQyRDEzRUJDQzFDNzk3MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpNDJ+drSjEmyF9t5wXQSRFb0GcIvTSjlmze7QyqYAUEUIDlAx yiH0ovOh1KGRZBGs4p3dIYM0TvzRhwPeqmEqNCEt2/PyWnOyGZ80S+2+QCDxsNYW 3TOEoN0YTufyXhefcDdrXKQ4XRqB9LYxL/U3GmAmZS1sBKm+N6plTh6EI+3qaJa3 OoOvirEud/qvu3mNFa4ZpTDEC+arxQ2ML2QAPaF1jOGsFQutBDza8wGrrAAUG0ot hMoo1vj9Xn0VmF+TjOUa9Ew3DIaAbg6GH9RLhDJK/Vc5AdCbCqrw4GyT6msr27aI HdEB3VGr4LnrRo+tZdxhoDeZNlA8CxRfxOyzAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUPENmNGpecpRMVqyy0tE+vMHHlxIwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9QRU5tTkdwZWNwUk1WcXl5MHRF LXZNSEhseEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD34gw DQYJKoZIhvcNAQELBQADggEBABQHW02dFgTNXCYro4oa0m592QfnvuJGEPOsCqG9 QLahWUwkTYXP73ljTmmRFfZ1blVuDgsM7lz/uosCf8AXf5LiYpjfJ9etB8PeRiyl ZF81MfXDnPt9s2dH0o7tHTf2x8DHLeRW+PkgAUw6WZZLDi862kUFUxeREhzoTndo sUQrdrayQsie2/J19gGCiDHCDOKHPAd9bKW51PlOxcpG/iFj8BDf2j6BfZ7cSRxz FKNb4RdZD55XXKoc6kooNFfVpMLhB8lWvCcrubIR6GIFTjSW/TWSc1f4VN2Kzm2I evHLhDPHhCS696GpqNh59FoBbj4mpmkTvaws1ZJw9DH1l2c= -----END CERTIFICATE-----Generated at Tue Jun 18 13:13:37 2024 by rpki-client on console-fra.rpki-client.org