$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/udlrGMSodhl6fn06MgtbSfEMn0I.roa File: udlrGMSodhl6fn06MgtbSfEMn0I.roa (raw, json) Hash identifier: 74XsOGEmQadaBfWW+UbLSioxVcUawCG8enCea5IpnGY= Subject key identifier: B9:D9:6B:18:C4:A8:76:19:7A:7E:7D:3A:32:0B:5B:49:F1:0C:9F:42 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 0F76 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/udlrGMSodhl6fn06MgtbSfEMn0I.roa Signing time: Fri 01 Sep 2023 08:57:06 +0000 ROA not before: Fri 01 Sep 2023 08:57:06 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 3462 IP address blocks: 43.255.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 03:55:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3958 (0xf76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 1 08:57:06 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=B9D96B18C4A876197A7E7D3A320B5B49F10C9F42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:41:0a:a2:d4:14:e5:68:a9:2e:96:52:9e:73: 47:64:da:6c:19:4b:0c:1d:74:8e:58:5b:ca:af:1b: 4f:65:44:d7:b2:61:a6:4e:26:72:2a:0f:73:af:6e: 35:ba:f1:1c:ff:f7:65:e3:83:8c:e3:23:a6:69:fe: 48:42:5f:ff:7f:ad:78:d8:24:44:79:d4:f1:d5:fd: 4e:c0:14:fc:03:24:22:68:07:cd:41:82:e7:db:50: 95:4f:dd:06:31:74:2b:c4:92:ad:36:bf:0d:2b:e3: 91:12:83:5c:fb:2e:c0:a4:34:ea:a5:ea:34:67:c5: 43:67:d7:75:bf:eb:0a:8c:00:e9:e6:38:45:7d:e8: 52:df:24:be:5f:a1:94:3d:2b:38:d1:b0:f0:68:e2: e5:92:bf:28:0e:d9:6f:b5:9c:ca:90:e8:ea:0f:db: f4:3e:b0:f1:21:d8:c7:f1:4a:94:fe:f1:9f:4c:17: 0f:9b:fc:bb:31:d4:1f:3e:66:26:a4:71:eb:ca:97: 63:c5:2f:15:10:80:6a:a8:e0:63:59:bc:e7:9a:00: 77:47:62:4f:09:aa:d6:a6:8d:ee:c3:d4:3e:43:89: 8a:87:52:e6:41:de:12:26:7e:cf:df:55:ce:18:23: 12:f4:a8:c6:eb:8c:80:8b:3f:86:02:26:e2:74:d5: 8e:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:D9:6B:18:C4:A8:76:19:7A:7E:7D:3A:32:0B:5B:49:F1:0C:9F:42 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/udlrGMSodhl6fn06MgtbSfEMn0I.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.255.92.0/22 Signature Algorithm: sha256WithRSAEncryption 7e:d8:d8:d2:ec:6a:58:d6:a7:53:8f:15:93:0c:ce:9e:8a:bf: 23:6e:1c:da:48:c8:75:d6:82:50:51:72:b9:bd:f6:61:ce:36: 7a:2b:0d:e0:c7:2b:49:03:90:dd:eb:68:ff:25:24:85:cd:99: c8:e3:a9:cb:0d:71:fb:a2:b4:99:c6:56:d5:f7:87:5f:5c:b4: de:d2:15:5f:2b:99:98:ba:b7:a2:65:08:19:61:82:e2:3a:48: 2c:58:41:59:4f:e5:68:00:99:a8:79:33:04:a3:24:e8:39:20: 25:35:4a:6d:06:23:a0:c3:c3:7f:9f:af:0d:cf:b8:f6:9f:7d: fb:39:aa:80:a6:38:e8:82:15:bc:4f:92:1b:97:81:4d:51:36: 0e:11:dc:34:37:3e:02:85:73:f6:0f:9f:ed:18:04:c3:af:d2: 0b:44:c0:ba:22:98:6d:44:24:26:fd:66:da:77:01:c4:e0:d6: 21:25:6b:50:07:d2:c7:d9:90:b2:70:9d:62:ed:21:40:34:2f: 30:d9:3f:21:b5:6d:3b:70:ae:24:94:65:6f:ec:c4:1f:02:3a: 03:83:ab:df:55:a9:81:e8:ca:67:32:f7:9a:27:e0:31:3d:89: 4e:ab:fb:a6:fa:8d:23:0b:1b:ca:ee:42:a4:c8:3e:b0:10:1d: c2:be:e4:57 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICD3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw ODU3MDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI5RDk2QjE4QzRBODc2 MTk3QTdFN0QzQTMyMEI1QjQ5RjEwQzlGNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7QQqi1BTlaKkullKec0dk2mwZSwwddI5YW8qvG09lRNeyYaZO JnIqD3OvbjW68Rz/92Xjg4zjI6Zp/khCX/9/rXjYJER51PHV/U7AFPwDJCJoB81B gufbUJVP3QYxdCvEkq02vw0r45ESg1z7LsCkNOql6jRnxUNn13W/6wqMAOnmOEV9 6FLfJL5foZQ9KzjRsPBo4uWSvygO2W+1nMqQ6OoP2/Q+sPEh2MfxSpT+8Z9MFw+b /Lsx1B8+ZiakcevKl2PFLxUQgGqo4GNZvOeaAHdHYk8Jqtamje7D1D5DiYqHUuZB 3hImfs/fVc4YIxL0qMbrjICLP4YCJuJ01Y7xAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUudlrGMSodhl6fn06MgtbSfEMn0IwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC91ZGxyR01Tb2RobDZmbjA2TWd0 YlNmRU1uMEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCK/9c MA0GCSqGSIb3DQEBCwUAA4IBAQB+2NjS7GpY1qdTjxWTDM6eir8jbhzaSMh11oJQ UXK5vfZhzjZ6Kw3gxytJA5Dd62j/JSSFzZnI46nLDXH7orSZxlbV94dfXLTe0hVf K5mYureiZQgZYYLiOkgsWEFZT+VoAJmoeTMEoyToOSAlNUptBiOgw8N/n68Nz7j2 n337OaqApjjoghW8T5Ibl4FNUTYOEdw0Nz4ChXP2D5/tGATDr9ILRMC6IphtRCQm /WbadwHE4NYhJWtQB9LH2ZCycJ1i7SFANC8w2T8htW07cK4klGVv7MQfAjoDg6vf VamB6MpnMveaJ+AxPYlOq/um+o0jCxvK7kKkyD6wEB3CvuRX -----END CERTIFICATE-----Generated at Tue Jun 18 12:54:04 2024 by rpki-client on console-ams.rpki-client.org