$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/z8lvMEmJ_x7StsJ925ukdSVsPo8.roa File: z8lvMEmJ_x7StsJ925ukdSVsPo8.roa (raw, json) Hash identifier: dAmhwW3wosrpMnBMReLM+Oi1eS5IJy6Vhkkc3ZbVn6k= Subject key identifier: CF:C9:6F:30:49:89:FF:1E:D2:B6:C2:7D:DB:9B:A4:75:25:6C:3E:8F Certificate issuer: /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB Certificate serial: 08D8 Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/z8lvMEmJ_x7StsJ925ukdSVsPo8.roa Signing time: Fri 01 Sep 2023 10:11:25 +0000 ROA not before: Fri 01 Sep 2023 10:11:25 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 18041 IP address blocks: 103.147.22.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 May 2024 19:28:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2264 (0x8d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB Validity Not Before: Sep 1 10:11:25 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=CFC96F304989FF1ED2B6C27DDB9BA475256C3E8F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:5e:3e:04:7e:d2:2c:de:7e:64:2a:de:69:16: 9b:0f:03:86:f2:78:99:5e:ea:c0:3e:c2:e3:65:a6: 75:4f:dd:cf:8d:9c:01:5c:98:04:5c:0d:79:9a:35: 97:ab:58:65:8b:b7:bc:e3:02:b3:bf:81:70:29:d6: e4:57:ed:6d:f9:33:a5:da:5e:f7:ed:f8:ee:6f:c3: a1:42:ff:f7:78:03:8d:0b:8b:3a:3e:b3:01:a5:00: a4:cc:f8:dc:af:07:c2:48:c6:38:27:f5:fb:a1:09: 42:47:71:32:7e:2a:20:6b:85:f7:78:3b:b9:0e:f5: 2f:bf:22:87:11:ff:75:f0:db:73:c7:8d:da:1b:26: d2:5d:61:da:57:d0:56:12:77:dc:33:bf:d3:77:7f: b9:5c:85:fe:bf:fa:87:fa:e0:be:0e:29:b5:13:5d: 1c:bb:2b:db:fe:e6:11:8c:88:76:4b:5a:a5:7f:2c: 79:f3:f7:5e:9d:9f:18:5c:37:95:a8:04:d1:1f:31: a8:98:53:d9:4b:9a:ea:e3:de:6d:15:fe:dc:8a:c9: 35:ec:22:da:31:a4:bb:64:23:70:40:ac:72:c0:7d: 9f:bf:67:d3:8e:7c:14:a7:b1:a6:ce:60:56:d0:50: 1b:5f:1c:a1:04:74:f0:47:6b:1d:c2:b8:dd:69:b5: 07:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:C9:6F:30:49:89:FF:1E:D2:B6:C2:7D:DB:9B:A4:75:25:6C:3E:8F X509v3 Authority Key Identifier: keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/z8lvMEmJ_x7StsJ925ukdSVsPo8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.147.22.0/23 Signature Algorithm: sha256WithRSAEncryption 59:22:4e:ac:c1:5c:47:12:7a:12:21:fd:35:9a:41:2e:30:ab: 6f:39:43:37:26:ea:89:61:c8:be:2a:1f:bc:81:d8:c7:35:b7: d4:52:75:b6:5a:25:35:9d:4e:28:94:fa:5f:54:36:78:79:5c: a0:08:60:cf:ed:e6:84:f7:61:c5:58:a7:c9:22:48:52:40:3a: 58:60:3b:1d:34:16:30:05:e8:40:72:18:d2:c6:e7:36:fe:2e: fb:f8:df:fa:f9:a9:1b:a9:f0:45:15:73:29:f6:2e:f1:f4:ee: 64:aa:2c:36:ba:5d:47:34:08:12:34:22:09:94:be:9c:c3:61: f2:8a:9b:a3:47:7e:dd:c9:a6:40:64:ab:52:24:58:91:14:ab: 21:c1:90:05:70:c7:81:f6:53:e7:e8:67:e0:9b:b7:e9:67:00: 8e:ac:9c:2e:be:ba:20:c8:c4:7e:a2:3d:77:27:ab:ad:95:a6: 03:d1:47:8f:72:56:54:00:4d:30:a7:ba:ce:d2:b0:37:9b:23: dd:77:f0:5d:81:92:ac:a4:81:ca:4b:a9:74:52:0f:8e:28:59: 31:36:63:5f:6c:21:38:b9:39:41:8c:ee:76:95:c6:7c:a5:cf: 4c:ab:a0:92:f2:8b:b9:a9:8e:1d:94:4c:15:38:20:e3:d7:31: 48:db:6f:58 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICCNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMzA5MDEx MDExMjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENGQzk2RjMwNDk4OUZG MUVEMkI2QzI3RERCOUJBNDc1MjU2QzNFOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDoXj4EftIs3n5kKt5pFpsPA4byeJle6sA+wuNlpnVP3c+NnAFc mARcDXmaNZerWGWLt7zjArO/gXAp1uRX7W35M6XaXvft+O5vw6FC//d4A40Lizo+ swGlAKTM+NyvB8JIxjgn9fuhCUJHcTJ+KiBrhfd4O7kO9S+/IocR/3Xw23PHjdob JtJdYdpX0FYSd9wzv9N3f7lchf6/+of64L4OKbUTXRy7K9v+5hGMiHZLWqV/LHnz 916dnxhcN5WoBNEfMaiYU9lLmurj3m0V/tyKyTXsItoxpLtkI3BArHLAfZ+/Z9OO fBSnsabOYFbQUBtfHKEEdPBHax3CuN1ptQefAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUz8lvMEmJ/x7StsJ925ukdSVsPo8wHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvejhsdk1FbUpfeDdTdHNKOTI1dWtk U1ZzUG84LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeTFjAN BgkqhkiG9w0BAQsFAAOCAQEAWSJOrMFcRxJ6EiH9NZpBLjCrbzlDNybqiWHIviof vIHYxzW31FJ1tlolNZ1OKJT6X1Q2eHlcoAhgz+3mhPdhxVinySJIUkA6WGA7HTQW MAXoQHIY0sbnNv4u+/jf+vmpG6nwRRVzKfYu8fTuZKosNrpdRzQIEjQiCZS+nMNh 8oqbo0d+3cmmQGSrUiRYkRSrIcGQBXDHgfZT5+hn4Ju36WcAjqycLr66IMjEfqI9 dyerrZWmA9FHj3JWVABNMKe6ztKwN5sj3XfwXYGSrKSBykupdFIPjihZMTZjX2wh OLk5QYzudpXGfKXPTKugkvKLuamOHZRMFTgg49cxSNtvWA== -----END CERTIFICATE-----Generated at Sun May 19 18:41:19 2024 by rpki-client on console-ams.rpki-client.org