$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/PGHsuKKZwL-QAroRS3KM46ufysY.roa File: PGHsuKKZwL-QAroRS3KM46ufysY.roa (raw, json) Hash identifier: AXESdcF4xbMsTfJn8M9y4aXRczdLRRM6ZqCsUw9kRbc= Subject key identifier: 3C:61:EC:B8:A2:99:C0:BF:90:02:BA:11:4B:72:8C:E3:AB:9F:CA:C6 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0C6E Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/PGHsuKKZwL-QAroRS3KM46ufysY.roa Signing time: Fri 01 Sep 2023 08:26:33 +0000 ROA not before: Fri 01 Sep 2023 08:26:33 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 18429 IP address blocks: 61.57.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 02:54:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3182 (0xc6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Sep 1 08:26:33 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=3C61ECB8A299C0BF9002BA114B728CE3AB9FCAC6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ea:c9:34:19:c0:b6:61:f7:b4:3d:0c:11:86: 30:9e:c2:29:61:a6:80:9e:ff:ee:6b:ff:d5:7f:c7: 03:01:1e:57:a6:c5:c7:af:e4:bd:7d:17:a2:62:ea: 14:51:d4:8e:e1:15:9f:f8:2c:8e:4a:3b:91:65:14: 21:f1:30:bf:45:ac:be:f6:16:d0:b8:70:bd:6d:69: 51:52:8f:8a:3f:ec:e6:2e:9b:23:87:30:4c:30:1c: 5b:e8:c9:9c:55:ee:56:6a:09:c8:bf:90:f3:39:c9: df:5f:8f:ac:17:7a:ee:29:bf:ca:39:2f:76:43:22: 7e:1d:f5:d2:2f:da:87:40:4c:60:1b:bb:d0:c4:3a: aa:94:f0:63:9f:c9:95:31:a2:3c:b1:25:31:b6:19: af:79:a4:0e:8d:3e:9f:e9:53:ef:e4:f4:44:e3:0a: 69:ca:90:d1:7c:23:49:71:e8:1e:b0:8e:fa:b0:f0: 94:09:51:a0:34:c5:67:23:46:97:c2:c7:25:fd:36: 6a:57:da:98:cc:fa:a6:90:e1:b2:31:6c:65:10:dd: 94:a1:51:cb:e4:36:a8:09:4b:57:16:91:39:7a:1d: 43:bf:3a:32:fb:44:b4:a8:f6:96:f7:e4:e5:84:67: 1e:0f:ca:48:2b:a0:d3:4b:dd:06:e4:da:57:7d:31: 88:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:61:EC:B8:A2:99:C0:BF:90:02:BA:11:4B:72:8C:E3:AB:9F:CA:C6 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/PGHsuKKZwL-QAroRS3KM46ufysY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.152.0/21 Signature Algorithm: sha256WithRSAEncryption 6f:1e:3f:f7:51:5d:e7:c1:c8:d6:a5:4b:8b:ef:84:c5:fe:83: 8b:b9:1c:f2:5a:05:9e:08:a9:9c:52:c9:08:98:56:d7:f4:91: 20:a6:6e:68:10:03:35:64:d6:4f:58:3b:e6:c4:33:ef:0d:ef: 39:e2:85:33:ea:93:95:3c:c6:4f:9f:1e:7c:ff:52:f4:53:27: 55:1d:c1:96:21:51:94:48:37:0a:9d:fb:12:8c:9e:7b:fd:66: 51:89:8e:ff:f4:4b:a2:86:e4:e4:a4:93:5e:8d:e1:f4:3a:fb: d1:8b:17:dc:4c:1f:15:dd:3e:50:ae:3a:56:49:93:1b:66:a1: e4:25:9a:ec:e9:51:d9:62:7d:c3:0e:93:f3:cd:21:16:2a:0f: 36:fc:cf:e5:12:5d:b7:7f:ff:7d:f7:6d:d5:ba:f8:70:4a:03: ce:b6:82:40:a2:60:58:6c:3b:af:30:a0:49:70:b3:d2:5b:77: e1:35:7f:db:2a:be:bc:1e:75:7c:8e:bb:6c:bc:21:6f:7d:9b: 9b:af:7d:42:cc:d7:12:cd:b6:6b:1a:1b:1c:5c:1f:31:b9:68: 41:9c:dd:3a:e1:fd:44:61:d5:ec:11:da:17:51:e9:52:1a:ea: eb:39:65:0f:4c:93:56:bd:4f:86:cf:be:3c:48:bf:ac:da:7d: 5f:b8:d9:d0 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDG4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw ODI2MzNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNDNjFFQ0I4QTI5OUMw QkY5MDAyQkExMTRCNzI4Q0UzQUI5RkNBQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC36sk0GcC2Yfe0PQwRhjCewilhpoCe/+5r/9V/xwMBHlemxcev 5L19F6Ji6hRR1I7hFZ/4LI5KO5FlFCHxML9FrL72FtC4cL1taVFSj4o/7OYumyOH MEwwHFvoyZxV7lZqCci/kPM5yd9fj6wXeu4pv8o5L3ZDIn4d9dIv2odATGAbu9DE OqqU8GOfyZUxojyxJTG2Ga95pA6NPp/pU+/k9ETjCmnKkNF8I0lx6B6wjvqw8JQJ UaA0xWcjRpfCxyX9NmpX2pjM+qaQ4bIxbGUQ3ZShUcvkNqgJS1cWkTl6HUO/OjL7 RLSo9pb35OWEZx4PykgroNNL3Qbk2ld9MYh7AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUPGHsuKKZwL+QAroRS3KM46ufysYwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9QR0hzdUtLWndMLVFBcm9SUzNL TTQ2dWZ5c1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmY MA0GCSqGSIb3DQEBCwUAA4IBAQBvHj/3UV3nwcjWpUuL74TF/oOLuRzyWgWeCKmc UskImFbX9JEgpm5oEAM1ZNZPWDvmxDPvDe854oUz6pOVPMZPnx58/1L0UydVHcGW IVGUSDcKnfsSjJ57/WZRiY7/9EuihuTkpJNejeH0OvvRixfcTB8V3T5QrjpWSZMb ZqHkJZrs6VHZYn3DDpPzzSEWKg82/M/lEl23f/99923VuvhwSgPOtoJAomBYbDuv MKBJcLPSW3fhNX/bKr68HnV8jrtsvCFvfZubr31CzNcSzbZrGhscXB8xuWhBnN06 4f1EYdXsEdoXUelSGurrOWUPTJNWvU+Gz748SL+s2n1fuNnQ -----END CERTIFICATE-----Generated at Mon Jun 3 04:21:40 2024 by rpki-client on console-ams.rpki-client.org