$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/oiARlMdb-F9YR7Y5VQw6dAS56PM.roa File: oiARlMdb-F9YR7Y5VQw6dAS56PM.roa (raw, json) Hash identifier: CP8c933HAhVfVJ9eUtOfQ7h+1hU9i9Cb5da/wAXhCIg= Subject key identifier: A2:20:11:94:C7:5B:F8:5F:58:47:B6:39:55:0C:3A:74:04:B9:E8:F3 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0C81 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/oiARlMdb-F9YR7Y5VQw6dAS56PM.roa Signing time: Fri 01 Sep 2023 08:26:40 +0000 ROA not before: Fri 01 Sep 2023 08:26:40 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 18429 IP address blocks: 61.57.144.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 02:54:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3201 (0xc81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Sep 1 08:26:40 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=A2201194C75BF85F5847B639550C3A7404B9E8F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0f:e3:ec:86:25:b8:fb:25:70:8b:9f:11:04: 00:fe:0f:55:f2:67:73:fe:23:fc:3d:66:de:ff:cd: 57:39:8b:40:9c:d2:3c:fc:c1:4a:d9:0a:c0:bc:73: c8:20:9f:38:3b:98:4a:cd:8d:a3:f8:cd:07:36:35: 30:4c:e8:0b:81:54:15:bb:1b:3e:dc:59:ba:20:bb: bb:c0:5b:d2:81:18:7d:52:87:e5:f9:13:51:c1:38: ad:f4:a4:40:37:76:91:b1:ca:0c:ac:50:d5:06:13: 66:6b:06:0d:95:61:b5:00:95:c4:7e:f3:a5:03:de: 02:ce:01:88:32:5f:49:b6:53:cc:f2:d2:12:6d:84: 16:6d:57:d0:6d:9c:25:03:3f:f7:22:7f:0c:1d:70: d4:2c:9d:bc:4c:ff:3d:1e:06:2e:3d:2b:35:5e:6c: 64:af:20:6a:cd:e2:20:14:32:e1:fc:5a:9b:ca:5f: 0b:88:33:34:ba:57:41:d9:7b:18:93:c4:af:ed:e6: f7:0f:43:37:6c:8a:2d:3d:66:5d:c8:d1:0b:96:e1: b1:ac:7f:fc:2e:63:4e:e8:65:ad:f9:59:78:e2:2a: 70:8f:7f:70:02:2b:a1:2a:68:1d:00:08:8e:6a:5d: 01:c4:e8:08:80:9a:33:38:0f:1b:90:ca:46:ec:eb: 59:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:20:11:94:C7:5B:F8:5F:58:47:B6:39:55:0C:3A:74:04:B9:E8:F3 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/oiARlMdb-F9YR7Y5VQw6dAS56PM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.144.0/22 Signature Algorithm: sha256WithRSAEncryption 12:cb:27:07:2e:56:65:02:54:e5:99:b9:10:f7:e1:8a:93:e1: c1:7e:84:d9:a8:f6:51:0f:91:62:51:19:46:ee:d1:0a:80:20: 91:7f:44:df:f5:de:7d:a8:1c:62:ea:04:25:c2:e2:61:3d:09: 80:7d:e7:b8:4d:e7:f7:95:a1:33:a5:d0:a0:c8:8e:4b:43:6a: 92:6b:bd:98:9e:94:d4:43:c3:25:2f:56:16:e0:70:78:35:e5: ee:32:3c:0c:ef:25:d3:8e:ae:8d:db:d2:55:5a:89:59:4e:7f: b0:9c:38:00:f7:37:36:cf:cf:7d:72:1d:63:25:a3:fa:d3:95: 54:a5:90:56:81:f3:3d:56:1a:82:c8:92:37:8f:d9:80:71:43: 6b:d8:bc:6b:00:b9:d7:2c:94:54:fa:9f:69:cf:e9:10:c8:33: 2d:51:cc:39:b5:8c:7a:f4:25:e7:6a:ac:e2:b1:3c:99:32:0b: 64:eb:f7:1b:f9:88:cd:04:a7:29:30:90:5c:ac:71:ba:81:3f: 94:4a:b9:5b:2f:4d:96:47:4f:a1:57:5b:72:82:e4:2f:aa:7f: e9:d0:fd:3a:bc:fe:3d:f4:fd:5d:e8:3c:09:8d:36:b7:f7:5c: 4c:9e:6a:41:e5:d2:e6:5c:cf:b6:75:70:9a:5b:77:50:f3:a1: a4:16:43:b8 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw ODI2NDBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEyMjAxMTk0Qzc1QkY4 NUY1ODQ3QjYzOTU1MEMzQTc0MDRCOUU4RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqD+PshiW4+yVwi58RBAD+D1XyZ3P+I/w9Zt7/zVc5i0Cc0jz8 wUrZCsC8c8ggnzg7mErNjaP4zQc2NTBM6AuBVBW7Gz7cWbogu7vAW9KBGH1Sh+X5 E1HBOK30pEA3dpGxygysUNUGE2ZrBg2VYbUAlcR+86UD3gLOAYgyX0m2U8zy0hJt hBZtV9BtnCUDP/cifwwdcNQsnbxM/z0eBi49KzVebGSvIGrN4iAUMuH8WpvKXwuI MzS6V0HZexiTxK/t5vcPQzdsii09Zl3I0QuW4bGsf/wuY07oZa35WXjiKnCPf3AC K6EqaB0ACI5qXQHE6AiAmjM4DxuQykbs61mjAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUoiARlMdb+F9YR7Y5VQw6dAS56PMwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9vaUFSbE1kYi1GOVlSN1k1VlF3 NmRBUzU2UE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPTmQ MA0GCSqGSIb3DQEBCwUAA4IBAQASyycHLlZlAlTlmbkQ9+GKk+HBfoTZqPZRD5Fi URlG7tEKgCCRf0Tf9d59qBxi6gQlwuJhPQmAfee4Tef3laEzpdCgyI5LQ2qSa72Y npTUQ8MlL1YW4HB4NeXuMjwM7yXTjq6N29JVWolZTn+wnDgA9zc2z899ch1jJaP6 05VUpZBWgfM9VhqCyJI3j9mAcUNr2LxrALnXLJRU+p9pz+kQyDMtUcw5tYx69CXn aqzisTyZMgtk6/cb+YjNBKcpMJBcrHG6gT+USrlbL02WR0+hV1tyguQvqn/p0P06 vP499P1d6DwJjTa391xMnmpB5dLmXM+2dXCaW3dQ86GkFkO4 -----END CERTIFICATE-----Generated at Mon Jun 3 12:43:59 2024 by rpki-client on console-fra.rpki-client.org