$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/0OJOd28HR5XLakWSfNkuTVITxAw.roa File: 0OJOd28HR5XLakWSfNkuTVITxAw.roa (raw, json) Hash identifier: KOQV71VgTo3WNQ8+fLm1qceyOZwErvlTp6t/EnjGc/M= Subject key identifier: D0:E2:4E:77:6F:07:47:95:CB:6A:45:92:7C:D9:2E:4D:52:13:C4:0C Certificate issuer: /CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Certificate serial: 0181 Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/0OJOd28HR5XLakWSfNkuTVITxAw.roa Signing time: Fri 01 Sep 2023 08:30:01 +0000 ROA not before: Fri 01 Sep 2023 08:30:01 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 38047 IP address blocks: 2400:61a0:a055::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 21:40:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 385 (0x181) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Validity Not Before: Sep 1 08:30:01 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D0E24E776F074795CB6A45927CD92E4D5213C40C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:f8:8c:e2:cc:a0:bf:bd:36:48:1b:be:0e:46: a3:b6:ab:ae:3b:9a:e0:0b:7e:85:aa:cf:fb:7b:30: 01:98:26:50:71:2f:e9:62:3c:75:16:84:fe:87:4e: 73:eb:c3:07:f6:e0:ea:82:6f:c0:77:6d:ea:d9:be: 6b:0e:a1:1d:51:c6:cc:e9:4e:f2:8b:cc:6e:34:ed: 61:47:07:a9:0f:e5:8d:22:4f:57:a9:9e:6f:78:89: 29:22:97:b5:f2:c5:d2:3e:67:fb:cb:89:2f:4a:70: 6e:9a:35:1c:c2:05:88:94:22:61:40:bd:56:03:e2: 8e:66:5d:6f:f3:4e:70:9c:c8:4a:77:79:5f:3d:37: 7e:d9:d5:79:c5:1d:24:09:a2:fe:dd:1f:6f:80:29: 20:62:d7:0d:fa:60:bc:c9:5a:e4:a4:a2:0b:26:54: 40:38:83:5e:44:90:a9:0a:4a:eb:b6:0a:9b:01:17: 6f:a8:57:3e:63:33:bb:3d:eb:87:e8:29:cc:b1:24: 4e:c3:26:39:7f:35:de:65:ee:e5:3f:69:16:0a:c7: 37:ea:a7:d8:49:82:a0:86:ce:bf:56:b8:a0:8d:ec: d8:b1:db:b3:17:7d:e6:ff:d0:da:7e:bf:02:45:b4: 8b:03:38:c6:f5:4c:77:2c:fa:87:66:6e:f5:0d:44: ec:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:E2:4E:77:6F:07:47:95:CB:6A:45:92:7C:D9:2E:4D:52:13:C4:0C X509v3 Authority Key Identifier: keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/0OJOd28HR5XLakWSfNkuTVITxAw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:61a0:a055::/48 Signature Algorithm: sha256WithRSAEncryption 0e:09:90:64:b5:ea:41:7a:52:a4:5d:99:5e:b2:06:7c:ba:ce: a9:b4:9a:be:c9:5f:36:d2:3b:6f:9e:81:91:e4:0d:27:f3:3e: 84:6a:99:13:c0:7a:d5:14:aa:b3:6b:d2:a2:e5:87:ea:65:db: e7:95:09:2b:b9:33:f8:ae:a3:54:67:2c:9d:58:e1:39:b8:58: 80:98:fb:b6:22:04:a3:32:41:a0:26:d1:a3:fd:66:dd:ff:07: c9:46:61:b9:f8:77:0e:4e:55:28:18:a2:4d:2d:c0:6f:f6:50: a2:39:c3:ed:57:ee:bd:68:11:63:ae:6b:d5:6d:de:07:5b:5f: 73:91:3e:68:9d:c2:0f:02:d1:b4:e3:6f:83:14:57:93:c1:1b: b9:a2:af:36:13:af:7c:ee:85:6a:80:7e:d3:11:2d:45:34:25: 40:01:57:d1:e0:49:3b:05:e9:69:c3:df:8a:74:8c:96:11:74: dc:f0:e4:58:a6:fe:e5:3e:94:19:05:1e:13:2a:d4:e4:f6:f0: 8f:8a:3f:23:a1:99:44:b6:f7:a7:c5:6c:f8:8a:af:83:b0:85: b6:0a:0f:42:46:c3:7d:30:ef:2c:45:d6:f9:39:42:de:37:59: ae:43:4b:05:b1:93:5a:fd:ac:b0:f3:81:d1:7d:c7:56:a5:a7: 05:6a:89:35 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICAYEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJD ODQzOUZFMTlEOTlCMDM4MjcwMjA4Qzk0QjY2Q0EyMzFGRkVENTAeFw0yMzA5MDEw ODMwMDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQwRTI0RTc3NkYwNzQ3 OTVDQjZBNDU5MjdDRDkyRTRENTIxM0M0MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCV+IzizKC/vTZIG74ORqO2q647muALfoWqz/t7MAGYJlBxL+li PHUWhP6HTnPrwwf24OqCb8B3berZvmsOoR1RxszpTvKLzG407WFHB6kP5Y0iT1ep nm94iSkil7XyxdI+Z/vLiS9KcG6aNRzCBYiUImFAvVYD4o5mXW/zTnCcyEp3eV89 N37Z1XnFHSQJov7dH2+AKSBi1w36YLzJWuSkogsmVEA4g15EkKkKSuu2CpsBF2+o Vz5jM7s964foKcyxJE7DJjl/Nd5l7uU/aRYKxzfqp9hJgqCGzr9WuKCN7Nix27MX feb/0Np+vwJFtIsDOMb1THcs+odmbvUNROyzAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQU0OJOd28HR5XLakWSfNkuTVITxAwwHwYDVR0jBBgwFoAUq8hDn+GdmbA4JwII yUtmyiMf/tUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU RUwvcThoRG4tR2RtYkE0SndJSXlVdG15aU1mX3RVLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRFTC8wT0pPZDI4SFI1WExh a1dTZk5rdVRWSVR4QXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJABhoKBVMA0GCSqGSIb3DQEBCwUAA4IBAQAOCZBktepBelKkXZlesgZ8us6p tJq+yV820jtvnoGR5A0n8z6EapkTwHrVFKqza9Ki5YfqZdvnlQkruTP4rqNUZyyd WOE5uFiAmPu2IgSjMkGgJtGj/Wbd/wfJRmG5+HcOTlUoGKJNLcBv9lCiOcPtV+69 aBFjrmvVbd4HW19zkT5oncIPAtG042+DFFeTwRu5oq82E6987oVqgH7TES1FNCVA AVfR4Ek7Belpw9+KdIyWEXTc8ORYpv7lPpQZBR4TKtTk9vCPij8joZlEtvenxWz4 iq+DsIW2Cg9CRsN9MO8sRdb5OULeN1muQ0sFsZNa/ayw84HRfcdWpacFaok1 -----END CERTIFICATE-----Generated at Mon Jun 3 12:43:59 2024 by rpki-client on console-fra.rpki-client.org