$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCT/1MdRs5z3c8zgpXeSpWz5CEYA8rI.roa File: 1MdRs5z3c8zgpXeSpWz5CEYA8rI.roa (raw, json) Hash identifier: GOJv165qqcIcr/AfHhXvCXIro2z36kOTrBbOPQ2XWjI= Subject key identifier: D4:C7:51:B3:9C:F7:73:CC:E0:A5:77:92:A5:6C:F9:08:46:00:F2:B2 Certificate issuer: /CN=9B062D74C7F512F04AE60955C5456FC19755337F Certificate serial: 0B2B Authority key identifier: 9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/1MdRs5z3c8zgpXeSpWz5CEYA8rI.roa Signing time: Fri 01 Sep 2023 08:34:45 +0000 ROA not before: Fri 01 Sep 2023 08:34:45 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131601 IP address blocks: 103.252.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 01:35:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2859 (0xb2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9B062D74C7F512F04AE60955C5456FC19755337F Validity Not Before: Sep 1 08:34:45 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D4C751B39CF773CCE0A57792A56CF9084600F2B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:de:a1:a8:c6:90:31:63:46:d8:7e:97:c8:9b: eb:32:4e:20:42:35:f4:cf:d4:0a:4a:a4:8d:aa:6b: 0f:03:19:57:f0:e8:f9:6c:37:c1:1a:84:e9:c1:19: a7:d8:bb:6e:f2:c6:28:a2:eb:7b:d8:50:75:80:b8: 61:a2:45:ae:16:51:f7:dd:90:73:88:43:a9:80:f8: 48:73:c5:a3:40:4c:f5:2c:a0:21:94:71:40:50:40: 27:f4:79:c0:48:fa:b5:35:69:fd:80:e3:04:c8:bd: 07:c2:9f:19:52:e1:d4:2b:f9:0c:14:f3:45:6d:a3: 20:9b:2a:8c:88:92:08:fa:1e:84:f1:78:2b:24:44: 58:a0:fa:61:d3:d8:75:13:10:a8:7f:1c:29:4c:db: 96:cf:21:aa:76:e5:cc:28:9a:14:40:cf:7f:29:5c: 92:60:fb:82:6b:71:d0:8e:52:40:eb:00:cd:16:6b: 73:5c:0f:69:14:82:1b:fd:e9:5e:11:63:04:14:c8: 41:de:26:47:3e:cf:d6:47:7e:10:a8:2a:72:8d:d9: 07:1b:21:28:ae:a3:3f:cf:bc:60:fe:f9:7e:d4:38: 48:d6:8c:39:cc:44:78:37:19:90:b0:7b:57:a8:45: ff:4b:65:03:e0:5d:c9:2c:90:8c:63:14:98:a4:f2: 76:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:C7:51:B3:9C:F7:73:CC:E0:A5:77:92:A5:6C:F9:08:46:00:F2:B2 X509v3 Authority Key Identifier: keyid:9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/1MdRs5z3c8zgpXeSpWz5CEYA8rI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.252.196.0/22 Signature Algorithm: sha256WithRSAEncryption ac:5c:5f:72:ff:42:83:19:a0:d9:e3:28:00:c1:c3:8d:f1:35: b8:2a:29:a2:c0:b6:3c:af:be:d7:60:5c:5f:29:27:f9:8b:f9: 3a:a3:de:50:78:35:d8:31:f9:ce:22:7f:83:85:c1:f0:d1:98: 3e:0f:cb:8d:80:fe:c8:b0:7e:76:e8:e8:54:a4:cb:f8:09:01: ca:68:86:a9:a5:89:c8:9b:92:b7:ca:f6:8b:47:ba:d0:75:0a: 2a:2a:d8:2c:0d:44:46:ef:c4:6e:4e:94:1d:59:14:e9:d3:f7: be:48:4c:88:d7:b8:a9:c4:a5:05:5d:3a:16:af:b8:3b:a8:96: 2d:da:7c:d2:98:9b:ef:75:46:01:8f:5b:12:55:e2:8f:10:81: 98:82:ec:6d:30:9b:1b:41:c2:f0:93:af:69:4e:b0:6e:d2:30: 22:44:89:1d:bc:ba:6c:7b:d1:57:73:b7:7f:87:a8:98:a8:24: 57:be:83:89:5a:7d:59:66:b5:c8:77:f6:8c:3e:61:0f:16:65: 42:6c:80:e5:55:7c:af:e0:57:38:ee:ba:4e:d4:7b:86:d5:6e: 74:a9:b0:9e:ec:93:21:a7:28:c9:1a:33:e5:47:e2:65:85:01: cc:8f:e6:f3:50:88:bf:ca:5c:aa:ac:64:6d:9b:2c:a9:38:0c: f2:9b:7d:b9 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICCyswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUIw NjJENzRDN0Y1MTJGMDRBRTYwOTU1QzU0NTZGQzE5NzU1MzM3RjAeFw0yMzA5MDEw ODM0NDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ0Qzc1MUIzOUNGNzcz Q0NFMEE1Nzc5MkE1NkNGOTA4NDYwMEYyQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCY3qGoxpAxY0bYfpfIm+syTiBCNfTP1ApKpI2qaw8DGVfw6Pls N8EahOnBGafYu27yxiii63vYUHWAuGGiRa4WUffdkHOIQ6mA+EhzxaNATPUsoCGU cUBQQCf0ecBI+rU1af2A4wTIvQfCnxlS4dQr+QwU80VtoyCbKoyIkgj6HoTxeCsk RFig+mHT2HUTEKh/HClM25bPIap25cwomhRAz38pXJJg+4JrcdCOUkDrAM0Wa3Nc D2kUghv96V4RYwQUyEHeJkc+z9ZHfhCoKnKN2QcbISiuoz/PvGD++X7UOEjWjDnM RHg3GZCwe1eoRf9LZQPgXckskIxjFJik8nb5AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU1MdRs5z3c8zgpXeSpWz5CEYA8rIwHwYDVR0jBBgwFoAUmwYtdMf1EvBK5glV xUVvwZdVM38wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL213 WXRkTWYxRXZCSzVnbFZ4VVZ2d1pkVk0zOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev bXdZdGRNZjFFdkJLNWdsVnhVVnZ3WmRWTTM4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRENULzFNZFJzNXozYzh6Z3BYZVNwV3o1Q0VZ QThySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/MQwDQYJ KoZIhvcNAQELBQADggEBAKxcX3L/QoMZoNnjKADBw43xNbgqKaLAtjyvvtdgXF8p J/mL+Tqj3lB4Ndgx+c4if4OFwfDRmD4Py42A/siwfnbo6FSky/gJAcpohqmlicib krfK9otHutB1Cioq2CwNREbvxG5OlB1ZFOnT975ITIjXuKnEpQVdOhavuDuoli3a fNKYm+91RgGPWxJV4o8QgZiC7G0wmxtBwvCTr2lOsG7SMCJEiR28umx70Vdzt3+H qJioJFe+g4lafVlmtch39ow+YQ8WZUJsgOVVfK/gVzjuuk7Ue4bVbnSpsJ7skyGn KMkaM+VH4mWFAcyP5vNQiL/KXKqsZG2bLKk4DPKbfbk= -----END CERTIFICATE-----Generated at Fri May 31 23:15:48 2024 by rpki-client on console-ams.rpki-client.org