$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/rOHL03Ok-TWcyhQdH2zIma_vcXg.roa File: rOHL03Ok-TWcyhQdH2zIma_vcXg.roa (raw, json) Hash identifier: 62BZlKTZtUhS9Zh47x94RczVB3XLfXCP+U5fl7PH3Po= Subject key identifier: AC:E1:CB:D3:73:A4:F9:35:9C:CA:14:1D:1F:6C:C8:99:AF:EF:71:78 Certificate issuer: /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477 Certificate serial: 0BD4 Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/rOHL03Ok-TWcyhQdH2zIma_vcXg.roa Signing time: Mon 11 Mar 2024 07:45:44 +0000 ROA not before: Mon 11 Mar 2024 07:45:44 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131662 IP address blocks: 103.135.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 21:09:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3028 (0xbd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477 Validity Not Before: Mar 11 07:45:44 2024 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=ACE1CBD373A4F9359CCA141D1F6CC899AFEF7178 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:b7:4a:4d:28:ba:4d:5e:01:8f:23:cb:55:35: 6c:d9:f3:53:09:7a:14:05:e3:09:15:4b:48:96:5c: da:25:d1:67:bb:92:29:de:4b:2b:22:6b:7d:6d:13: 02:34:c8:ed:cf:5e:3b:3e:f1:78:e2:f2:d7:75:bf: 23:3f:36:28:ad:ff:0c:1f:f2:fd:ef:18:f4:84:8b: 44:45:04:a4:7e:f9:13:c2:c8:45:39:56:e6:7b:c1: 11:95:f5:79:a1:56:07:f7:e2:d9:bb:7e:c3:09:26: 06:8d:03:6c:99:d4:53:70:09:d8:6a:f2:aa:19:2b: 01:87:a8:67:98:5e:b7:3e:c1:b8:b3:d1:7b:8b:86: 27:32:c7:c4:d3:95:72:21:56:85:e8:1a:5e:10:03: 67:85:f3:5f:20:2d:8a:13:11:49:0e:11:28:13:dc: 0d:ce:06:fd:fe:cd:2d:5a:3d:04:ac:ec:29:c5:0c: d9:2b:6a:be:98:e4:71:be:8e:2f:14:44:26:86:76: 3f:bb:40:78:d6:9c:51:8b:10:75:49:0d:93:a5:9b: 80:3a:1d:1c:79:96:da:c7:b9:4e:9c:6a:c2:d8:51: 45:a4:30:02:78:ff:33:4d:4d:25:40:e6:6a:8b:b1: 08:42:c5:ee:e8:8f:56:5c:fb:f4:11:33:2a:87:6d: 08:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:E1:CB:D3:73:A4:F9:35:9C:CA:14:1D:1F:6C:C8:99:AF:EF:71:78 X509v3 Authority Key Identifier: keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/rOHL03Ok-TWcyhQdH2zIma_vcXg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.135.17.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:cb:a9:16:fc:79:0e:96:03:30:1a:65:11:a9:cf:5b:af:c3: 16:20:48:af:80:f4:3a:d5:94:46:c7:ad:b3:b9:86:7d:5a:9e: 54:3f:9c:a7:07:b2:08:bb:50:94:5e:47:f2:20:39:e3:f1:6b: cc:5e:97:e3:61:44:db:11:8a:2d:b4:93:fc:44:50:80:ce:63: 19:74:d0:df:db:98:7d:43:f2:37:c5:bd:f3:bb:a9:7e:10:5e: 4c:86:81:c7:9c:55:a2:06:87:fd:41:6f:b9:97:5a:08:a1:d4: 3d:97:e9:e0:ae:8c:0e:61:ab:7d:df:08:57:37:4d:bd:32:9a: 3f:f6:2a:64:ef:7e:be:99:df:54:13:7e:ec:c2:83:86:13:0e: b2:1f:92:1a:bf:95:13:e6:d6:7f:65:be:95:a9:b8:c7:fd:45: bd:32:81:2a:a8:02:a4:c6:46:1d:2a:fe:70:28:e7:9d:1f:b9: 59:d0:3b:d0:06:a8:e1:20:a5:0a:09:7b:67:e8:5f:31:0e:79: e3:2e:cf:fb:d5:b2:80:c0:bc:14:22:c5:b1:6b:34:32:f2:18: 09:fe:12:6f:6d:1f:63:3f:53:e4:20:3b:07:96:ed:e2:b6:73: 25:12:9c:e0:57:58:61:b9:92:3c:7c:cb:41:b7:3a:ee:6d:4c: 8f:49:3f:26 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICC9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yNDAzMTEw NzQ1NDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFDRTFDQkQzNzNBNEY5 MzU5Q0NBMTQxRDFGNkNDODk5QUZFRjcxNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMt0pNKLpNXgGPI8tVNWzZ81MJehQF4wkVS0iWXNol0We7kine Sysia31tEwI0yO3PXjs+8Xji8td1vyM/Niit/wwf8v3vGPSEi0RFBKR++RPCyEU5 VuZ7wRGV9XmhVgf34tm7fsMJJgaNA2yZ1FNwCdhq8qoZKwGHqGeYXrc+wbiz0XuL hicyx8TTlXIhVoXoGl4QA2eF818gLYoTEUkOESgT3A3OBv3+zS1aPQSs7CnFDNkr ar6Y5HG+ji8URCaGdj+7QHjWnFGLEHVJDZOlm4A6HRx5ltrHuU6casLYUUWkMAJ4 /zNNTSVA5mqLsQhCxe7oj1Zc+/QRMyqHbQhNAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUrOHL03Ok+TWcyhQdH2zIma/vcXgwHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vck9ITDAzT2stVFdjeWhR ZEgyekltYV92Y1hnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGeHETANBgkqhkiG9w0BAQsFAAOCAQEAXsupFvx5DpYDMBplEanPW6/DFiBIr4D0 OtWURsets7mGfVqeVD+cpweyCLtQlF5H8iA54/FrzF6X42FE2xGKLbST/ERQgM5j GXTQ39uYfUPyN8W987upfhBeTIaBx5xVogaH/UFvuZdaCKHUPZfp4K6MDmGrfd8I VzdNvTKaP/YqZO9+vpnfVBN+7MKDhhMOsh+SGr+VE+bWf2W+lam4x/1FvTKBKqgC pMZGHSr+cCjnnR+5WdA70Aao4SClCgl7Z+hfMQ554y7P+9WygMC8FCLFsWs0MvIY Cf4Sb20fYz9T5CA7B5bt4rZzJRKc4FdYYbmSPHzLQbc67m1Mj0k/Jg== -----END CERTIFICATE-----Generated at Mon May 6 16:42:12 2024 by rpki-client on console-ams.rpki-client.org