$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/XzXzydxQoUff1dQ1ydZh2ZOcVq4.roa File: XzXzydxQoUff1dQ1ydZh2ZOcVq4.roa (raw, json) Hash identifier: E8BdCH2qPOHnc18RTtQNZWc9TTp73yxkO/wqCJ386cQ= Subject key identifier: 5F:35:F3:C9:DC:50:A1:47:DF:D5:D4:35:C9:D6:61:D9:93:9C:56:AE Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 0E12 Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XzXzydxQoUff1dQ1ydZh2ZOcVq4.roa Signing time: Fri 01 Sep 2023 08:49:16 +0000 ROA not before: Fri 01 Sep 2023 08:49:16 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 17809 IP address blocks: 121.254.96.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 01:40:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3602 (0xe12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Sep 1 08:49:16 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=5F35F3C9DC50A147DFD5D435C9D661D9939C56AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:8d:58:30:31:12:ed:15:0e:9b:a0:6c:f2:b5: 8b:d5:8c:66:97:a6:bc:2a:29:54:bd:18:82:8d:a6: bd:14:4f:d9:c4:5f:4a:d6:c1:47:31:50:a4:88:cd: 55:ec:70:e5:07:f3:9c:f4:ea:6a:26:d7:97:eb:f9: b5:43:92:52:9a:11:cf:87:27:f5:a5:20:76:51:1f: cb:cf:e6:87:5d:63:c6:aa:d8:19:4e:f8:29:58:ca: f7:47:1d:83:a4:be:ae:71:14:6d:70:65:dd:5f:40: 22:9e:be:8d:6d:c9:94:d8:e0:9f:93:69:7c:05:0c: 4f:85:9d:25:f9:c0:1e:f1:2d:2c:67:5d:33:e6:d7: 5f:72:39:2e:c3:fa:16:7e:bf:12:c4:b0:18:e5:d6: a3:8a:32:1f:b8:06:73:45:47:be:e7:0a:d5:91:f6: 5f:32:f1:fc:69:eb:87:56:25:33:0f:67:e5:24:fe: c7:8a:22:58:8e:d3:a3:da:80:2e:b2:3a:94:de:de: 3e:7c:11:20:6b:ee:5f:0b:03:45:58:15:9d:cd:fe: 76:09:3c:36:94:eb:7c:0e:83:19:56:e8:8a:c7:ae: 86:98:6e:61:e4:08:46:d7:53:ae:5a:50:d4:e1:db: 70:d4:8b:60:f1:81:cd:93:07:ab:12:06:4a:ca:46: 97:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:35:F3:C9:DC:50:A1:47:DF:D5:D4:35:C9:D6:61:D9:93:9C:56:AE X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XzXzydxQoUff1dQ1ydZh2ZOcVq4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 121.254.96.0/20 Signature Algorithm: sha256WithRSAEncryption b6:20:89:a2:ea:5e:8b:09:ee:84:dc:3c:30:84:6f:13:d8:a8: 29:4c:41:ac:5e:4e:39:a6:b1:76:97:54:59:66:f9:c0:15:a9: 7f:46:a8:ed:64:8c:ba:03:de:f4:e9:d8:7a:b9:1a:ff:c7:fc: ae:30:90:e9:9a:da:2f:91:3e:28:00:be:f2:8f:26:5b:fe:79: 62:f9:20:af:68:58:07:11:26:44:a2:ed:fc:6d:9c:e7:b2:48: fd:de:c2:17:43:ea:33:06:c2:a0:cc:90:9c:02:7f:ce:ef:88: a8:89:7b:4f:a0:47:49:cd:5a:a4:a6:2e:ab:09:6f:bb:90:9b: 66:08:07:d6:e8:a1:ab:80:d5:06:a0:01:ac:08:5d:b5:df:e2: 7b:ec:8f:29:7e:84:85:67:5b:a9:f0:66:04:46:60:dd:2d:f4: 7b:b7:2f:99:f6:47:96:e5:5f:71:fd:28:d3:97:d2:cf:0e:e1: 5a:16:90:97:c1:46:8a:f4:39:bb:bf:ca:c0:f8:a5:80:1b:31: a3:16:56:91:7a:8e:99:15:e7:94:26:6b:0f:fc:38:07:4f:e8: 75:0e:ad:4f:30:65:75:8a:09:29:84:29:c5:72:0f:89:88:31: af:78:5a:71:e4:aa:ac:9a:f6:1f:57:75:2d:5f:90:f4:c3:ad: 4d:01:b9:df -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDhIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw ODQ5MTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDVGMzVGM0M5REM1MEEx NDdERkQ1RDQzNUM5RDY2MUQ5OTM5QzU2QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqjVgwMRLtFQ6boGzytYvVjGaXprwqKVS9GIKNpr0UT9nEX0rW wUcxUKSIzVXscOUH85z06mom15fr+bVDklKaEc+HJ/WlIHZRH8vP5oddY8aq2BlO +ClYyvdHHYOkvq5xFG1wZd1fQCKevo1tyZTY4J+TaXwFDE+FnSX5wB7xLSxnXTPm 119yOS7D+hZ+vxLEsBjl1qOKMh+4BnNFR77nCtWR9l8y8fxp64dWJTMPZ+Uk/seK IliO06PagC6yOpTe3j58ESBr7l8LA0VYFZ3N/nYJPDaU63wOgxlW6IrHroaYbmHk CEbXU65aUNTh23DUi2Dxgc2TB6sSBkrKRpcdAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUXzXzydxQoUff1dQ1ydZh2ZOcVq4wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWHpYenlkeFFvVWZmMWRRMXlkWmgy Wk9jVnE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHn+YDAN BgkqhkiG9w0BAQsFAAOCAQEAtiCJoupeiwnuhNw8MIRvE9ioKUxBrF5OOaaxdpdU WWb5wBWpf0ao7WSMugPe9OnYerka/8f8rjCQ6ZraL5E+KAC+8o8mW/55Yvkgr2hY BxEmRKLt/G2c57JI/d7CF0PqMwbCoMyQnAJ/zu+IqIl7T6BHSc1apKYuqwlvu5Cb ZggH1uihq4DVBqABrAhdtd/ie+yPKX6EhWdbqfBmBEZg3S30e7cvmfZHluVfcf0o 05fSzw7hWhaQl8FGivQ5u7/KwPilgBsxoxZWkXqOmRXnlCZrD/w4B0/odQ6tTzBl dYoJKYQpxXIPiYgxr3haceSqrJr2H1d1LV+Q9MOtTQG53w== -----END CERTIFICATE-----Generated at Mon Jun 3 12:44:00 2024 by rpki-client on console-fra.rpki-client.org