$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/1-fnrO3z_J3MsdK87FX5mGM3WL8.roa File: 1-fnrO3z_J3MsdK87FX5mGM3WL8.roa (raw, json) Hash identifier: JX5ZkMy5ZJoJ6H1O4aA0AExwfl0U7fnvn2Tlq051ySg= Subject key identifier: D7:E7:E7:AC:ED:F3:FC:9D:CC:B1:D2:BC:EC:55:F9:98:63:37:58:BF Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 0C4A Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/1-fnrO3z_J3MsdK87FX5mGM3WL8.roa Signing time: Mon 15 Jan 2024 21:08:53 +0000 ROA not before: Mon 15 Jan 2024 21:08:53 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 24155 IP address blocks: 203.201.32.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Jun 2024 13:38:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3146 (0xc4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Jan 15 21:08:53 2024 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D7E7E7ACEDF3FC9DCCB1D2BCEC55F998633758BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:0b:49:b7:4a:9d:f7:2c:f9:c9:71:7a:ea:f7: 9d:78:b8:b5:5a:93:63:b2:73:d8:f0:54:58:90:07: 5a:83:4f:e2:bd:36:2b:bd:eb:0c:bb:be:0d:ce:57: 07:fa:e8:3f:9b:b9:ef:e2:7e:5f:74:f6:45:99:15: 74:b3:3e:17:6d:75:59:37:bb:cb:10:ca:e7:7e:4b: bd:9d:0c:e2:d8:9c:eb:f8:ce:47:ae:aa:a5:89:a1: b8:46:13:30:8c:fd:be:54:16:f0:86:71:22:d5:61: 5e:d1:d2:ec:36:a7:c8:06:a2:05:e5:e1:b0:4f:36: 49:16:1b:9f:a1:40:9a:e5:b8:5e:97:61:0b:f7:85: 97:83:78:dc:96:c0:9e:e3:c0:8f:e9:b8:f0:29:b2: ad:4e:c3:c1:68:ec:ad:25:72:10:24:64:19:67:94: bb:bb:e0:64:aa:71:ad:01:49:80:cc:54:b2:fc:fb: 74:dd:d7:ac:8c:42:37:44:a3:3c:1b:89:77:89:36: 19:f6:56:0a:4e:c7:9b:e9:a9:6d:12:32:ba:99:09: f2:c7:15:28:75:59:67:12:48:91:32:e7:8c:f4:78: b6:73:f8:dd:2d:91:39:65:9b:57:41:0c:77:94:1a: b7:80:f3:59:d4:77:61:85:80:24:77:fb:d6:7f:0a: 7b:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:E7:E7:AC:ED:F3:FC:9D:CC:B1:D2:BC:EC:55:F9:98:63:37:58:BF X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/1-fnrO3z_J3MsdK87FX5mGM3WL8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.201.32.0/20 Signature Algorithm: sha256WithRSAEncryption 7e:4f:e0:b0:8f:7c:a8:6f:86:32:d3:26:5c:02:c3:29:53:5f: cc:6d:e8:be:e3:eb:36:6a:84:33:eb:08:d4:d1:5b:a7:cf:88: 70:b5:45:92:94:4a:5a:73:a4:5c:fe:b7:29:d2:6f:54:aa:87: ec:53:55:84:d4:1d:c9:dd:8a:ee:2d:47:c9:ee:4f:d0:8b:cd: d9:8d:8a:fb:8f:64:1c:75:68:a8:e0:9e:09:56:e0:92:2c:76: 52:b7:91:33:f9:47:88:53:d0:79:6d:fd:76:ba:a6:fb:59:72: 9c:b1:44:dc:5e:b1:cf:12:05:6e:78:9d:ad:10:26:96:bb:b8: 22:a3:37:8f:f5:61:69:01:1a:05:20:41:20:cd:11:48:48:ad: 24:e2:9a:5b:49:1c:04:55:a6:9a:c3:ef:ff:99:5a:c3:23:7e: c1:14:31:72:29:ef:07:df:39:c3:97:ac:94:97:55:2e:9e:41: a8:10:c3:c9:bb:6f:4a:4d:26:65:eb:a7:60:53:47:69:4c:03: 1b:9b:a5:68:4e:56:b7:5d:b8:f8:49:aa:a4:30:41:15:e1:0d: c5:06:a6:f4:a2:a8:78:f0:cf:f0:ee:09:3f:64:35:ab:fa:08: 81:31:a5:e5:29:0d:c8:e3:bf:5e:b1:94:b6:8f:44:59:66:6a: c5:1c:f5:d2 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy MTA4NTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ3RTdFN0FDRURGM0ZD OURDQ0IxRDJCQ0VDNTVGOTk4NjMzNzU4QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClC0m3Sp33LPnJcXrq9514uLVak2Oyc9jwVFiQB1qDT+K9Niu9 6wy7vg3OVwf66D+bue/ifl909kWZFXSzPhdtdVk3u8sQyud+S72dDOLYnOv4zkeu qqWJobhGEzCM/b5UFvCGcSLVYV7R0uw2p8gGogXl4bBPNkkWG5+hQJrluF6XYQv3 hZeDeNyWwJ7jwI/puPApsq1Ow8Fo7K0lchAkZBlnlLu74GSqca0BSYDMVLL8+3Td 16yMQjdEozwbiXeJNhn2VgpOx5vpqW0SMrqZCfLHFSh1WWcSSJEy54z0eLZz+N0t kTllm1dBDHeUGreA81nUd2GFgCR3+9Z/Cnu/AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU1+fnrO3z/J3MsdK87FX5mGM3WL8wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzEtZm5yTzN6X0ozTXNkSzg3Rlg1bUdN M1dMOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATLySAwDQYJ KoZIhvcNAQELBQADggEBAH5P4LCPfKhvhjLTJlwCwylTX8xt6L7j6zZqhDPrCNTR W6fPiHC1RZKUSlpzpFz+tynSb1Sqh+xTVYTUHcndiu4tR8nuT9CLzdmNivuPZBx1 aKjgnglW4JIsdlK3kTP5R4hT0Hlt/Xa6pvtZcpyxRNxesc8SBW54na0QJpa7uCKj N4/1YWkBGgUgQSDNEUhIrSTimltJHARVpprD7/+ZWsMjfsEUMXIp7wffOcOXrJSX VS6eQagQw8m7b0pNJmXrp2BTR2lMAxubpWhOVrdduPhJqqQwQRXhDcUGpvSiqHjw z/DuCT9kNav6CIExpeUpDcjjv16xlLaPRFlmasUc9dI= -----END CERTIFICATE-----Generated at Sun Jun 2 19:20:43 2024 by rpki-client on console-fra.rpki-client.org