$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/1rq_7YsktBHScXqabTA-a9ACfDA.roa File: 1rq_7YsktBHScXqabTA-a9ACfDA.roa (raw, json) Hash identifier: xh+m2KzznhJBglBFa5OUWWDfFBTXLKrHK1BuOt7LCL0= Subject key identifier: D6:BA:BF:ED:8B:24:B4:11:D2:71:7A:9A:6D:30:3E:6B:D0:02:7C:30 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 0D60 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/1rq_7YsktBHScXqabTA-a9ACfDA.roa Signing time: Mon 15 Jan 2024 21:26:15 +0000 ROA not before: Mon 15 Jan 2024 21:26:15 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 18419 IP address blocks: 124.218.0.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 20:29:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3424 (0xd60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Jan 15 21:26:15 2024 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D6BABFED8B24B411D2717A9A6D303E6BD0027C30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:40:bb:69:85:4f:37:ff:c1:b2:03:bf:3c:32: 2e:bc:b0:cc:15:6a:92:e1:1a:de:10:26:5c:b9:c1: 3e:d0:99:a4:81:ee:17:76:5e:af:87:ea:ed:f9:35: df:82:19:c9:e0:5b:3b:40:9c:c9:d9:03:32:ae:6f: d7:9d:84:61:da:cf:63:34:96:cb:aa:18:3d:dc:52: fe:60:9d:c3:64:da:7f:f1:66:49:cd:7c:98:eb:42: c6:bf:35:3c:8d:d2:64:a2:a0:36:3b:0a:50:f6:09: 3f:7e:3c:df:8c:00:1e:73:4e:03:8d:4d:7e:73:d1: e0:c6:16:bd:02:eb:20:2f:38:9c:06:30:a7:cc:83: 90:2c:b2:44:c7:9e:cf:f7:65:16:b2:00:7b:38:d4: 00:ea:10:21:d1:f8:e3:b2:c3:08:61:3e:2f:ca:a9: b9:2d:70:a2:8c:89:0d:a7:e2:8c:cc:0f:fe:76:b6: c3:35:56:65:70:30:79:71:7d:84:ae:69:32:fb:24: 30:b5:2a:f3:72:c2:d5:99:c5:b8:29:74:26:9d:53: 96:99:d5:b0:4f:41:7c:54:cc:75:f9:2f:9b:bb:44: 1c:78:11:29:2d:d4:e9:32:11:76:37:49:59:09:42: 3f:04:c0:de:27:d8:78:b4:4f:be:58:92:a9:89:c4: 81:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:BA:BF:ED:8B:24:B4:11:D2:71:7A:9A:6D:30:3E:6B:D0:02:7C:30 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/1rq_7YsktBHScXqabTA-a9ACfDA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.0.0/18 Signature Algorithm: sha256WithRSAEncryption 8d:20:6f:60:9c:2c:d9:17:c6:70:4c:d6:35:05:d7:cd:05:6a: e4:ff:75:df:82:bb:00:b8:41:b6:62:e6:fb:64:9d:2c:4d:85: 55:a1:2f:c9:49:7b:66:3a:ca:7a:6f:85:df:63:b9:50:1e:9a: c6:f2:eb:e4:ce:71:1c:4c:e5:a3:33:b1:48:de:27:ec:02:ba: a6:a0:a0:0d:d4:d7:3f:ca:ac:4a:20:c3:ad:39:fe:5e:dd:01: 76:d4:4a:85:f5:60:0f:99:9a:22:24:80:52:ed:11:a9:d2:15: 9b:65:d3:5a:4e:1b:ff:86:a5:64:b0:88:d2:93:ff:87:bd:9d: 77:25:9e:9b:8b:29:46:0a:9d:c0:0d:14:8f:48:20:0e:91:45: 81:a1:59:82:ec:27:9c:a0:34:78:b2:80:f5:24:d8:c0:26:0d: 8d:c9:d7:84:92:2c:1c:e5:da:4f:b2:fc:08:e1:de:64:94:61: 9d:1e:68:91:8f:98:a1:08:f6:d7:0d:f5:d5:40:17:da:4c:45: a4:b9:42:34:45:93:f0:03:9c:3f:60:5b:93:d8:9e:11:99:0b: 9d:e4:03:df:c6:c1:ff:46:e7:0f:b3:22:21:af:f8:de:d3:da: fb:5a:36:2e:95:72:0c:38:62:97:80:fb:c4:0e:ec:f3:2b:4f: 70:c7:a8:31 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDWAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy MTI2MTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ2QkFCRkVEOEIyNEI0 MTFEMjcxN0E5QTZEMzAzRTZCRDAwMjdDMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDxQLtphU83/8GyA788Mi68sMwVapLhGt4QJly5wT7QmaSB7hd2 Xq+H6u35Nd+CGcngWztAnMnZAzKub9edhGHaz2M0lsuqGD3cUv5gncNk2n/xZknN fJjrQsa/NTyN0mSioDY7ClD2CT9+PN+MAB5zTgONTX5z0eDGFr0C6yAvOJwGMKfM g5AsskTHns/3ZRayAHs41ADqECHR+OOywwhhPi/KqbktcKKMiQ2n4ozMD/52tsM1 VmVwMHlxfYSuaTL7JDC1KvNywtWZxbgpdCadU5aZ1bBPQXxUzHX5L5u7RBx4ESkt 1OkyEXY3SVkJQj8EwN4n2Hi0T75YkqmJxIFDAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU1rq/7YsktBHScXqabTA+a9ACfDAwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzFycV83WXNrdEJIU2NYcWFiVEEtYTlB Q2ZEQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ82gAwDQYJ KoZIhvcNAQELBQADggEBAI0gb2CcLNkXxnBM1jUF180FauT/dd+CuwC4QbZi5vtk nSxNhVWhL8lJe2Y6ynpvhd9juVAemsby6+TOcRxM5aMzsUjeJ+wCuqagoA3U1z/K rEogw605/l7dAXbUSoX1YA+ZmiIkgFLtEanSFZtl01pOG/+GpWSwiNKT/4e9nXcl npuLKUYKncANFI9IIA6RRYGhWYLsJ5ygNHiygPUk2MAmDY3J14SSLBzl2k+y/Ajh 3mSUYZ0eaJGPmKEI9tcN9dVAF9pMRaS5QjRFk/ADnD9gW5PYnhGZC53kA9/Gwf9G 5w+zIiGv+N7T2vtaNi6Vcgw4YpeA+8QO7PMrT3DHqDE= -----END CERTIFICATE-----Generated at Mon May 20 08:58:19 2024 by rpki-client on console-ams.rpki-client.org