$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/dBC4To7P36eQMXre0jpc6i5o0dc.roa File: dBC4To7P36eQMXre0jpc6i5o0dc.roa (raw, json) Hash identifier: apHA3SoEerktdln/GxIy/kbqAk0hZSLpeWz8yzXAGD0= Subject key identifier: 74:10:B8:4E:8E:CF:DF:A7:90:31:7A:DE:D2:3A:5C:EA:2E:68:D1:D7 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 0DAE Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/dBC4To7P36eQMXre0jpc6i5o0dc.roa Signing time: Mon 15 Jan 2024 21:30:07 +0000 ROA not before: Mon 15 Jan 2024 21:30:07 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 9922 IP address blocks: 124.218.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 20:29:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3502 (0xdae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Jan 15 21:30:07 2024 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=7410B84E8ECFDFA790317ADED23A5CEA2E68D1D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fc:13:b3:b8:ac:47:4a:b1:b0:34:9f:68:36:ef: e9:b8:6f:f1:f1:ec:f7:cb:7b:e2:c3:27:12:de:f6: 1c:5d:60:71:c0:2c:8f:f8:d8:48:c6:b5:98:1b:6f: 86:af:9f:d8:43:23:e3:29:54:1e:8b:8e:aa:78:ed: 08:d0:37:cf:54:a4:79:9b:47:14:3f:5e:8a:77:e4: 3e:a7:e1:1c:51:13:71:33:8b:fb:25:f6:89:42:60: bd:94:4a:32:49:ea:e6:e2:e2:13:8b:81:fa:61:24: 8a:8e:e6:98:c2:c4:7a:47:92:77:99:e4:dc:4f:52: da:2b:e6:11:e2:fd:67:3f:1c:8b:6e:c5:fe:9b:13: d9:e2:84:b1:d8:ee:c4:2b:46:aa:34:2d:6b:fb:5f: da:2f:6a:aa:5d:4f:f5:5c:9a:e6:23:13:6a:25:a6: c3:98:6a:b4:f1:bd:a0:95:b4:20:af:c9:ff:a5:51: a8:6d:65:32:ed:9d:fc:4b:df:56:68:87:c4:23:ef: a1:24:25:d6:4c:e3:d7:a0:4c:01:78:2d:ba:41:e4: f6:97:26:33:cf:b7:99:46:33:07:d0:3c:fd:0c:99: d0:ba:57:f7:dc:9b:6f:ce:eb:d6:0b:22:e3:4d:ee: 1b:aa:90:40:0d:f5:33:f9:d4:16:66:85:1a:7d:97: f9:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:10:B8:4E:8E:CF:DF:A7:90:31:7A:DE:D2:3A:5C:EA:2E:68:D1:D7 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/dBC4To7P36eQMXre0jpc6i5o0dc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.64.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:7e:f2:e4:37:dd:f3:31:d3:fc:81:3c:46:60:da:f1:b9:41: 13:c1:eb:f2:ba:1f:4c:ac:fc:99:83:b2:88:38:b8:6b:25:cc: 2f:04:42:60:52:85:27:93:0b:03:ce:19:f4:90:5e:79:ee:1c: 70:3c:3f:23:a5:a8:54:38:ee:8c:4d:fe:8e:6c:af:6d:fe:6d: 86:a8:88:bb:de:9c:c6:16:93:8b:12:1f:33:04:6e:f5:5d:87: 4e:4c:f6:c8:72:6b:a2:d0:03:d6:25:3e:ca:b5:1f:36:1f:4b: 01:a0:7a:85:52:1a:f6:3c:3c:b1:f6:3a:7a:3e:a7:07:f9:48: c9:50:48:78:b1:69:bc:6c:92:e4:c8:0b:23:eb:30:19:2f:e1: 8b:0e:8f:d8:18:ab:80:7a:ba:61:3a:57:be:bb:f6:19:92:04: 64:44:f9:2c:f1:e8:80:9a:a6:99:04:7c:9f:88:49:dc:06:fe: aa:7d:02:06:8f:38:70:e2:96:50:07:1a:97:72:2f:34:1b:1a: 6f:bd:b7:92:9e:9a:73:aa:3a:9a:44:57:12:3c:d6:90:72:80: 96:c1:da:c9:a0:1f:9d:ef:5a:3c:d7:d5:1e:43:64:7c:93:92: 81:8d:68:ef:7f:74:49:6c:58:94:16:9d:ba:fd:f1:e6:18:39: 5f:ce:e9:a5 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy MTMwMDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDc0MTBCODRFOEVDRkRG QTc5MDMxN0FERUQyM0E1Q0VBMkU2OEQxRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD8E7O4rEdKsbA0n2g27+m4b/Hx7PfLe+LDJxLe9hxdYHHALI/4 2EjGtZgbb4avn9hDI+MpVB6Ljqp47QjQN89UpHmbRxQ/Xop35D6n4RxRE3Ezi/sl 9olCYL2USjJJ6ubi4hOLgfphJIqO5pjCxHpHkneZ5NxPUtor5hHi/Wc/HItuxf6b E9nihLHY7sQrRqo0LWv7X9ovaqpdT/VcmuYjE2olpsOYarTxvaCVtCCvyf+lUaht ZTLtnfxL31Zoh8Qj76EkJdZM49egTAF4LbpB5PaXJjPPt5lGMwfQPP0MmdC6V/fc m2/O69YLIuNN7huqkEAN9TP51BZmhRp9l/lhAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUdBC4To7P36eQMXre0jpc6i5o0dcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2RCQzRUbzdQMzZlUU1YcmUwanBjNmk1 bzBkYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82kAwDQYJ KoZIhvcNAQELBQADggEBAGp+8uQ33fMx0/yBPEZg2vG5QRPB6/K6H0ys/JmDsog4 uGslzC8EQmBShSeTCwPOGfSQXnnuHHA8PyOlqFQ47oxN/o5sr23+bYaoiLvenMYW k4sSHzMEbvVdh05M9shya6LQA9YlPsq1HzYfSwGgeoVSGvY8PLH2Ono+pwf5SMlQ SHixabxskuTICyPrMBkv4YsOj9gYq4B6umE6V7679hmSBGRE+Szx6ICappkEfJ+I SdwG/qp9AgaPOHDillAHGpdyLzQbGm+9t5KemnOqOppEVxI81pBygJbB2smgH53v WjzX1R5DZHyTkoGNaO9/dElsWJQWnbr98eYYOV/O6aU= -----END CERTIFICATE-----Generated at Mon May 20 08:58:19 2024 by rpki-client on console-ams.rpki-client.org