$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/izxRF-KiwA4mKed5PhL-KqxrQr0.roa File: izxRF-KiwA4mKed5PhL-KqxrQr0.roa (raw, json) Hash identifier: kTUg7MpgUj3/k/F34+Z9HwhGLd6tTm3sIfw8SrGpOZ4= Subject key identifier: 8B:3C:51:17:E2:A2:C0:0E:26:29:E7:79:3E:12:FE:2A:AC:6B:42:BD Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 0DCA Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/izxRF-KiwA4mKed5PhL-KqxrQr0.roa Signing time: Mon 15 Jan 2024 21:30:49 +0000 ROA not before: Mon 15 Jan 2024 21:30:49 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 17709 IP address blocks: 43.240.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 20:29:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3530 (0xdca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Jan 15 21:30:49 2024 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=8B3C5117E2A2C00E2629E7793E12FE2AAC6B42BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:cb:73:d1:f7:b3:b0:cd:8e:00:ee:0e:bf:83: df:53:99:8a:10:b7:2a:4f:83:1c:69:4b:41:b9:42: 6e:d7:74:b8:7e:2f:aa:5c:e0:8a:8f:9f:0e:8f:d5: 41:15:65:f2:18:60:81:6c:e2:7e:01:be:60:44:08: 00:0c:25:eb:cb:7a:b3:3b:d3:66:5d:28:71:48:9e: e5:86:0d:63:9b:1e:ce:d8:10:e8:af:69:08:5e:9f: 3c:66:19:23:56:34:2b:83:9c:5a:04:b3:55:3c:76: bf:e3:eb:07:45:f2:ab:8d:c5:eb:85:5d:bc:5d:03: dd:17:89:4b:78:0f:38:f4:f3:c1:f4:fa:11:9f:97: 72:06:32:a8:a3:82:33:c2:7e:21:25:57:89:07:60: fa:dc:83:99:7f:50:f9:23:f1:b9:ef:c3:47:bc:9f: cc:b8:8b:fd:13:e2:98:23:8d:22:48:18:2e:ea:e1: 98:87:66:78:11:0a:a1:db:54:f7:cb:99:c8:4c:e2: e6:6a:c8:89:55:f3:c6:6a:01:70:2d:02:16:e3:67: 80:23:21:d3:b4:53:b4:ef:a7:0d:8f:e3:b2:2b:be: 15:21:1a:42:76:c8:76:2d:bb:d9:d3:d0:de:9b:87: 52:79:6a:7b:e9:e4:78:58:96:12:e3:e8:3d:9d:d4: 11:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:3C:51:17:E2:A2:C0:0E:26:29:E7:79:3E:12:FE:2A:AC:6B:42:BD X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/izxRF-KiwA4mKed5PhL-KqxrQr0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.240.104.0/22 Signature Algorithm: sha256WithRSAEncryption 1c:b5:73:33:ff:35:b0:1a:ac:c3:0e:c1:a3:e0:d3:2f:81:4a: 7f:99:db:a9:02:fb:f8:8c:a7:29:9c:c2:b9:76:68:07:6b:d8: 52:b8:59:bc:35:1f:2f:81:62:32:3c:ef:0d:d0:b6:08:28:bf: da:5e:92:e7:27:29:ce:c8:ed:b9:c2:9e:c5:34:94:f6:2a:f9: c5:0b:69:de:0d:2f:30:af:74:cf:02:ea:ab:b2:c8:61:a1:25: d1:ee:d3:fd:6c:aa:57:00:12:d8:ae:c9:35:c2:d5:4f:c7:93: ad:a9:e4:2a:56:53:51:5b:1e:73:19:8d:ad:15:d2:74:09:ba: 1a:d2:d7:8b:77:52:2c:83:17:c7:59:4a:6e:3e:8f:c3:8e:54: dd:72:7c:4c:34:5b:bc:95:e5:b5:17:de:3c:63:ed:68:f7:c2: 34:75:7a:40:9c:4a:73:68:c5:99:f9:cd:a0:34:43:6b:cd:aa: 7a:09:92:a4:1c:de:e3:6b:1f:9a:56:56:e5:45:ca:30:eb:7a: 80:5f:ee:78:7b:94:61:9f:77:de:ec:b1:0e:ab:ed:cc:fd:d8: bf:78:eb:e8:c3:9d:70:f0:16:f1:1a:e9:c6:b8:55:dc:44:8d: 0a:11:90:96:f8:4f:7b:c5:56:5d:f9:ab:35:f6:d0:12:71:c6: 9c:24:d7:d3 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy MTMwNDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDhCM0M1MTE3RTJBMkMw MEUyNjI5RTc3OTNFMTJGRTJBQUM2QjQyQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUy3PR97OwzY4A7g6/g99TmYoQtypPgxxpS0G5Qm7XdLh+L6pc 4IqPnw6P1UEVZfIYYIFs4n4BvmBECAAMJevLerM702ZdKHFInuWGDWObHs7YEOiv aQhenzxmGSNWNCuDnFoEs1U8dr/j6wdF8quNxeuFXbxdA90XiUt4Dzj088H0+hGf l3IGMqijgjPCfiElV4kHYPrcg5l/UPkj8bnvw0e8n8y4i/0T4pgjjSJIGC7q4ZiH ZngRCqHbVPfLmchM4uZqyIlV88ZqAXAtAhbjZ4AjIdO0U7Tvpw2P47IrvhUhGkJ2 yHYtu9nT0N6bh1J5anvp5HhYlhLj6D2d1BHbAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUizxRF+KiwA4mKed5PhL+KqxrQr0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2l6eFJGLUtpd0E0bUtlZDVQaEwtS3F4 clFyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr8GgwDQYJ KoZIhvcNAQELBQADggEBABy1czP/NbAarMMOwaPg0y+BSn+Z26kC+/iMpymcwrl2 aAdr2FK4Wbw1Hy+BYjI87w3Qtggov9pekucnKc7I7bnCnsU0lPYq+cULad4NLzCv dM8C6quyyGGhJdHu0/1sqlcAEtiuyTXC1U/Hk62p5CpWU1FbHnMZja0V0nQJuhrS 14t3UiyDF8dZSm4+j8OOVN1yfEw0W7yV5bUX3jxj7Wj3wjR1ekCcSnNoxZn5zaA0 Q2vNqnoJkqQc3uNrH5pWVuVFyjDreoBf7nh7lGGfd97ssQ6r7cz92L946+jDnXDw FvEa6ca4VdxEjQoRkJb4T3vFVl35qzX20BJxxpwk19M= -----END CERTIFICATE-----Generated at Mon May 20 08:58:19 2024 by rpki-client on console-ams.rpki-client.org