$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/ngDM8dmq5UoaCQ0kYvZ_jSc1pHE.roa File: ngDM8dmq5UoaCQ0kYvZ_jSc1pHE.roa (raw, json) Hash identifier: D7IZjEd8Pn/MWM4Qx2NRO9VZxqRE4t8sl3+szIu8LDo= Subject key identifier: 9E:00:CC:F1:D9:AA:E5:4A:1A:09:0D:24:62:F6:7F:8D:27:35:A4:71 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 0CB4 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ngDM8dmq5UoaCQ0kYvZ_jSc1pHE.roa Signing time: Mon 15 Jan 2024 21:10:46 +0000 ROA not before: Mon 15 Jan 2024 21:10:46 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 24154 IP address blocks: 210.202.32.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 18:54:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3252 (0xcb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Jan 15 21:10:46 2024 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=9E00CCF1D9AAE54A1A090D2462F67F8D2735A471 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:27:fb:76:46:96:92:3e:8f:97:fa:ac:6a:f9: 91:19:0c:ce:c3:96:0a:51:4c:ce:5b:b3:c4:8d:64: 1f:ab:77:f7:dc:cd:f3:8f:26:73:d7:4f:c8:0f:ff: bf:53:3d:53:d5:a4:3e:12:47:00:3e:16:e7:42:13: ca:58:ee:5a:69:11:98:40:a5:e6:4f:43:52:d7:cc: bc:90:f7:21:2e:2d:77:f7:5e:d8:27:2f:9c:4f:85: b1:bc:0e:d6:ba:db:d2:8c:98:4e:41:f1:35:98:5b: 05:b3:6e:3a:d1:62:71:f4:c5:52:6e:87:ca:2b:ee: 5d:82:f6:2f:13:8f:da:91:3a:5a:b5:de:e6:b8:06: db:84:aa:ad:19:54:df:ec:46:27:a9:6f:ce:df:af: 59:85:ae:81:52:cb:71:45:2b:19:89:78:a5:a8:f5: ec:6b:31:37:c0:43:ff:6c:5a:8a:ef:51:c4:d1:7a: 53:a3:2a:e7:6d:5a:7b:0b:86:5c:39:e3:ea:c8:e0: e0:31:8e:59:d2:0c:d2:2d:c6:1d:6b:b9:0e:c3:74: c3:ed:1f:03:05:4e:03:1c:d9:9d:2b:b2:2a:96:54: b6:5b:ca:80:66:78:83:f5:e9:e7:c1:69:31:3d:c5: 01:ca:d1:5d:d7:4b:c3:c2:33:ed:dc:d8:20:ba:fe: 50:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:00:CC:F1:D9:AA:E5:4A:1A:09:0D:24:62:F6:7F:8D:27:35:A4:71 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ngDM8dmq5UoaCQ0kYvZ_jSc1pHE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.202.32.0/20 Signature Algorithm: sha256WithRSAEncryption 93:ee:bb:2c:21:f4:22:c3:31:06:dd:48:05:52:39:e3:4b:d9: 5f:62:b4:89:f4:75:d1:bf:4f:67:34:62:55:5b:19:8d:30:1d: c2:21:c0:ff:8d:09:f8:1d:8f:84:84:97:f3:c4:0d:12:9f:a5: 87:30:1a:31:21:a0:0d:6c:26:77:7e:53:55:f6:fa:d9:8e:45: 51:e0:eb:97:1a:66:af:d2:a8:a7:12:54:f4:a7:92:19:e7:96: 0a:7a:7e:a7:9a:3c:a9:13:63:b9:af:80:8e:8f:d0:fe:ec:df: 81:bb:93:d9:c9:94:16:12:88:be:ca:f8:2e:62:48:ac:3b:26: cc:36:46:e2:fe:33:5d:97:66:0a:f7:66:4a:11:73:6d:4a:e4: 07:48:b9:51:21:7e:09:34:a6:2f:9d:43:90:d6:9c:e5:57:52: 30:68:90:a9:f7:aa:c2:7f:f9:7a:f0:38:05:78:18:5b:36:f6: da:74:12:3c:f9:27:8b:2a:5f:35:64:1c:6d:34:72:a9:bd:af: 7e:28:b0:fa:94:bc:a0:ed:29:d4:5e:ef:c7:41:b9:6f:70:5f: 1a:23:67:60:a5:8b:ca:e4:ac:85:60:45:66:a6:c8:00:c3:48: 3e:1c:cd:c0:c7:be:27:58:ff:68:35:5e:1e:9d:ef:c7:8e:f0: e3:ab:00:36 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy MTEwNDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlFMDBDQ0YxRDlBQUU1 NEExQTA5MEQyNDYyRjY3RjhEMjczNUE0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOJ/t2RpaSPo+X+qxq+ZEZDM7DlgpRTM5bs8SNZB+rd/fczfOP JnPXT8gP/79TPVPVpD4SRwA+FudCE8pY7lppEZhApeZPQ1LXzLyQ9yEuLXf3Xtgn L5xPhbG8Dta629KMmE5B8TWYWwWzbjrRYnH0xVJuh8or7l2C9i8Tj9qROlq13ua4 BtuEqq0ZVN/sRiepb87fr1mFroFSy3FFKxmJeKWo9exrMTfAQ/9sWorvUcTRelOj KudtWnsLhlw54+rI4OAxjlnSDNItxh1ruQ7DdMPtHwMFTgMc2Z0rsiqWVLZbyoBm eIP16efBaTE9xQHK0V3XS8PCM+3c2CC6/lD/AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUngDM8dmq5UoaCQ0kYvZ/jSc1pHEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL25nRE04ZG1xNVVvYUNRMGtZdlpfalNj MXBIRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATSyiAwDQYJ KoZIhvcNAQELBQADggEBAJPuuywh9CLDMQbdSAVSOeNL2V9itIn0ddG/T2c0YlVb GY0wHcIhwP+NCfgdj4SEl/PEDRKfpYcwGjEhoA1sJnd+U1X2+tmORVHg65caZq/S qKcSVPSnkhnnlgp6fqeaPKkTY7mvgI6P0P7s34G7k9nJlBYSiL7K+C5iSKw7Jsw2 RuL+M12XZgr3ZkoRc21K5AdIuVEhfgk0pi+dQ5DWnOVXUjBokKn3qsJ/+XrwOAV4 GFs29tp0Ejz5J4sqXzVkHG00cqm9r34osPqUvKDtKdRe78dBuW9wXxojZ2Cli8rk rIVgRWamyADDSD4czcDHvidY/2g1Xh6d78eO8OOrADY= -----END CERTIFICATE-----Generated at Mon Jun 3 04:21:43 2024 by rpki-client on console-ams.rpki-client.org