$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GTT/oLx6QWzzTKsAF5t909uiO5KoW84.roa File: oLx6QWzzTKsAF5t909uiO5KoW84.roa (raw, json) Hash identifier: cCk7GJycLnLO91PqoarVsLqMiNZx34Ezz/l5ORDBnPs= Subject key identifier: A0:BC:7A:41:6C:F3:4C:AB:00:17:9B:7D:D3:DB:A2:3B:92:A8:5B:CE Certificate issuer: /CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A Certificate serial: 0B23 Authority key identifier: B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/oLx6QWzzTKsAF5t909uiO5KoW84.roa Signing time: Fri 01 Sep 2023 08:55:27 +0000 ROA not before: Fri 01 Sep 2023 08:55:27 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 9416 IP address blocks: 203.118.224.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Jun 2024 13:38:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2851 (0xb23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A Validity Not Before: Sep 1 08:55:27 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=A0BC7A416CF34CAB00179B7DD3DBA23B92A85BCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:2a:37:0a:97:4e:e5:28:3a:2c:bf:6b:24:22: 39:8d:df:35:50:3a:09:c1:20:16:28:3d:cc:2f:2e: 43:d7:5f:7c:bc:ca:3e:23:17:7a:b9:0a:05:84:7f: d0:12:40:7a:3b:a8:da:c2:a7:db:29:46:fc:1e:c9: 67:67:93:7f:3e:0b:5c:94:a6:8a:27:f8:1e:34:aa: bd:72:26:f3:5a:d7:5a:23:d8:0e:11:9a:52:09:03: 45:38:48:9d:c4:63:39:d9:bc:eb:18:f8:e7:e0:32: d5:0b:8c:70:dd:c4:94:3b:10:09:ee:8d:67:44:04: 7a:47:93:9f:b2:fe:0e:41:e0:10:05:e6:cd:b4:8c: 4d:13:e4:37:d4:4b:4c:c3:b6:4d:e4:2b:bf:d3:d5: 1c:ca:11:64:d4:68:d4:40:2d:fc:c5:84:4d:d0:20: 30:f5:8a:fd:17:cd:ca:c8:aa:a1:71:52:70:25:59: aa:63:fa:90:b7:4b:77:27:0a:4d:63:4e:64:2c:2d: 79:10:09:93:09:7d:dd:8e:9f:26:15:89:60:c9:a3: 46:80:67:f5:13:80:96:7c:4d:f3:07:35:35:42:e8: eb:95:d3:a7:a1:0b:09:49:e7:b7:30:32:d9:69:fe: 3b:91:14:da:25:68:58:04:e9:9f:a5:d9:8d:8e:6d: 24:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:BC:7A:41:6C:F3:4C:AB:00:17:9B:7D:D3:DB:A2:3B:92:A8:5B:CE X509v3 Authority Key Identifier: keyid:B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/oLx6QWzzTKsAF5t909uiO5KoW84.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.118.224.0/20 Signature Algorithm: sha256WithRSAEncryption 0d:73:a3:59:87:8d:33:2e:3c:5c:a4:33:ae:ca:80:a8:95:1e: e6:0b:1f:63:9a:d0:7a:cd:a1:db:48:db:2c:f8:5a:e8:56:5e: ff:62:0e:d9:65:69:1d:fa:66:33:2d:d7:e7:6b:67:53:c0:82: 95:49:9d:59:72:13:f2:3c:57:5f:fd:af:2d:c8:59:c3:7a:3e: 37:9e:b0:c4:0b:01:a9:85:97:54:e1:24:df:ef:ee:9b:0b:5b: c3:85:c8:81:a3:11:1a:83:91:c5:86:be:79:de:8f:52:5b:82: 13:36:b5:fc:8e:9b:e9:1d:b2:23:ee:43:22:42:1c:a5:c0:bb: ef:a8:fb:f1:86:98:83:ea:40:b1:64:9a:46:aa:d8:1d:e8:76: e3:a5:b8:1a:a4:20:23:da:b3:a3:e3:37:55:14:8f:9f:04:8e: 2b:8b:3d:a1:bb:a2:3f:4b:0f:90:a6:1c:0b:e6:e9:04:c2:51: be:8f:e4:15:3e:41:90:b8:9b:b0:f1:93:97:fb:d3:43:5b:3b: 82:49:a5:a4:fe:75:30:b1:08:be:96:55:b4:9d:c1:b6:d0:2a: e6:ff:3a:f2:a7:0c:4d:28:8d:ec:5c:80:a3:1f:cb:ca:dc:84: 5c:f9:19:aa:15:7b:82:3f:3c:ed:a6:ba:6f:da:9d:f3:85:36: 7d:4a:9f:54 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICCyMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRF QzYxRUQ3RThDNjRGMjEwMzE3RENDN0U4MDhBOUMxOTJEODg0QTAeFw0yMzA5MDEw ODU1MjdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEwQkM3QTQxNkNGMzRD QUIwMDE3OUI3REQzREJBMjNCOTJBODVCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoKjcKl07lKDosv2skIjmN3zVQOgnBIBYoPcwvLkPXX3y8yj4j F3q5CgWEf9ASQHo7qNrCp9spRvweyWdnk38+C1yUpoon+B40qr1yJvNa11oj2A4R mlIJA0U4SJ3EYznZvOsY+OfgMtULjHDdxJQ7EAnujWdEBHpHk5+y/g5B4BAF5s20 jE0T5DfUS0zDtk3kK7/T1RzKEWTUaNRALfzFhE3QIDD1iv0XzcrIqqFxUnAlWapj +pC3S3cnCk1jTmQsLXkQCZMJfd2OnyYViWDJo0aAZ/UTgJZ8TfMHNTVC6OuV06eh CwlJ57cwMtlp/juRFNolaFgE6Z+l2Y2ObSR1AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUoLx6QWzzTKsAF5t909uiO5KoW84wHwYDVR0jBBgwFoAUtOxh7X6MZPIQMX3M foCKnBktiEowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL3RP eGg3WDZNWlBJUU1YM01mb0NLbkJrdGlFby5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev dE94aDdYNk1aUElRTVgzTWZvQ0tuQmt0aUVvLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL29MeDZRV3p6VEtzQUY1dDkwOXVpTzVL b1c4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATLduAwDQYJ KoZIhvcNAQELBQADggEBAA1zo1mHjTMuPFykM67KgKiVHuYLH2Oa0HrNodtI2yz4 WuhWXv9iDtllaR36ZjMt1+drZ1PAgpVJnVlyE/I8V1/9ry3IWcN6PjeesMQLAamF l1ThJN/v7psLW8OFyIGjERqDkcWGvnnej1JbghM2tfyOm+kdsiPuQyJCHKXAu++o +/GGmIPqQLFkmkaq2B3oduOluBqkICPas6PjN1UUj58EjiuLPaG7oj9LD5CmHAvm 6QTCUb6P5BU+QZC4m7Dxk5f700NbO4JJpaT+dTCxCL6WVbSdwbbQKub/OvKnDE0o jexcgKMfy8rchFz5GaoVe4I/PO2mum/anfOFNn1Kn1Q= -----END CERTIFICATE-----Generated at Sun Jun 2 07:14:21 2024 by rpki-client on console-fra.rpki-client.org