$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/EsYvIycvg9JeOsiVu6Mb1z-7wJU.roa File: EsYvIycvg9JeOsiVu6Mb1z-7wJU.roa (raw, json) Hash identifier: qPArjqM2pAVCgyVugGN4scZ9uTen1AWMiQAtUt+t6W4= Subject key identifier: 12:C6:2F:23:27:2F:83:D2:5E:3A:C8:95:BB:A3:1B:D7:3F:BB:C0:95 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 0F9A Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/EsYvIycvg9JeOsiVu6Mb1z-7wJU.roa Signing time: Fri 01 Sep 2023 08:57:17 +0000 ROA not before: Fri 01 Sep 2023 08:57:17 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 9680 IP address blocks: 2001:b000:591::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 15:36:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3994 (0xf9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 1 08:57:17 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=12C62F23272F83D25E3AC895BBA31BD73FBBC095 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:77:50:cc:a0:bd:76:97:a9:ad:d2:9d:3a:c3: 0e:1d:98:c3:62:c5:1a:8f:d1:02:81:1b:e2:6d:34: 6a:2c:db:ec:31:ce:18:61:30:0e:dc:b8:c4:c3:c3: 7d:35:d3:0e:b0:60:98:85:a3:e3:f3:3d:99:af:f5: c2:ab:4c:08:83:bd:a0:3a:fc:15:de:1a:06:00:d2: df:64:65:56:9f:f5:ee:08:92:55:97:e8:95:e8:64: 35:8c:bb:44:ea:2b:e9:1c:78:dd:89:0a:66:6c:f4: b9:20:27:84:59:ce:bb:69:09:f6:00:0d:f6:47:d0: ea:47:39:c3:47:dc:89:ed:c5:08:b2:1b:0a:c8:e0: 1c:f8:b4:df:71:13:8d:4f:9b:d5:ee:b9:87:b7:2d: 80:49:8e:9f:26:e2:7e:9c:98:72:b8:4f:d2:97:6a: c4:9d:a0:62:46:7a:ce:f9:91:9c:1a:d2:41:b9:12: bb:f6:d5:78:a4:fc:73:e2:ec:8c:d9:d4:7f:93:e8: aa:71:72:ca:e5:cd:27:3a:45:94:bc:fd:c5:de:a9: 91:06:64:3f:cc:c1:b9:8f:39:fa:ab:d1:04:b5:3c: bc:8b:b9:a6:e2:e3:de:3b:21:c2:b1:49:73:54:da: 52:50:ed:14:c4:34:24:fc:c2:dc:eb:8e:bb:a2:cd: be:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:C6:2F:23:27:2F:83:D2:5E:3A:C8:95:BB:A3:1B:D7:3F:BB:C0:95 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/EsYvIycvg9JeOsiVu6Mb1z-7wJU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:b000:591::/48 Signature Algorithm: sha256WithRSAEncryption 7e:cf:78:5b:fd:2a:25:4e:f2:ca:d6:97:12:48:f1:1c:c6:be: 88:f7:66:e8:0f:5a:b1:7f:3e:76:1e:43:e2:e5:0d:29:8a:75: a7:29:ce:48:83:0f:5e:86:d8:52:96:4d:03:7b:0f:bc:7e:fd: cd:96:c6:09:7f:7d:09:6d:a1:bf:17:20:ec:ff:8f:d5:84:82: 59:57:bb:0e:04:47:d0:b2:45:b0:82:fd:a8:b9:ad:7c:d3:48: b1:84:9c:aa:80:b7:37:99:23:31:f8:53:84:12:9d:e3:19:58: 6d:c3:4a:57:a2:0d:2f:37:19:5a:00:f4:4d:be:5c:81:0f:f0: 6f:9e:b6:e6:4b:b5:6d:7b:25:69:3c:28:9a:1e:d9:33:f8:64: a9:63:10:08:4a:b2:1b:e9:8f:a8:bc:c6:b2:d4:c3:b5:91:e6: 27:f8:bd:f6:c9:78:09:d2:05:6b:d2:f0:b1:06:0e:38:aa:8e: a9:cd:22:3e:c0:bd:fe:4f:15:83:55:c6:5e:de:fe:ce:4c:28: 3d:2e:43:fb:8b:0d:c4:4e:45:77:43:34:68:9e:27:9b:73:d0: a2:e9:c4:39:3d:33:14:04:8b:b9:e5:37:7e:77:b2:be:19:89: 5d:72:bb:e3:e3:ea:d7:96:0b:18:7a:b7:fc:76:18:e9:07:fb: 90:5e:12:49 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICD5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw ODU3MTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDEyQzYyRjIzMjcyRjgz RDI1RTNBQzg5NUJCQTMxQkQ3M0ZCQkMwOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsd1DMoL12l6mt0p06ww4dmMNixRqP0QKBG+JtNGos2+wxzhhh MA7cuMTDw3010w6wYJiFo+PzPZmv9cKrTAiDvaA6/BXeGgYA0t9kZVaf9e4IklWX 6JXoZDWMu0TqK+kceN2JCmZs9LkgJ4RZzrtpCfYADfZH0OpHOcNH3IntxQiyGwrI 4Bz4tN9xE41Pm9XuuYe3LYBJjp8m4n6cmHK4T9KXasSdoGJGes75kZwa0kG5Erv2 1Xik/HPi7IzZ1H+T6KpxcsrlzSc6RZS8/cXeqZEGZD/MwbmPOfqr0QS1PLyLuabi 4947IcKxSXNU2lJQ7RTENCT8wtzrjruizb7rAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUEsYvIycvg9JeOsiVu6Mb1z+7wJUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Fc1l2SXljdmc5SmVPc2lWdTZN YjF6LTd3SlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw AAWRMA0GCSqGSIb3DQEBCwUAA4IBAQB+z3hb/SolTvLK1pcSSPEcxr6I92boD1qx fz52HkPi5Q0pinWnKc5Igw9ehthSlk0Dew+8fv3NlsYJf30JbaG/FyDs/4/VhIJZ V7sOBEfQskWwgv2oua1800ixhJyqgLc3mSMx+FOEEp3jGVhtw0pXog0vNxlaAPRN vlyBD/BvnrbmS7VteyVpPCiaHtkz+GSpYxAISrIb6Y+ovMay1MO1keYn+L32yXgJ 0gVr0vCxBg44qo6pzSI+wL3+TxWDVcZe3v7OTCg9LkP7iw3ETkV3QzRoniebc9Ci 6cQ5PTMUBIu55Td+d7K+GYldcrvj4+rXlgsYerf8dhjpB/uQXhJJ -----END CERTIFICATE-----Generated at Tue Jun 4 17:32:13 2024 by rpki-client on console-fra.rpki-client.org