$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Fs1MXS08VqFATNyKbBghDJ4A05Q.roa File: Fs1MXS08VqFATNyKbBghDJ4A05Q.roa (raw, json) Hash identifier: 7b2PQ5SQzWwMgN87ojU4HtDQ3SiNukowpXfz/spflro= Subject key identifier: 16:CD:4C:5D:2D:3C:56:A1:40:4C:DC:8A:6C:18:21:0C:9E:00:D3:94 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 0F3D Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Fs1MXS08VqFATNyKbBghDJ4A05Q.roa Signing time: Fri 01 Sep 2023 08:56:48 +0000 ROA not before: Fri 01 Sep 2023 08:56:48 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 142005 IP address blocks: 210.242.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 15:36:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3901 (0xf3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 1 08:56:48 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=16CD4C5D2D3C56A1404CDC8A6C18210C9E00D394 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:cf:dc:92:a3:39:7c:3f:9e:a3:1e:4a:79:a9: b1:34:8b:f3:b4:e6:2c:e8:41:0f:12:89:32:a1:65: 38:c4:36:a7:67:7e:85:31:72:ee:e9:2f:bc:0a:c4: 24:95:07:26:41:51:4f:f2:24:8f:b1:a2:86:80:ff: 9c:5d:ab:d7:69:df:da:f8:ae:4e:06:f2:e6:5f:cd: c9:13:fc:6d:42:91:57:aa:e8:d0:b5:c5:e0:36:c8: 00:85:cd:b9:05:d0:b8:f6:4c:74:1c:59:d5:1f:a7: 9b:2d:83:13:51:ce:99:c5:6d:64:2d:7c:9e:a5:78: 84:58:80:d8:eb:e2:8c:e5:b8:65:ef:31:62:68:2e: e1:9e:91:59:bc:04:b6:46:40:5d:7b:8f:6c:b3:a6: ec:e4:4f:27:9c:e9:f2:44:80:13:fa:0c:38:b7:db: 73:36:50:29:cd:a2:11:19:66:cf:6b:55:59:9a:41: f4:49:a1:46:7f:9d:c1:3c:b4:58:24:74:28:37:d3: b5:75:52:61:99:ff:ec:4f:66:8d:c4:b1:9d:02:88: 70:9b:5f:0f:45:10:ac:91:7f:5f:61:6c:a8:1f:87: f8:03:f8:bc:a4:c8:93:0b:3b:6e:b6:4f:23:0d:69: 91:6a:92:13:f0:93:4b:b5:1c:5f:a8:63:69:f0:04: d6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:CD:4C:5D:2D:3C:56:A1:40:4C:DC:8A:6C:18:21:0C:9E:00:D3:94 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Fs1MXS08VqFATNyKbBghDJ4A05Q.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.242.123.0/24 Signature Algorithm: sha256WithRSAEncryption 12:6e:44:a0:5f:0f:b0:b7:5a:ca:b8:a8:b4:43:20:8a:f7:e4: 62:94:d6:48:66:c6:d2:b5:4b:6c:27:a6:c5:32:99:95:82:03: b6:13:5b:86:3f:01:0d:77:af:0e:be:09:0c:5e:bc:e0:08:08: 5b:f0:4c:27:b3:10:92:10:4f:aa:5a:46:66:7c:33:fb:1d:1d: 68:a6:0a:7a:c1:cf:32:91:6c:38:c1:2b:cf:04:a7:87:20:ee: 0b:eb:81:78:66:78:e0:c9:6f:4f:b7:d4:80:e6:2d:84:dd:65: 64:41:88:5d:b9:c3:ca:04:3a:bb:63:da:d9:cd:8c:8b:fc:66: 55:d5:5d:c1:eb:d1:6e:88:19:4a:c7:8a:a5:a5:d9:f2:e7:03: 4e:2b:64:8e:da:4c:45:65:77:94:7a:6f:2d:f5:ca:57:53:66: 06:44:f0:4d:53:fd:72:fc:bf:23:1a:3a:c3:e0:7a:9b:2c:dd: d3:5e:d3:9c:64:18:2f:2f:6c:e6:d1:ec:62:a9:2a:47:9e:59: e1:6e:98:34:2b:f0:ce:e6:58:61:d1:ec:49:3b:7e:a8:f0:da: e0:2c:e7:6b:7c:77:dd:c0:85:0f:06:5f:e7:39:ee:59:f2:1e: 95:df:0c:f4:06:32:66:1c:40:59:09:6c:2b:b1:3d:3b:01:70: 92:02:b7:40 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDz0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw ODU2NDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDE2Q0Q0QzVEMkQzQzU2 QTE0MDRDREM4QTZDMTgyMTBDOUUwMEQzOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIz9ySozl8P56jHkp5qbE0i/O05izoQQ8SiTKhZTjENqdnfoUx cu7pL7wKxCSVByZBUU/yJI+xooaA/5xdq9dp39r4rk4G8uZfzckT/G1CkVeq6NC1 xeA2yACFzbkF0Lj2THQcWdUfp5stgxNRzpnFbWQtfJ6leIRYgNjr4ozluGXvMWJo LuGekVm8BLZGQF17j2yzpuzkTyec6fJEgBP6DDi323M2UCnNohEZZs9rVVmaQfRJ oUZ/ncE8tFgkdCg307V1UmGZ/+xPZo3EsZ0CiHCbXw9FEKyRf19hbKgfh/gD+Lyk yJMLO262TyMNaZFqkhPwk0u1HF+oY2nwBNZvAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUFs1MXS08VqFATNyKbBghDJ4A05QwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9GczFNWFMwOFZxRkFUTnlLYkJn aERKNEEwNVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0vJ7 MA0GCSqGSIb3DQEBCwUAA4IBAQASbkSgXw+wt1rKuKi0QyCK9+RilNZIZsbStUts J6bFMpmVggO2E1uGPwENd68OvgkMXrzgCAhb8EwnsxCSEE+qWkZmfDP7HR1opgp6 wc8ykWw4wSvPBKeHIO4L64F4ZnjgyW9Pt9SA5i2E3WVkQYhducPKBDq7Y9rZzYyL /GZV1V3B69FuiBlKx4qlpdny5wNOK2SO2kxFZXeUem8t9cpXU2YGRPBNU/1y/L8j GjrD4HqbLN3TXtOcZBgvL2zm0exiqSpHnlnhbpg0K/DO5lhh0exJO36o8NrgLOdr fHfdwIUPBl/nOe5Z8h6V3wz0BjJmHEBZCWwrsT07AXCSArdA -----END CERTIFICATE-----Generated at Wed Jun 5 00:23:00 2024 by rpki-client on console-ams.rpki-client.org