$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Q-bDXx1w1ZeavOm_03Ok9wJavjM.roa File: Q-bDXx1w1ZeavOm_03Ok9wJavjM.roa (raw, json) Hash identifier: jS5+45A4pxvTMNwJ/spwhFI47oGmktAlh9HNooVMT4k= Subject key identifier: 43:E6:C3:5F:1D:70:D5:97:9A:BC:E9:BF:D3:73:A4:F7:02:5A:BE:33 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 0FB5 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Q-bDXx1w1ZeavOm_03Ok9wJavjM.roa Signing time: Fri 01 Sep 2023 08:57:24 +0000 ROA not before: Fri 01 Sep 2023 08:57:24 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 20940 IP address blocks: 203.69.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 15:36:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4021 (0xfb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 1 08:57:24 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=43E6C35F1D70D5979ABCE9BFD373A4F7025ABE33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:9e:de:db:f1:cc:88:e4:3e:bd:fd:22:9b:1b: 88:c3:75:aa:19:e4:c4:15:6e:13:2c:60:2c:fe:ad: d4:3e:6f:ef:78:a4:98:8b:ef:e1:47:35:f0:50:cf: f1:01:83:cd:66:ca:f7:89:0f:17:e0:0f:ac:b6:3e: 79:c5:d7:8d:ef:fa:74:20:a2:df:0d:ae:09:ec:6e: 49:4f:94:b2:18:b7:54:27:60:ce:dd:d7:de:57:4a: aa:a2:98:52:f3:82:f5:dc:3d:3d:de:eb:0b:73:6f: 20:64:77:28:a2:4f:d8:13:ca:4f:7d:32:42:f5:8c: f4:59:ee:4a:da:50:95:e1:13:b3:a3:e3:f4:91:53: 52:bb:8d:7d:72:85:06:a5:38:03:65:77:24:c4:db: ae:c8:c8:b7:61:06:84:77:00:ac:41:4c:4a:38:ba: bf:6e:b1:6e:9a:50:2d:6f:16:cf:ad:0e:99:ca:c2: 9e:11:56:2b:cc:f4:02:ac:51:bf:91:c7:66:33:37: 9a:b2:3e:3e:a4:a2:8d:e0:aa:ad:9f:30:30:16:05: a3:b4:4f:ba:0c:5b:d5:af:0c:ca:45:a4:09:72:09: 20:34:98:c7:eb:92:93:9a:d1:e3:b9:71:bf:94:e2: a8:fb:45:18:0a:6c:df:5d:a2:81:de:70:3a:be:e4: f9:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:E6:C3:5F:1D:70:D5:97:9A:BC:E9:BF:D3:73:A4:F7:02:5A:BE:33 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Q-bDXx1w1ZeavOm_03Ok9wJavjM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.69.138.0/24 Signature Algorithm: sha256WithRSAEncryption 39:de:5a:a7:5d:53:24:9b:2b:53:21:78:fe:a9:43:a2:57:47: 5c:01:d4:04:3f:e0:38:e9:0c:83:ab:84:a0:c3:7d:22:60:96: 2e:ac:0c:5d:b3:03:bc:08:b8:81:cb:ea:b1:52:e0:f1:66:4c: 03:c2:b6:e9:bf:84:8f:f0:87:d0:66:21:ef:1e:d6:1d:b2:ee: bc:94:58:d0:8a:95:e1:95:0c:c7:27:0b:c8:17:e8:32:83:16: 6a:92:4b:39:0f:41:0a:16:3f:7f:06:36:89:ab:62:05:fa:fe: 18:6f:32:6a:8c:99:86:92:89:cb:01:b3:e6:68:c1:47:4b:94: fe:68:da:47:69:13:d7:b3:a3:fa:66:75:9f:20:d7:28:56:6e: 55:58:2a:90:00:77:ea:a1:8e:29:2d:2a:ba:5a:fd:42:13:93: 43:98:f9:bd:19:e2:7b:e5:38:d4:1d:a2:f0:91:4c:fd:2c:15: 34:e2:f4:59:63:06:02:8d:c7:34:b3:60:14:be:ea:99:28:99: 0e:e4:c5:08:ff:ee:ce:4b:e5:b1:2d:da:06:95:1d:59:19:4a: 2d:69:9d:89:7a:1f:e4:07:5a:87:05:eb:f6:f7:44:61:7c:0c: 48:9b:38:9f:68:17:ad:94:9a:1a:5f:d9:d5:a7:50:a6:db:c1: ef:88:07:ab -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICD7UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw ODU3MjRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDQzRTZDMzVGMUQ3MEQ1 OTc5QUJDRTlCRkQzNzNBNEY3MDI1QUJFMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQnt7b8cyI5D69/SKbG4jDdaoZ5MQVbhMsYCz+rdQ+b+94pJiL 7+FHNfBQz/EBg81myveJDxfgD6y2PnnF143v+nQgot8NrgnsbklPlLIYt1QnYM7d 195XSqqimFLzgvXcPT3e6wtzbyBkdyiiT9gTyk99MkL1jPRZ7kraUJXhE7Oj4/SR U1K7jX1yhQalOANldyTE267IyLdhBoR3AKxBTEo4ur9usW6aUC1vFs+tDpnKwp4R VivM9AKsUb+Rx2YzN5qyPj6koo3gqq2fMDAWBaO0T7oMW9WvDMpFpAlyCSA0mMfr kpOa0eO5cb+U4qj7RRgKbN9dooHecDq+5PljAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUQ+bDXx1w1ZeavOm/03Ok9wJavjMwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9RLWJEWHgxdzFaZWF2T21fMDNP azl3SmF2ak0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0WK MA0GCSqGSIb3DQEBCwUAA4IBAQA53lqnXVMkmytTIXj+qUOiV0dcAdQEP+A46QyD q4Sgw30iYJYurAxdswO8CLiBy+qxUuDxZkwDwrbpv4SP8IfQZiHvHtYdsu68lFjQ ipXhlQzHJwvIF+gygxZqkks5D0EKFj9/BjaJq2IF+v4YbzJqjJmGkonLAbPmaMFH S5T+aNpHaRPXs6P6ZnWfINcoVm5VWCqQAHfqoY4pLSq6Wv1CE5NDmPm9GeJ75TjU HaLwkUz9LBU04vRZYwYCjcc0s2AUvuqZKJkO5MUI/+7OS+WxLdoGlR1ZGUotaZ2J eh/kB1qHBev290RhfAxImzifaBetlJoaX9nVp1Cm28HviAer -----END CERTIFICATE-----Generated at Wed Jun 5 00:23:00 2024 by rpki-client on console-ams.rpki-client.org