$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/yD-pLrN2QzYHMsRZ0Brm3Hi1uvc.roa File: yD-pLrN2QzYHMsRZ0Brm3Hi1uvc.roa (raw, json) Hash identifier: LUvrjDb8+OP7X3SW28YR9GcRYF+WICL+TwYcR1pW8MM= Subject key identifier: C8:3F:A9:2E:B3:76:43:36:07:32:C4:59:D0:1A:E6:DC:78:B5:BA:F7 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 0F2A Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/yD-pLrN2QzYHMsRZ0Brm3Hi1uvc.roa Signing time: Fri 01 Sep 2023 08:56:41 +0000 ROA not before: Fri 01 Sep 2023 08:56:41 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 198949 IP address blocks: 210.61.114.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 11:43:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3882 (0xf2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Sep 1 08:56:41 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=C83FA92EB37643360732C459D01AE6DC78B5BAF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c0:a6:b4:49:9d:17:c3:6d:03:ec:0f:40:61: 55:90:db:ba:0e:fc:46:cf:f6:cb:ad:f8:77:a5:c4: 9e:5d:e1:f2:55:42:89:0e:ba:57:e9:80:c6:4b:62: be:94:32:2c:37:bb:b0:62:27:6b:47:86:b2:f4:3c: a3:3a:f9:c6:d2:ce:21:f3:c6:1e:e9:f0:49:93:eb: 4e:66:9f:a8:7b:92:c3:bf:ff:e4:2f:1e:75:21:c2: 84:e0:62:f7:aa:35:f8:46:f5:0a:9d:1e:6b:65:52: 03:a3:47:ab:7a:a5:8a:59:b4:d3:23:dd:b0:c0:8e: 14:46:07:ef:a7:ee:3c:c8:7a:8d:f2:5f:04:e1:f9: 75:3a:2d:6d:0f:f8:fc:90:72:f5:df:73:cc:9d:89: 09:c1:43:1f:4a:35:2b:14:57:9e:22:e6:4f:4b:52: ea:5c:2e:9f:a7:64:7b:cb:9d:8f:0c:be:63:01:a8: a9:ed:2f:45:b3:bd:9d:e7:1d:b0:97:b5:78:32:bf: 84:42:99:af:93:c1:3f:8c:75:22:de:ee:1f:93:d6: d3:a3:17:28:48:df:68:df:b2:82:f5:d6:d1:09:21: 17:09:37:2c:59:40:4b:c2:5a:29:5d:bf:19:ed:01: 19:4a:8d:bd:49:da:b2:76:5d:31:0e:d7:4e:79:85: f3:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:3F:A9:2E:B3:76:43:36:07:32:C4:59:D0:1A:E6:DC:78:B5:BA:F7 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/yD-pLrN2QzYHMsRZ0Brm3Hi1uvc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.61.114.0/24 Signature Algorithm: sha256WithRSAEncryption a1:d6:1f:57:12:0d:01:cc:c1:70:49:68:2e:f9:16:ef:11:12: f7:c1:4a:e7:97:03:6c:bb:5b:65:2d:16:1f:52:6e:25:5e:da: f5:38:51:fa:6f:49:0d:6f:ca:3e:f5:39:e8:1d:33:c4:ec:55: f4:fe:58:19:2f:21:7c:26:7c:04:29:b0:8d:83:95:d8:a6:f1: eb:09:c7:cc:5d:4e:4d:ac:b9:f3:11:02:47:be:35:33:db:7e: 99:7f:43:81:70:e4:ec:71:ce:05:71:58:c4:66:da:85:7e:13: 38:99:ef:fc:90:3c:5b:84:b0:5b:dd:11:f0:e3:bf:2b:63:08: 77:78:9a:a3:b9:30:46:34:0b:19:b8:e5:4d:91:88:77:a9:01: 28:c6:57:15:2a:89:64:69:d8:83:9d:96:cc:6e:79:39:68:ea: 6f:52:2c:40:e0:8a:1a:1b:76:ac:2d:c1:7c:34:9f:20:ed:6d: 14:dc:c0:d1:bb:a4:78:54:a2:8a:f6:d0:0f:1c:2f:39:8c:90: 08:10:4d:2b:34:c5:b0:4b:5c:d1:a7:a4:4c:e3:71:84:c8:03: 19:0f:63:b5:b8:fc:50:c8:46:0c:e4:9b:e9:a2:a3:33:37:7f: a5:bf:3e:12:eb:88:36:af:f6:15:bd:d5:9b:f4:9e:85:ec:d1: cd:f0:a2:49 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw ODU2NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM4M0ZBOTJFQjM3NjQz MzYwNzMyQzQ1OUQwMUFFNkRDNzhCNUJBRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDwKa0SZ0Xw20D7A9AYVWQ27oO/EbP9sut+HelxJ5d4fJVQokO ulfpgMZLYr6UMiw3u7BiJ2tHhrL0PKM6+cbSziHzxh7p8EmT605mn6h7ksO//+Qv HnUhwoTgYveqNfhG9QqdHmtlUgOjR6t6pYpZtNMj3bDAjhRGB++n7jzIeo3yXwTh +XU6LW0P+PyQcvXfc8ydiQnBQx9KNSsUV54i5k9LUupcLp+nZHvLnY8MvmMBqKnt L0WzvZ3nHbCXtXgyv4RCma+TwT+MdSLe7h+T1tOjFyhI32jfsoL11tEJIRcJNyxZ QEvCWildvxntARlKjb1J2rJ2XTEO1055hfNhAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUyD+pLrN2QzYHMsRZ0Brm3Hi1uvcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC95RC1wTHJOMlF6WUhNc1JaMEJy bTNIaTF1dmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0j1y MA0GCSqGSIb3DQEBCwUAA4IBAQCh1h9XEg0BzMFwSWgu+RbvERL3wUrnlwNsu1tl LRYfUm4lXtr1OFH6b0kNb8o+9TnoHTPE7FX0/lgZLyF8JnwEKbCNg5XYpvHrCcfM XU5NrLnzEQJHvjUz236Zf0OBcOTscc4FcVjEZtqFfhM4me/8kDxbhLBb3RHw478r Ywh3eJqjuTBGNAsZuOVNkYh3qQEoxlcVKolkadiDnZbMbnk5aOpvUixA4IoaG3as LcF8NJ8g7W0U3MDRu6R4VKKK9tAPHC85jJAIEE0rNMWwS1zRp6RM43GEyAMZD2O1 uPxQyEYM5JvpoqMzN3+lvz4S64g2r/YVvdWb9J6F7NHN8KJJ -----END CERTIFICATE-----Generated at Sun May 5 03:06:50 2024 by rpki-client on console-fra.rpki-client.org