$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/sJDQKW1oRlZd2p9TRmyuoKxCYeU.roa File: sJDQKW1oRlZd2p9TRmyuoKxCYeU.roa (raw, json) Hash identifier: Ks0Ptd40z+7RW5VRjAHIosEHsLZv5CZo0TaW4tBnTyg= Subject key identifier: B0:90:D0:29:6D:68:46:56:5D:DA:9F:53:46:6C:AE:A0:AC:42:61:E5 Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73 Certificate serial: 0577 Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/sJDQKW1oRlZd2p9TRmyuoKxCYeU.roa Signing time: Fri 01 Sep 2023 08:59:51 +0000 ROA not before: Fri 01 Sep 2023 08:59:51 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131657 IP address blocks: 2406:48c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 08 May 2024 21:50:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1399 (0x577) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73 Validity Not Before: Sep 1 08:59:51 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=B090D0296D6846565DDA9F53466CAEA0AC4261E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ca:d0:6c:c8:da:bc:5a:79:69:3a:97:dd:fa: 8b:1a:de:95:25:27:f4:3b:1e:86:35:bc:51:40:22: 2d:21:c2:19:d8:07:8f:02:ad:5e:ca:97:97:83:ff: 5c:ea:9d:af:36:31:8b:b1:98:9e:c0:72:a5:e7:d4: e9:09:0c:86:25:5f:11:57:15:66:d9:82:1a:77:a1: ff:61:b2:4c:19:4e:a0:a5:ad:e6:92:40:1b:45:11: 3c:c9:10:58:fe:85:3b:5b:85:3c:0b:e4:4b:7f:11: ed:8b:1a:e5:c4:a2:72:fe:0a:66:c9:a3:48:93:5d: 00:a2:a5:4f:06:79:b2:2a:45:85:32:e0:4a:68:47: 18:58:a3:d5:f5:49:e2:8d:f4:dd:f7:ec:a9:3a:a9: 3c:3a:bf:3a:1f:cd:77:39:e7:96:c1:8d:67:ae:f1: bd:18:c9:ab:eb:35:e0:6e:62:06:57:ea:a7:88:b1: 22:79:bc:4a:f5:b3:10:47:19:7a:8a:5c:7c:31:78: ff:61:39:f5:60:6f:b8:2e:48:bd:92:15:55:2c:d6: ea:86:02:8d:ae:49:b9:3e:ad:6f:63:d2:ef:e1:c5: 9e:15:35:54:a4:fb:74:a2:17:e3:db:39:28:64:2e: e8:25:1e:22:ef:06:67:d4:ff:a0:17:a6:c8:15:a2: 04:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:90:D0:29:6D:68:46:56:5D:DA:9F:53:46:6C:AE:A0:AC:42:61:E5 X509v3 Authority Key Identifier: keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/sJDQKW1oRlZd2p9TRmyuoKxCYeU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:48c0::/32 Signature Algorithm: sha256WithRSAEncryption 75:ee:1b:f8:00:e8:b6:f3:b2:d8:eb:e3:bc:c8:22:3a:c5:ab: 17:0b:73:8c:0d:d2:99:ef:57:8c:16:9c:40:d5:15:0c:f9:8e: f9:d1:83:b6:39:e7:ac:10:4c:92:9a:e3:d7:b8:83:39:a7:12: c9:5d:16:89:0b:20:c7:5c:30:5a:1e:97:60:6d:ce:99:06:d6: 5d:25:ab:ec:1a:8e:0c:e1:18:a6:de:87:8e:b4:75:36:10:38: e2:70:ac:8e:ee:26:6c:a9:dc:c2:8b:7b:64:5c:67:62:9e:f0: 1b:4f:56:03:cc:ce:59:ea:f3:a9:04:da:1c:49:65:e3:f0:30: 3e:7a:19:cd:95:8a:ed:2a:64:d1:e3:f2:07:b7:94:ec:92:95: 01:be:51:01:da:f8:d8:a6:81:e2:36:8a:a8:32:e7:1e:e0:94: ed:20:93:9e:ca:b0:ea:f1:63:14:8d:7f:fb:39:f2:2f:92:0f: e9:3a:fa:4d:82:27:9a:11:40:16:fe:fe:5d:af:a6:b6:5a:f5: cf:98:9f:33:69:b0:cf:00:11:8e:97:50:7c:dc:a1:ff:d4:2a: 06:3a:db:e2:e8:0b:c5:a7:64:eb:77:02:05:53:27:bc:da:92: c3:f5:e6:70:1e:ea:3c:69:80:79:10:8f:ac:d3:ce:9f:20:f3: 87:cb:7f:20 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICBXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3 REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMzA5MDEw ODU5NTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEIwOTBEMDI5NkQ2ODQ2 NTY1RERBOUY1MzQ2NkNBRUEwQUM0MjYxRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSytBsyNq8WnlpOpfd+osa3pUlJ/Q7HoY1vFFAIi0hwhnYB48C rV7Kl5eD/1zqna82MYuxmJ7AcqXn1OkJDIYlXxFXFWbZghp3of9hskwZTqClreaS QBtFETzJEFj+hTtbhTwL5Et/Ee2LGuXEonL+CmbJo0iTXQCipU8GebIqRYUy4Epo RxhYo9X1SeKN9N337Kk6qTw6vzofzXc555bBjWeu8b0YyavrNeBuYgZX6qeIsSJ5 vEr1sxBHGXqKXHwxeP9hOfVgb7guSL2SFVUs1uqGAo2uSbk+rW9j0u/hxZ4VNVSk +3SiF+PbOShkLuglHiLvBmfU/6AXpsgVogTfAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUsJDQKW1oRlZd2p9TRmyuoKxCYeUwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL3NKRFFLVzFvUmxaZDJwOVRS bXl1b0t4Q1llVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk BkjAMA0GCSqGSIb3DQEBCwUAA4IBAQB17hv4AOi287LY6+O8yCI6xasXC3OMDdKZ 71eMFpxA1RUM+Y750YO2OeesEEySmuPXuIM5pxLJXRaJCyDHXDBaHpdgbc6ZBtZd JavsGo4M4Rim3oeOtHU2EDjicKyO7iZsqdzCi3tkXGdinvAbT1YDzM5Z6vOpBNoc SWXj8DA+ehnNlYrtKmTR4/IHt5TskpUBvlEB2vjYpoHiNoqoMuce4JTtIJOeyrDq 8WMUjX/7OfIvkg/pOvpNgieaEUAW/v5dr6a2WvXPmJ8zabDPABGOl1B83KH/1CoG Otvi6AvFp2TrdwIFUye82pLD9eZwHuo8aYB5EI+s086fIPOHy38g -----END CERTIFICATE-----Generated at Tue May 7 14:32:35 2024 by rpki-client on console-fra.rpki-client.org