$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/CQx5TI_1A4cr4Rm5JzdOJmdS8w4.roa File: CQx5TI_1A4cr4Rm5JzdOJmdS8w4.roa (raw, json) Hash identifier: iWgsV+F/RLUN8ft123AG6rJ+3teeMkz12K2iD47f9ZY= Subject key identifier: 09:0C:79:4C:8F:F5:03:87:2B:E1:19:B9:27:37:4E:26:67:52:F3:0E Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 139C Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CQx5TI_1A4cr4Rm5JzdOJmdS8w4.roa Signing time: Fri 01 Sep 2023 09:25:12 +0000 ROA not before: Fri 01 Sep 2023 09:25:12 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 4780 IP address blocks: 211.74.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 07:30:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5020 (0x139c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Sep 1 09:25:12 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=090C794C8FF503872BE119B927374E266752F30E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:28:d3:84:51:ec:50:de:e9:c5:ae:cc:08:bd: c5:7e:d3:4c:a5:d7:47:70:35:64:2f:b2:32:8f:4a: 6e:ff:d4:a6:54:51:72:f0:0e:64:6c:7d:5d:f3:9e: 1c:4a:19:df:57:bc:27:8c:44:1a:fb:22:81:53:91: 0f:f0:ac:88:a2:88:8c:01:55:bd:cf:44:0e:90:de: f3:88:7f:fd:2b:c9:64:c9:fb:11:b6:e8:ac:0b:5e: da:32:88:cb:ac:81:36:53:88:90:f8:e6:9d:88:b9: 73:c8:46:f3:cc:42:59:d8:1a:6f:99:36:75:cc:c9: 97:31:93:c1:a5:ca:00:ff:8c:49:db:b2:e9:06:5c: bf:d9:fd:9d:7c:16:22:f8:08:c9:2e:e2:07:52:61: 39:48:3a:14:c7:2e:56:1c:90:b8:0c:25:ca:63:64: 50:b4:a9:85:cb:57:05:15:06:28:f5:b0:f8:6c:51: 11:aa:0f:97:1b:55:0a:52:6f:9a:ca:41:4e:2f:ae: 70:6b:f6:67:14:a5:e0:70:95:c6:ea:ef:65:51:fd: 3d:2c:ac:d5:a7:18:4f:e8:41:8d:cb:8e:6c:0c:4c: a3:a3:6e:b3:42:84:33:c3:02:fb:b5:13:69:c0:ee: 94:0a:4b:64:b9:da:ba:bd:63:85:62:92:f2:d5:44: e7:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:0C:79:4C:8F:F5:03:87:2B:E1:19:B9:27:37:4E:26:67:52:F3:0E X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CQx5TI_1A4cr4Rm5JzdOJmdS8w4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.74.0.0/17 Signature Algorithm: sha256WithRSAEncryption 7c:76:5a:a4:3f:61:d4:01:a2:33:25:1a:4c:9e:e6:09:c5:7d: 5b:36:f1:29:00:db:ec:0a:26:ed:86:3c:0d:5e:53:52:72:e3: 58:8f:bd:63:c6:09:85:f5:c7:6f:7f:a2:a4:e6:48:7f:b4:0f: 90:03:92:c6:16:73:1f:45:cd:46:92:ab:6d:c5:19:91:12:83: 53:2e:98:75:1a:1e:dd:67:54:ef:4c:be:f2:09:e9:61:7d:59: 7c:12:e7:cb:8b:f0:ad:ad:16:24:94:ce:cf:2e:80:88:25:6f: 7b:cf:a6:47:fc:15:6d:7e:aa:ce:de:9d:d1:66:c4:31:a5:34: 0a:99:18:34:ba:c8:2e:8c:46:ed:d7:52:a9:db:fc:e3:9d:ed: b6:03:31:c7:d0:1e:8a:52:57:3f:4b:42:47:a4:ff:01:17:6e: d9:b8:e3:f5:aa:b6:64:80:2c:7c:23:dc:ee:d3:cc:11:5a:e4: 35:ff:2f:da:fb:cf:3b:ed:f2:2b:22:8d:e3:81:84:ab:c2:e6: d3:f9:cd:bf:0c:86:48:5b:ec:74:cd:44:1f:c4:3b:0e:0b:da: 47:9b:f2:de:7a:0a:fc:a1:fe:d4:87:fa:c9:13:a5:3e:7f:3d: 6a:bf:d2:65:74:92:48:4c:05:41:3d:99:45:b7:7d:2c:fc:78: 65:d8:08:b6 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICE5wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA5MDEw OTI1MTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDA5MEM3OTRDOEZGNTAz ODcyQkUxMTlCOTI3Mzc0RTI2Njc1MkYzMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPKNOEUexQ3unFrswIvcV+00yl10dwNWQvsjKPSm7/1KZUUXLw DmRsfV3znhxKGd9XvCeMRBr7IoFTkQ/wrIiiiIwBVb3PRA6Q3vOIf/0ryWTJ+xG2 6KwLXtoyiMusgTZTiJD45p2IuXPIRvPMQlnYGm+ZNnXMyZcxk8GlygD/jEnbsukG XL/Z/Z18FiL4CMku4gdSYTlIOhTHLlYckLgMJcpjZFC0qYXLVwUVBij1sPhsURGq D5cbVQpSb5rKQU4vrnBr9mcUpeBwlcbq72VR/T0srNWnGE/oQY3LjmwMTKOjbrNC hDPDAvu1E2nA7pQKS2S52rq9Y4VikvLVROerAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUCQx5TI/1A4cr4Rm5JzdOJmdS8w4wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQ1F4NVRJXzFBNGNyNFJtNUp6ZE9K bWRTOHc0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9NKADAN BgkqhkiG9w0BAQsFAAOCAQEAfHZapD9h1AGiMyUaTJ7mCcV9WzbxKQDb7Aom7YY8 DV5TUnLjWI+9Y8YJhfXHb3+ipOZIf7QPkAOSxhZzH0XNRpKrbcUZkRKDUy6YdRoe 3WdU70y+8gnpYX1ZfBLny4vwra0WJJTOzy6AiCVve8+mR/wVbX6qzt6d0WbEMaU0 CpkYNLrILoxG7ddSqdv8453ttgMxx9AeilJXP0tCR6T/ARdu2bjj9aq2ZIAsfCPc 7tPMEVrkNf8v2vvPO+3yKyKN44GEq8Lm0/nNvwyGSFvsdM1EH8Q7DgvaR5vy3noK /KH+1If6yROlPn89ar/SZXSSSEwFQT2ZRbd9LPx4ZdgItg== -----END CERTIFICATE-----Generated at Mon May 20 11:12:52 2024 by rpki-client on console-ams.rpki-client.org