$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/IYyG3hbAQI-bNzdvK_I2matv-r0.roa File: IYyG3hbAQI-bNzdvK_I2matv-r0.roa (raw, json) Hash identifier: huwjZGQUXCeE76s40+lzholQii+0kz+PJ0AIX6+MUrg= Subject key identifier: 21:8C:86:DE:16:C0:40:8F:9B:37:37:6F:2B:F2:36:99:AB:6F:FA:BD Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 13BC Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/IYyG3hbAQI-bNzdvK_I2matv-r0.roa Signing time: Fri 01 Sep 2023 09:25:21 +0000 ROA not before: Fri 01 Sep 2023 09:25:21 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 4780 IP address blocks: 123.205.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 May 2024 07:30:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5052 (0x13bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Sep 1 09:25:21 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=218C86DE16C0408F9B37376F2BF23699AB6FFABD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:30:23:4f:dd:01:a0:4b:2a:e3:76:a3:c9:2e: f1:db:09:b1:b5:13:8a:10:2f:dc:5f:b4:bf:15:06: 30:cf:f3:bb:22:99:86:91:1f:c2:7c:92:6f:07:3e: 9e:65:fc:be:a1:3f:37:f0:f8:bc:c3:29:a1:72:36: d2:5d:98:f9:3b:74:c2:fd:26:3c:3b:b5:8c:2f:de: ea:ed:c5:69:3d:77:05:df:21:45:25:cd:8a:94:5f: 8d:38:91:0e:14:97:14:27:c7:6b:55:18:5f:ab:4f: 42:4b:5e:ef:50:8d:08:14:f1:46:e5:41:1b:75:be: 9e:34:1a:37:7d:fa:c8:a7:ea:5e:a2:98:ab:3e:3a: 50:dc:8d:5d:54:f8:37:bf:41:7e:d4:c1:84:69:bd: 9e:7c:d8:fa:6b:ac:c1:7f:c2:c8:5c:0a:88:30:e9: 80:51:b6:b3:ba:e2:51:47:6c:ac:d1:ff:78:32:1b: 9e:30:9a:68:81:83:d1:32:ee:df:7d:bf:62:9e:6c: eb:c8:1a:65:aa:c4:55:78:85:a4:90:e9:41:e2:e0: 11:f9:1f:1e:a1:54:f0:68:bd:00:0e:b0:27:7a:59: 61:f5:40:fa:e7:7c:62:41:57:22:c7:61:ac:d9:7e: a4:63:95:98:e6:ac:e4:7d:8d:70:de:6c:97:a7:66: 17:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:8C:86:DE:16:C0:40:8F:9B:37:37:6F:2B:F2:36:99:AB:6F:FA:BD X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/IYyG3hbAQI-bNzdvK_I2matv-r0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.205.0.0/16 Signature Algorithm: sha256WithRSAEncryption 86:d4:e1:53:33:61:06:13:80:19:d2:c8:df:15:74:09:fd:15: 24:22:c9:90:76:17:18:f7:b2:af:2a:a2:b2:b2:4e:ac:fe:88: f4:cf:a7:79:e9:02:74:55:d2:ae:d1:95:03:8f:e5:1a:57:c7: 0b:ce:3d:c7:95:0b:d3:ca:d4:3b:f9:27:44:d9:af:f3:3d:5c: 25:b6:b2:63:71:a5:22:1c:f0:a6:3e:67:b9:c1:bd:de:4c:83: 71:ed:bd:e7:59:ef:69:ea:2e:19:8a:22:79:c3:3f:dc:97:30: 59:e5:0b:ab:c8:1e:65:aa:fe:ca:21:0c:ec:1a:cc:3e:0e:04: e0:6c:b1:09:6d:68:3c:4d:26:9e:b5:f8:e3:0e:3a:31:ed:e5: 39:a5:aa:8c:87:13:79:53:06:cf:59:d9:58:ae:d3:8b:86:f5: b1:77:88:df:4a:7d:43:75:cb:11:7a:52:de:cf:2a:3d:37:de: 0f:9a:3f:6b:33:52:6b:06:9d:27:99:86:14:30:d6:a6:64:ee: a0:34:6e:75:5f:8b:b9:0b:e9:7b:d1:82:62:c1:af:72:f2:6c: 28:6b:8a:7e:37:92:ac:74:1d:de:23:1a:74:7e:f7:84:5c:db: 2e:d3:3c:79:3a:83:3d:f5:92:fd:e3:5c:0f:c6:ea:d2:bc:f4: 4c:31:66:41 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICE7wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA5MDEw OTI1MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIxOEM4NkRFMTZDMDQw OEY5QjM3Mzc2RjJCRjIzNjk5QUI2RkZBQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJMCNP3QGgSyrjdqPJLvHbCbG1E4oQL9xftL8VBjDP87simYaR H8J8km8HPp5l/L6hPzfw+LzDKaFyNtJdmPk7dML9Jjw7tYwv3urtxWk9dwXfIUUl zYqUX404kQ4UlxQnx2tVGF+rT0JLXu9QjQgU8UblQRt1vp40Gjd9+sin6l6imKs+ OlDcjV1U+De/QX7UwYRpvZ582PprrMF/wshcCogw6YBRtrO64lFHbKzR/3gyG54w mmiBg9Ey7t99v2KebOvIGmWqxFV4haSQ6UHi4BH5Hx6hVPBovQAOsCd6WWH1QPrn fGJBVyLHYazZfqRjlZjmrOR9jXDebJenZhejAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUIYyG3hbAQI+bNzdvK/I2matv+r0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSVl5RzNoYkFRSS1iTnpkdktfSTJt YXR2LXIwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHvNMA0G CSqGSIb3DQEBCwUAA4IBAQCG1OFTM2EGE4AZ0sjfFXQJ/RUkIsmQdhcY97KvKqKy sk6s/oj0z6d56QJ0VdKu0ZUDj+UaV8cLzj3HlQvTytQ7+SdE2a/zPVwltrJjcaUi HPCmPme5wb3eTINx7b3nWe9p6i4ZiiJ5wz/clzBZ5QuryB5lqv7KIQzsGsw+DgTg bLEJbWg8TSaetfjjDjox7eU5paqMhxN5UwbPWdlYrtOLhvWxd4jfSn1DdcsRelLe zyo9N94Pmj9rM1JrBp0nmYYUMNamZO6gNG51X4u5C+l70YJiwa9y8mwoa4p+N5Ks dB3eIxp0fveEXNsu0zx5OoM99ZL941wPxurSvPRMMWZB -----END CERTIFICATE-----Generated at Mon May 20 12:32:57 2024 by rpki-client on console-fra.rpki-client.org