$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/nJs7--ZR5GE035unPYvaNqs9-Lg.roa File: nJs7--ZR5GE035unPYvaNqs9-Lg.roa (raw, json) Hash identifier: n1tTScqSn7AwuKJ3FojKS9zbVbXkrGEaNO3I/BJx7nY= Subject key identifier: 9C:9B:3B:FB:E6:51:E4:61:34:DF:9B:A7:3D:8B:DA:36:AB:3D:F8:B8 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 0DB9 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nJs7--ZR5GE035unPYvaNqs9-Lg.roa Signing time: Fri 01 Sep 2023 09:25:18 +0000 ROA not before: Fri 01 Sep 2023 09:25:18 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 4780 IP address blocks: 192.72.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 17:39:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3513 (0xdb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Sep 1 09:25:18 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=9C9B3BFBE651E46134DF9BA73D8BDA36AB3DF8B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:1e:e8:3e:7a:ce:48:3c:4e:5b:40:3a:ee:b7: 56:35:3d:74:d4:62:44:07:41:40:92:c2:d1:e2:84: 6f:98:62:a1:8e:e1:74:d2:14:c9:d6:7f:fb:0e:34: dd:c2:9f:8c:3e:62:b9:c0:63:2d:17:c7:00:29:13: 7d:e9:02:81:3e:70:92:1c:fd:6f:8c:29:3a:43:d7: e1:46:77:f8:56:30:3b:be:b3:07:6c:f6:e3:6a:69: aa:b1:a8:e6:77:0d:31:c6:ba:9e:62:05:3d:bf:73: 6e:19:02:6d:dc:d0:e3:ad:ca:76:84:39:94:e1:f4: 4d:69:aa:5a:57:db:a4:43:94:1f:34:b6:48:33:f3: 99:57:67:03:c0:9c:a7:7c:77:e5:5b:88:76:6d:97: fc:ae:af:9a:5d:1b:a0:a4:c8:18:52:6f:c2:78:fa: e2:b2:12:67:2e:f5:e7:7d:6c:c7:7b:0d:24:4f:d7: 23:79:08:0b:61:c4:40:8c:88:53:e7:4c:1f:49:15: 44:41:ba:4b:d8:5d:fc:62:b2:07:1f:ef:2a:bb:5f: 16:4d:7e:6d:2c:05:0c:2f:af:fe:c9:43:45:7f:e1: d4:8c:59:1d:32:83:ac:53:f7:ea:0e:83:5c:cf:fd: 49:2a:ce:8e:a9:18:a6:33:e9:ee:dc:02:e2:1e:0a: 4b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:9B:3B:FB:E6:51:E4:61:34:DF:9B:A7:3D:8B:DA:36:AB:3D:F8:B8 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nJs7--ZR5GE035unPYvaNqs9-Lg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.3.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:22:cb:8a:46:7c:8f:6e:bc:11:14:d4:71:01:0a:01:78:d6: ab:7d:63:0d:d4:89:58:38:c4:ba:63:68:5d:72:9d:25:d6:98: 50:f9:82:9d:b1:fd:06:a4:d0:95:e6:0f:7a:3a:43:b1:c0:dc: 29:6b:62:36:94:f3:9c:9f:9e:dd:70:0b:57:0a:d3:73:09:33: a1:b9:19:73:08:13:df:f9:7e:5a:72:7d:db:fa:f8:a3:ec:48: ea:e1:a1:09:4f:c6:cd:34:89:e5:2a:c3:35:4d:a4:4e:ef:48: af:2f:66:25:50:1c:61:65:7a:23:ae:25:ed:9f:f5:6e:8b:32: c0:41:bf:cd:79:69:a4:5c:67:2a:85:aa:72:22:66:60:6d:0d: bd:82:f8:78:a6:7f:ee:86:ed:7c:1c:14:c8:f9:2d:22:27:e8: c0:42:b3:fa:a9:8e:2a:28:cf:e9:22:59:00:aa:8f:83:c3:f9: a6:d2:0d:dd:9b:bf:ae:c8:44:58:9e:fc:13:36:49:8a:b4:4f: df:47:b6:e9:42:f7:0d:d3:8f:fa:a2:d9:1c:0b:05:89:fd:48: 00:6f:6a:f0:93:64:71:61:12:e0:ef:e5:51:f1:e9:ae:22:91: 72:81:0d:d0:d9:ae:2c:59:9e:98:a9:8d:d6:b9:3f:b8:fd:c6: 56:13:1c:0b -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDbkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzA5MDEw OTI1MThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlDOUIzQkZCRTY1MUU0 NjEzNERGOUJBNzNEOEJEQTM2QUIzREY4QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsHug+es5IPE5bQDrut1Y1PXTUYkQHQUCSwtHihG+YYqGO4XTS FMnWf/sONN3Cn4w+YrnAYy0XxwApE33pAoE+cJIc/W+MKTpD1+FGd/hWMDu+swds 9uNqaaqxqOZ3DTHGup5iBT2/c24ZAm3c0OOtynaEOZTh9E1pqlpX26RDlB80tkgz 85lXZwPAnKd8d+VbiHZtl/yur5pdG6CkyBhSb8J4+uKyEmcu9ed9bMd7DSRP1yN5 CAthxECMiFPnTB9JFURBukvYXfxisgcf7yq7XxZNfm0sBQwvr/7JQ0V/4dSMWR0y g6xT9+oOg1zP/Ukqzo6pGKYz6e7cAuIeCkuPAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUnJs7++ZR5GE035unPYvaNqs9+LgwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbkpzNy0tWlI1R0UwMzV1blBZdmFO cXM5LUxnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBIAzAN BgkqhkiG9w0BAQsFAAOCAQEAnSLLikZ8j268ERTUcQEKAXjWq31jDdSJWDjEumNo XXKdJdaYUPmCnbH9BqTQleYPejpDscDcKWtiNpTznJ+e3XALVwrTcwkzobkZcwgT 3/l+WnJ92/r4o+xI6uGhCU/GzTSJ5SrDNU2kTu9Iry9mJVAcYWV6I64l7Z/1bosy wEG/zXlppFxnKoWqciJmYG0NvYL4eKZ/7obtfBwUyPktIifowEKz+qmOKijP6SJZ AKqPg8P5ptIN3Zu/rshEWJ78EzZJirRP30e26UL3DdOP+qLZHAsFif1IAG9q8JNk cWES4O/lUfHpriKRcoEN0NmuLFmemKmN1rk/uP3GVhMcCw== -----END CERTIFICATE-----Generated at Mon May 20 12:32:57 2024 by rpki-client on console-fra.rpki-client.org