$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/lk4BSJwZaQyk_otWupEylooCJW0.roa File: lk4BSJwZaQyk_otWupEylooCJW0.roa (raw, json) Hash identifier: hFayzxCTDZO3EC8Px2ODDYteukYx/sAN0O27+MoXips= Subject key identifier: 96:4E:01:48:9C:19:69:0C:A4:FE:8B:56:BA:91:32:96:8A:02:25:6D Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Certificate serial: 0CDB Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/lk4BSJwZaQyk_otWupEylooCJW0.roa Signing time: Fri 01 Sep 2023 09:39:51 +0000 ROA not before: Fri 01 Sep 2023 09:39:51 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 38843 IP address blocks: 223.27.32.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 04:08:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3291 (0xcdb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Validity Not Before: Sep 1 09:39:51 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=964E01489C19690CA4FE8B56BA9132968A02256D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:57:a1:c7:14:d5:60:7a:23:d2:5a:49:a6:f3: bc:67:be:00:55:0e:e9:a9:b2:27:40:6c:c9:a6:eb: 62:9d:a6:9d:02:33:c0:a0:7e:88:fe:6c:27:22:41: e5:0d:6a:bf:d8:59:54:71:59:6c:7c:98:aa:a7:c7: 49:b5:82:27:e3:fb:68:81:55:9d:55:f8:c9:dc:7e: 6b:6c:96:4c:49:dd:c0:f8:0b:a1:b0:12:9e:53:2a: df:b7:d2:89:79:3a:91:99:7e:40:e8:e1:e5:88:f1: 8b:3d:e4:c5:ca:4f:22:fb:dd:68:22:e3:48:f3:35: 8e:bd:52:44:8c:7e:b9:b6:e4:4f:7e:ef:6d:8d:f6: c2:52:c9:a6:fc:88:e2:f0:8f:bd:26:c6:83:eb:b3: 56:b7:ee:f7:22:44:1d:a6:b7:2d:f6:d0:96:f5:65: 7b:9a:e3:fe:d0:36:5b:f8:83:c4:9b:88:1f:47:38: fe:87:d8:e0:9f:1d:e4:a5:7f:95:6f:79:e9:f8:4c: 1b:2a:a7:cf:f6:d2:cc:28:55:24:27:3a:29:4b:c6: 17:45:20:f2:74:16:c4:38:1d:e2:ce:fa:13:72:3c: 70:31:28:61:22:60:7d:de:57:d6:41:d9:09:3c:d9: df:84:6c:ac:05:0d:41:ff:a3:4a:6e:f1:49:d1:a0: 20:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:4E:01:48:9C:19:69:0C:A4:FE:8B:56:BA:91:32:96:8A:02:25:6D X509v3 Authority Key Identifier: keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/lk4BSJwZaQyk_otWupEylooCJW0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.27.32.0/20 Signature Algorithm: sha256WithRSAEncryption 83:8d:07:9f:f6:c7:15:e1:bd:06:15:67:1d:b0:aa:b6:a5:94: b2:20:3b:df:62:ff:65:c0:db:f4:32:fa:92:18:7a:30:f0:fc: 7a:17:e6:e7:8b:c8:46:5e:51:53:ad:30:61:5d:95:3b:a8:56: 8c:a5:b5:cd:61:4b:20:e8:06:16:e0:a7:6f:55:eb:73:91:64: 75:2f:82:5a:61:c0:2d:38:22:f4:a9:12:d5:31:26:0c:ba:23: f2:50:55:af:19:24:b6:b0:af:a4:a5:5d:38:cc:95:89:30:bd: 9d:24:fd:a1:b6:1c:6d:bf:6f:fd:da:e3:74:31:6b:47:b3:e2: cf:e0:2b:64:a4:28:af:b1:0b:5c:5d:11:f5:71:99:b3:dd:59: 98:57:b4:34:e9:9f:d1:58:31:ac:c9:39:e4:c6:fa:b7:63:4e: a6:f7:98:d4:be:f6:8f:a6:bf:bc:41:8f:3c:b7:8b:1a:c4:0b: 59:a9:99:29:38:57:f1:f9:0a:69:ca:17:2d:95:e6:02:7e:02: d4:77:7a:48:20:4a:01:ca:98:f3:9d:8d:68:5f:0a:ba:c1:60: f4:06:78:9c:9e:14:b7:88:a8:a9:b0:ce:14:4e:57:ec:41:a5: ad:b1:af:ff:cf:88:a2:62:cc:e0:39:ff:b9:03:d3:d6:6e:95: 32:a2:b5:31 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw OTM5NTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk2NEUwMTQ4OUMxOTY5 MENBNEZFOEI1NkJBOTEzMjk2OEEwMjI1NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpV6HHFNVgeiPSWkmm87xnvgBVDumpsidAbMmm62Kdpp0CM8Cg foj+bCciQeUNar/YWVRxWWx8mKqnx0m1gifj+2iBVZ1V+MncfmtslkxJ3cD4C6Gw Ep5TKt+30ol5OpGZfkDo4eWI8Ys95MXKTyL73Wgi40jzNY69UkSMfrm25E9+722N 9sJSyab8iOLwj70mxoPrs1a37vciRB2mty320Jb1ZXua4/7QNlv4g8SbiB9HOP6H 2OCfHeSlf5Vveen4TBsqp8/20swoVSQnOilLxhdFIPJ0FsQ4HeLO+hNyPHAxKGEi YH3eV9ZB2Qk82d+EbKwFDUH/o0pu8UnRoCDvAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUlk4BSJwZaQyk/otWupEylooCJW0wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80 sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vbGs0QlNKd1phUXlrX290V3VwRXls b29DSlcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBN8bIDAN BgkqhkiG9w0BAQsFAAOCAQEAg40Hn/bHFeG9BhVnHbCqtqWUsiA732L/ZcDb9DL6 khh6MPD8ehfm54vIRl5RU60wYV2VO6hWjKW1zWFLIOgGFuCnb1Xrc5FkdS+CWmHA LTgi9KkS1TEmDLoj8lBVrxkktrCvpKVdOMyViTC9nST9obYcbb9v/drjdDFrR7Pi z+ArZKQor7ELXF0R9XGZs91ZmFe0NOmf0VgxrMk55Mb6t2NOpveY1L72j6a/vEGP PLeLGsQLWamZKThX8fkKacoXLZXmAn4C1Hd6SCBKAcqY852NaF8KusFg9AZ4nJ4U t4ioqbDOFE5X7EGlrbGv/8+IomLM4Dn/uQPT1m6VMqK1MQ== -----END CERTIFICATE-----Generated at Mon Jun 3 12:44:03 2024 by rpki-client on console-fra.rpki-client.org