$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/HSprM-I1Bj5R_IrZgCbeLMIhsd4.roa File: HSprM-I1Bj5R_IrZgCbeLMIhsd4.roa (raw, json) Hash identifier: q9sU2R+KmVlKhtBXEEwUdOieLzQwiIes5lstCke4io0= Subject key identifier: 1D:2A:6B:33:E2:35:06:3E:51:FC:8A:D9:80:26:DE:2C:C2:21:B1:DE Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E Certificate serial: 0B4E Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/HSprM-I1Bj5R_IrZgCbeLMIhsd4.roa Signing time: Fri 01 Sep 2023 10:00:52 +0000 ROA not before: Fri 01 Sep 2023 10:00:52 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131639 IP address blocks: 2403:7f40:f000::/48 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 11:39:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2894 (0xb4e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E Validity Not Before: Sep 1 10:00:52 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=1D2A6B33E235063E51FC8AD98026DE2CC221B1DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:37:cf:57:86:79:4f:5c:62:c5:1f:45:79:08: 92:6f:39:ce:27:0f:8c:a3:db:f8:8f:c5:84:fd:a7: 03:d7:35:1b:93:79:cc:f6:a2:75:74:5f:d6:07:04: d8:ed:a9:b0:59:66:12:7c:80:f8:a8:40:96:4b:ab: 80:a2:c1:56:84:14:36:b7:13:38:cf:fc:75:9a:9f: b0:dd:04:23:50:12:19:d9:7a:42:df:a9:7a:1c:d5: c0:08:39:5a:e4:c8:6e:b1:0d:05:1e:a2:5b:0d:9f: 71:ab:9a:ff:6a:a6:1f:42:60:b8:c5:c4:04:cf:8f: 19:d1:8d:22:2f:a2:2d:0f:85:a5:29:3f:4c:3f:ce: cf:23:5d:16:52:54:99:ef:3e:2c:77:c0:4b:59:29: 94:51:72:92:99:94:42:5f:a9:59:78:e1:6c:b1:30: 46:3d:04:75:09:27:ec:b5:fc:ee:ef:12:de:27:16: 7b:d0:b8:4a:7e:20:71:f1:cf:d9:52:bf:b5:18:48: 81:19:d4:0c:b9:65:3b:0b:b2:a7:9d:a1:e9:59:b8: 7b:46:92:ae:74:cf:a8:14:40:57:74:aa:80:21:82: 9f:fd:31:ac:a0:82:f2:80:ae:d8:a3:5f:6b:5e:5d: 06:7d:dc:22:23:9e:68:da:74:59:b0:51:6c:9b:29: ae:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:2A:6B:33:E2:35:06:3E:51:FC:8A:D9:80:26:DE:2C:C2:21:B1:DE X509v3 Authority Key Identifier: keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/HSprM-I1Bj5R_IrZgCbeLMIhsd4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:7f40:f000::/48 Signature Algorithm: sha256WithRSAEncryption 9f:d1:d6:40:39:b7:2b:df:59:29:0e:8f:ca:27:18:04:6a:77: eb:f2:c9:ff:2a:f9:9b:1d:53:04:43:a0:46:fd:93:65:53:14: 2b:7a:45:5b:29:b4:78:e9:80:1d:ca:08:cb:19:29:8a:3a:73: c6:59:d8:76:49:a5:57:fa:88:89:f6:42:49:8e:21:c7:31:43: b6:43:0b:7e:da:fd:d3:31:d6:bc:53:02:88:f1:f0:25:ba:a4: bf:1c:2e:ca:04:b2:cc:ed:30:d9:b9:25:7d:4b:b5:e3:bd:7a: a4:ef:bf:a0:f8:57:f2:79:8e:f2:72:2e:c1:a0:a4:1b:a3:90: d7:c2:db:bb:59:58:92:ec:69:14:65:20:14:a6:40:f6:65:eb: 8b:ed:0e:02:0c:19:c8:c5:46:cf:0b:3d:97:92:57:ec:80:e8: 9b:63:e3:cd:2e:bd:1f:57:0d:10:01:b7:ad:b4:7d:47:e5:05: 7c:18:57:b4:b2:90:9f:f9:39:25:c5:d3:17:19:57:bc:fd:31: 57:4d:9f:b4:65:ac:4a:84:ea:dd:e9:bc:68:5b:79:d3:2a:db: 3f:18:0e:96:dc:30:6d:ba:37:66:8c:54:55:af:65:b3:e3:32: 61:e8:d4:24:60:3a:1f:ce:62:5f:56:88:aa:5a:06:a2:39:13: 42:20:94:c5 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICC04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3 MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMzA5MDEx MDAwNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFEMkE2QjMzRTIzNTA2 M0U1MUZDOEFEOTgwMjZERTJDQzIyMUIxREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDiN89XhnlPXGLFH0V5CJJvOc4nD4yj2/iPxYT9pwPXNRuTecz2 onV0X9YHBNjtqbBZZhJ8gPioQJZLq4CiwVaEFDa3EzjP/HWan7DdBCNQEhnZekLf qXoc1cAIOVrkyG6xDQUeolsNn3Grmv9qph9CYLjFxATPjxnRjSIvoi0PhaUpP0w/ zs8jXRZSVJnvPix3wEtZKZRRcpKZlEJfqVl44WyxMEY9BHUJJ+y1/O7vEt4nFnvQ uEp+IHHxz9lSv7UYSIEZ1Ay5ZTsLsqedoelZuHtGkq50z6gUQFd0qoAhgp/9Mayg gvKArtijX2teXQZ93CIjnmjadFmwUWybKa7BAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUHSprM+I1Bj5R/IrZgCbeLMIhsd4wHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0hTcHJNLUkxQmo1Ul9JclpnQ2JlTE1J aHNkNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A8AAw DQYJKoZIhvcNAQELBQADggEBAJ/R1kA5tyvfWSkOj8onGARqd+vyyf8q+ZsdUwRD oEb9k2VTFCt6RVsptHjpgB3KCMsZKYo6c8ZZ2HZJpVf6iIn2QkmOIccxQ7ZDC37a /dMx1rxTAojx8CW6pL8cLsoEssztMNm5JX1LteO9eqTvv6D4V/J5jvJyLsGgpBuj kNfC27tZWJLsaRRlIBSmQPZl64vtDgIMGcjFRs8LPZeSV+yA6Jtj480uvR9XDRAB t620fUflBXwYV7SykJ/5OSXF0xcZV7z9MVdNn7RlrEqE6t3pvGhbedMq2z8YDpbc MG26N2aMVFWvZbPjMmHo1CRgOh/OYl9WiKpaBqI5E0IglMU= -----END CERTIFICATE-----Generated at Thu May 2 09:24:43 2024 by rpki-client on console-ams.rpki-client.org