$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ER0FsPS3Z-xo5mIwK9Vg4uZJfDA.roa File: ER0FsPS3Z-xo5mIwK9Vg4uZJfDA.roa (raw, json) Hash identifier: wlO6A2IkMrIfoaVq+cBSYlxh0qqOSiv1KavfzMrlHNg= Subject key identifier: 11:1D:05:B0:F4:B7:67:EC:68:E6:62:30:2B:D5:60:E2:E6:49:7C:30 Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3199 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ER0FsPS3Z-xo5mIwK9Vg4uZJfDA.roa Signing time: Mon 26 Aug 2024 05:30:44 +0000 ROA not before: Mon 26 Aug 2024 05:30:44 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38841 IP address blocks: 118.233.144.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Sep 2024 05:19:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12697 (0x3199) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Aug 26 05:30:44 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=111D05B0F4B767EC68E662302BD560E2E6497C30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e8:ba:20:53:d6:3e:f7:ef:df:53:d9:7f:bf: 5a:ee:72:61:b1:4d:2c:2d:65:8c:5f:3d:56:2f:a3: 55:f6:82:ff:a0:c6:db:fb:d3:ab:d2:c5:3a:5b:f4: 0f:6a:12:f0:12:a0:d4:22:fa:e5:29:fc:ae:a5:a9: 2a:13:18:aa:d8:e2:64:66:1a:94:9b:7c:58:27:31: fc:9d:69:2e:6a:c3:9b:d1:52:74:be:53:30:96:19: 99:23:80:c9:dd:9d:bf:bf:0f:01:ac:57:d4:eb:bd: e3:7c:21:c2:f8:f1:83:07:54:1a:0b:ae:51:98:83: ac:7f:1d:d9:dd:0d:ec:d5:42:ff:34:1e:5f:91:c9: f9:86:87:d3:e6:03:0a:12:bc:77:50:e8:74:87:45: 08:81:1a:30:4c:d7:09:15:11:a1:92:e1:f7:b9:bb: 73:80:b6:3b:16:6c:94:f3:f8:a7:d7:e3:08:e7:18: c0:79:4a:31:16:0c:ac:ad:63:3a:75:6d:d7:b8:0d: 16:1e:61:19:78:91:04:03:e4:8f:d6:45:9b:8e:6f: ce:8f:b3:86:99:7d:a7:ad:87:cf:60:81:07:9b:49: bd:84:1a:65:05:04:bd:3f:ef:55:f0:e4:b3:ad:b6: c3:b6:96:1d:c8:b9:8b:80:01:21:97:74:97:7d:32: d0:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:1D:05:B0:F4:B7:67:EC:68:E6:62:30:2B:D5:60:E2:E6:49:7C:30 X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ER0FsPS3Z-xo5mIwK9Vg4uZJfDA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.233.144.0/22 Signature Algorithm: sha256WithRSAEncryption 87:52:60:c4:36:83:c3:25:63:d4:e4:9c:1f:c4:6a:13:34:b1: 9d:c8:2a:7d:80:5f:9d:09:5e:2f:21:c4:08:c4:f1:c6:20:92: 62:50:84:c6:4d:49:6c:6d:d8:87:fd:2a:2a:e7:23:c4:5e:6d: 4c:09:70:08:ca:f5:bd:a5:70:d3:a0:9f:ca:30:4a:2d:bd:de: 5e:ea:13:df:8a:9f:8b:21:4e:c4:0e:57:88:b7:81:ce:6c:db: 75:d0:98:93:42:98:9b:82:a7:48:ce:2d:50:84:28:4a:de:20: e7:d3:3b:88:f3:a3:66:1d:3c:3c:67:a0:36:91:ad:2a:8a:54: 3c:b3:bd:ed:29:bc:52:a8:ce:b8:72:23:78:d5:96:24:29:dd: e1:55:87:de:1c:8e:71:49:3b:fc:f8:ee:8c:e8:62:a0:a5:c5: cb:9b:d3:79:4b:80:b0:5a:ad:d5:3a:f9:50:4b:43:df:cb:ff: dc:b9:c8:e3:c9:c9:79:a6:ab:0e:f3:fd:c8:4d:6c:f3:f2:92: 42:9b:89:a1:ea:09:1a:33:ad:5d:5e:18:d3:87:c4:ec:50:53: f6:1f:b5:ba:1b:de:f9:6c:9e:36:1f:bf:e7:42:7b:3e:2e:4c: ed:5a:26:3e:d1:9e:6b:15:19:82:6a:83:06:2e:1c:b9:41:9e: 8a:87:1d:73 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICMZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw NTMwNDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDExMUQwNUIwRjRCNzY3 RUM2OEU2NjIzMDJCRDU2MEUyRTY0OTdDMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC76LogU9Y+9+/fU9l/v1rucmGxTSwtZYxfPVYvo1X2gv+gxtv7 06vSxTpb9A9qEvASoNQi+uUp/K6lqSoTGKrY4mRmGpSbfFgnMfydaS5qw5vRUnS+ UzCWGZkjgMndnb+/DwGsV9TrveN8IcL48YMHVBoLrlGYg6x/HdndDezVQv80Hl+R yfmGh9PmAwoSvHdQ6HSHRQiBGjBM1wkVEaGS4fe5u3OAtjsWbJTz+KfX4wjnGMB5 SjEWDKytYzp1bde4DRYeYRl4kQQD5I/WRZuOb86Ps4aZfaeth89ggQebSb2EGmUF BL0/71Xw5LOttsO2lh3IuYuAASGXdJd9MtBRAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUER0FsPS3Z+xo5mIwK9Vg4uZJfDAwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0VSMEZzUFMzWi14bzVtSXdL OVZnNHVaSmZEQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ2 6ZAwDQYJKoZIhvcNAQELBQADggEBAIdSYMQ2g8MlY9TknB/EahM0sZ3IKn2AX50J Xi8hxAjE8cYgkmJQhMZNSWxt2If9KirnI8RebUwJcAjK9b2lcNOgn8owSi293l7q E9+Kn4shTsQOV4i3gc5s23XQmJNCmJuCp0jOLVCEKEreIOfTO4jzo2YdPDxnoDaR rSqKVDyzve0pvFKozrhyI3jVliQp3eFVh94cjnFJO/z47ozoYqClxcub03lLgLBa rdU6+VBLQ9/L/9y5yOPJyXmmqw7z/chNbPPykkKbiaHqCRozrV1eGNOHxOxQU/Yf tbob3vlsnjYfv+dCez4uTO1aJj7RnmsVGYJqgwYuHLlBnoqHHXM= -----END CERTIFICATE-----Generated at Sat Sep 21 03:11:38 2024 by rpki-client on console-fra.rpki-client.org