$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa File: DUp9xvMUZQjdODlrc7CqK0EIiHg.roa (raw, json) Hash identifier: T8DFg/bLFJRv1bgyEWdzGXYAxY5cstnqiYCz0Vc1Xbc= Subject key identifier: 0D:4A:7D:C6:F3:14:65:08:DD:38:39:6B:73:B0:AA:2B:41:08:88:78 Certificate issuer: /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214 Certificate serial: 0B65 Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa Signing time: Fri 01 Sep 2023 10:13:52 +0000 ROA not before: Fri 01 Sep 2023 10:13:52 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 2914 IP address blocks: 61.58.32.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 07:44:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2917 (0xb65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214 Validity Not Before: Sep 1 10:13:52 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=0D4A7DC6F3146508DD38396B73B0AA2B41088878 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:c9:30:4a:a3:bd:0b:46:09:c1:4b:75:c8:79: 20:9d:70:45:f8:24:cd:d1:2e:49:f5:12:1b:b7:d8: 4e:36:bd:41:e3:5c:17:de:4e:d9:e6:2f:71:9f:ad: 59:42:f9:a5:2f:3f:2f:67:ab:ac:16:59:3e:ee:6a: 9d:36:53:db:45:6c:ab:13:ce:2e:00:96:c8:5f:c4: 37:ab:09:24:64:a0:c9:69:b8:ef:24:5f:ae:52:c0: 7b:00:b3:01:7d:66:81:05:80:ba:25:a1:92:50:a1: b9:4d:a7:e4:8d:8e:24:fd:a1:69:4e:72:be:40:73: 90:6f:78:83:7d:65:fa:7b:d7:ce:11:23:ac:5c:66: 3d:32:12:c9:30:2a:af:5a:de:01:fa:e0:fd:23:0b: 2c:df:69:c3:07:cd:fa:db:19:2b:64:73:a9:ed:1b: 2d:87:5a:eb:34:42:9b:57:83:ad:03:fa:e4:a6:45: 7a:73:fb:51:1e:d7:cf:67:54:e3:21:d6:a7:0c:3d: 63:0d:59:19:69:a5:a0:34:78:7e:f6:26:2c:bc:53: c9:cd:b4:4f:0d:77:42:dc:03:c6:a3:29:c5:34:6d: 21:17:f5:c1:f8:41:3d:14:53:32:d9:b3:9a:ba:d0: 62:59:58:52:a6:a9:7f:61:23:b1:36:7a:91:a4:72: 5e:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:4A:7D:C6:F3:14:65:08:DD:38:39:6B:73:B0:AA:2B:41:08:88:78 X509v3 Authority Key Identifier: keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.58.32.0/20 Signature Algorithm: sha256WithRSAEncryption 67:56:14:1a:94:e3:d9:2d:f0:ec:69:6f:2e:a8:95:08:76:db: cd:39:db:24:04:30:f3:20:e2:01:fb:17:0c:e0:5d:3c:2e:3c: 54:a9:7d:93:ea:4d:78:84:6b:d0:56:9f:2b:72:a9:e1:63:42: 66:c8:03:ac:6e:51:1d:e5:79:fb:89:be:4a:40:6a:ea:7a:e3: 38:54:3a:65:67:3d:42:33:1b:1d:5d:00:76:c8:b1:29:b4:b4: 1e:c9:de:7e:03:61:07:72:6b:d2:63:87:5f:59:a6:d8:3e:62: 5f:fc:89:82:5f:9c:eb:85:f0:02:c6:e4:fc:a1:34:22:a9:15: 66:eb:4e:a6:f1:5d:a5:3a:6e:19:ae:63:ea:6a:07:f9:c9:f0: e4:0b:9e:b8:68:40:63:97:d4:23:4a:ee:ac:25:f5:b7:03:a7: 65:aa:4b:05:77:23:19:d7:e0:1e:61:98:c9:8a:56:df:e7:c5: 35:8f:07:7c:96:48:e9:e0:05:6c:0b:1b:81:32:f9:1d:2f:1b: 58:97:10:ab:f5:f2:7a:a7:c4:7f:c8:c4:22:1a:da:34:c4:40: b0:7b:17:ae:f4:fb:6e:c4:44:eb:b0:fc:d6:db:5a:c2:27:96: 4e:28:11:95:11:33:55:0d:da:74:82:a2:00:44:43:6f:6d:66: 6a:48:be:56 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICC2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMzA5MDEx MDEzNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBENEE3REM2RjMxNDY1 MDhERDM4Mzk2QjczQjBBQTJCNDEwODg4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgyTBKo70LRgnBS3XIeSCdcEX4JM3RLkn1Ehu32E42vUHjXBfe TtnmL3GfrVlC+aUvPy9nq6wWWT7uap02U9tFbKsTzi4AlshfxDerCSRkoMlpuO8k X65SwHsAswF9ZoEFgLoloZJQoblNp+SNjiT9oWlOcr5Ac5BveIN9Zfp7184RI6xc Zj0yEskwKq9a3gH64P0jCyzfacMHzfrbGStkc6ntGy2HWus0QptXg60D+uSmRXpz +1Ee189nVOMh1qcMPWMNWRlppaA0eH72Jiy8U8nNtE8Nd0LcA8ajKcU0bSEX9cH4 QT0UUzLZs5q60GJZWFKmqX9hI7E2epGkcl45AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUDUp9xvMUZQjdODlrc7CqK0EIiHgwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9EVXA5eHZNVVpRamRPRGxyYzdD cUswRUlpSGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTog MA0GCSqGSIb3DQEBCwUAA4IBAQBnVhQalOPZLfDsaW8uqJUIdtvNOdskBDDzIOIB +xcM4F08LjxUqX2T6k14hGvQVp8rcqnhY0JmyAOsblEd5Xn7ib5KQGrqeuM4VDpl Zz1CMxsdXQB2yLEptLQeyd5+A2EHcmvSY4dfWabYPmJf/ImCX5zrhfACxuT8oTQi qRVm606m8V2lOm4ZrmPqagf5yfDkC564aEBjl9QjSu6sJfW3A6dlqksFdyMZ1+Ae YZjJilbf58U1jwd8lkjp4AVsCxuBMvkdLxtYlxCr9fJ6p8R/yMQiGto0xECwexeu 9PtuxETrsPzW21rCJ5ZOKBGVETNVDdp0gqIARENvbWZqSL5W -----END CERTIFICATE-----Generated at Sat May 4 12:15:24 2024 by rpki-client on console-fra.rpki-client.org