$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/0DfQLVXB9bxZTCwucM1YFLrg2lk.roa File: 0DfQLVXB9bxZTCwucM1YFLrg2lk.roa (raw, json) Hash identifier: 1K1zkLwaPWRcRN6cNBBveqYRyyJmvitP9EQ7OWPP6Kg= Subject key identifier: D0:37:D0:2D:55:C1:F5:BC:59:4C:2C:2E:70:CD:58:14:BA:E0:DA:59 Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A Certificate serial: 1DFA Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/0DfQLVXB9bxZTCwucM1YFLrg2lk.roa Signing time: Fri 01 Sep 2023 10:15:31 +0000 ROA not before: Fri 01 Sep 2023 10:15:31 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 24163 IP address blocks: 49.158.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 23:59:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7674 (0x1dfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08469E113701815993013E13E548A2B340E44E0A Validity Not Before: Sep 1 10:15:31 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D037D02D55C1F5BC594C2C2E70CD5814BAE0DA59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:49:d3:bb:46:7c:50:41:4e:e9:ef:fe:01:4e: c5:8c:e5:63:ef:81:f9:9c:84:0a:f5:13:f1:d6:95: a0:2f:9d:b3:fc:2d:a0:75:06:14:8e:8f:8a:f7:99: 8d:10:6e:c1:9b:80:9b:a6:b6:7f:3c:7a:e7:00:b0: b3:a6:6d:fc:58:ad:33:4e:50:1a:9b:fd:fb:27:f0: 2f:19:0c:91:82:49:1f:70:1e:86:a6:0f:2d:5c:8c: 61:ce:ea:83:69:6e:90:2c:7e:56:42:86:e3:e2:0d: 12:ef:11:56:0c:3d:e0:0b:c0:e0:2b:a5:12:b3:00: 12:3d:66:7a:b5:4c:e0:cd:73:cd:07:9e:3c:16:10: b8:15:bc:a9:bb:02:af:5d:aa:12:6c:09:fc:47:b3: e5:27:8f:d2:58:17:64:80:88:57:64:80:34:58:07: 08:1e:3d:b5:41:80:59:b9:39:25:a8:7b:dd:c7:1b: 9f:f2:74:19:1d:bd:9a:64:94:19:98:c7:16:2f:1e: 2c:35:68:c7:9b:1e:a9:af:01:38:21:71:f6:84:d8: be:b1:59:b9:47:35:cb:35:4d:2e:3c:45:1a:5f:a3: 2d:e5:73:0a:57:6c:86:17:92:f6:80:eb:84:0e:10: a3:a9:e1:d8:28:66:78:7d:52:9c:bf:63:b4:6d:6e: 26:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:37:D0:2D:55:C1:F5:BC:59:4C:2C:2E:70:CD:58:14:BA:E0:DA:59 X509v3 Authority Key Identifier: keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/0DfQLVXB9bxZTCwucM1YFLrg2lk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.158.200.0/21 Signature Algorithm: sha256WithRSAEncryption 4a:b3:a1:64:8e:47:0c:f5:eb:c9:35:f7:68:f1:58:ea:04:b7: cf:16:ec:44:52:49:c5:b5:df:64:58:a7:6f:b3:14:fb:12:c4: 27:a4:39:e3:57:2f:fe:df:33:dd:82:2e:a9:d6:91:a5:62:ef: 3f:f9:a9:1a:ce:e5:30:2b:af:7b:41:a3:c6:2a:77:d1:66:05: a0:8c:23:22:c0:f5:73:ea:6f:a0:9a:49:05:c8:0e:49:54:a3: 2d:a7:f3:27:28:b7:e5:db:13:6c:91:0c:ff:5a:7f:a4:6a:cb: 27:4d:9c:20:7c:44:88:d1:b8:11:0d:4a:ec:ea:0f:f5:ed:1d: b7:f6:60:92:2c:25:e4:58:73:07:41:37:d5:06:1e:16:b5:b0: ec:82:36:b1:fe:63:b3:4b:b5:39:bf:a5:a9:76:9b:c7:63:0f: 5b:3e:20:e3:04:8e:b8:a9:1a:c9:0a:b8:b7:f6:67:bc:a2:7e: 33:05:25:2a:fd:59:c5:69:8d:f9:f5:2c:07:1e:dc:b3:b6:95: 0b:9b:61:59:80:7a:f3:8c:fb:08:00:fc:b5:5b:d1:68:a5:55: d5:f8:4f:2e:8c:ac:30:41:e2:3f:2d:20:5d:ba:87:24:d3:8b: 3b:03:85:33:f3:d2:b0:8b:20:1e:db:30:7c:cd:df:22:5d:92: ec:34:81:e0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICHfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0 NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yMzA5MDEx MDE1MzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQwMzdEMDJENTVDMUY1 QkM1OTRDMkMyRTcwQ0Q1ODE0QkFFMERBNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmSdO7RnxQQU7p7/4BTsWM5WPvgfmchAr1E/HWlaAvnbP8LaB1 BhSOj4r3mY0QbsGbgJumtn88eucAsLOmbfxYrTNOUBqb/fsn8C8ZDJGCSR9wHoam Dy1cjGHO6oNpbpAsflZChuPiDRLvEVYMPeALwOArpRKzABI9Znq1TODNc80HnjwW ELgVvKm7Aq9dqhJsCfxHs+Unj9JYF2SAiFdkgDRYBwgePbVBgFm5OSWoe93HG5/y dBkdvZpklBmYxxYvHiw1aMebHqmvATghcfaE2L6xWblHNcs1TS48RRpfoy3lcwpX bIYXkvaA64QOEKOp4dgoZnh9Upy/Y7RtbiaLAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU0DfQLVXB9bxZTCwucM1YFLrg2lkwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T 5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVULzBEZlFMVlhCOWJ4WlRDd3Vj TTFZRkxyZzJsay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx nsgwDQYJKoZIhvcNAQELBQADggEBAEqzoWSORwz168k192jxWOoEt88W7ERSScW1 32RYp2+zFPsSxCekOeNXL/7fM92CLqnWkaVi7z/5qRrO5TArr3tBo8Yqd9FmBaCM IyLA9XPqb6CaSQXIDklUoy2n8ycot+XbE2yRDP9af6RqyydNnCB8RIjRuBENSuzq D/XtHbf2YJIsJeRYcwdBN9UGHha1sOyCNrH+Y7NLtTm/pal2m8djD1s+IOMEjrip GskKuLf2Z7yifjMFJSr9WcVpjfn1LAce3LO2lQubYVmAevOM+wgA/LVb0WilVdX4 Ty6MrDBB4j8tIF26hyTTizsDhTPz0rCLIB7bMHzN3yJdkuw0geA= -----END CERTIFICATE-----Generated at Mon Jun 3 12:44:07 2024 by rpki-client on console-fra.rpki-client.org