$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/0kzjgDLI0fogXGtOw_Md5f3rJSI.roa File: 0kzjgDLI0fogXGtOw_Md5f3rJSI.roa (raw, json) Hash identifier: yMMK4y/FNuAjXcHuxW+19VXOQ503CI86zQoXSCO/vHg= Subject key identifier: D2:4C:E3:80:32:C8:D1:FA:20:5C:6B:4E:C3:F3:1D:E5:FD:EB:25:22 Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Certificate serial: 0AFF Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/0kzjgDLI0fogXGtOw_Md5f3rJSI.roa Signing time: Fri 01 Sep 2023 08:30:45 +0000 ROA not before: Fri 01 Sep 2023 08:30:45 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131629 IP address blocks: 103.119.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Jun 2024 13:38:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2815 (0xaff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Validity Not Before: Sep 1 08:30:45 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D24CE38032C8D1FA205C6B4EC3F31DE5FDEB2522 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:6f:b9:88:6b:c5:ec:fc:57:04:12:c5:1c:28: 8c:84:9d:a1:38:4c:8c:02:3c:34:e5:e3:3f:d5:07: bf:35:c5:03:e9:9a:e9:18:2a:9f:66:f0:0c:3f:74: 48:47:cb:31:a8:dc:0a:78:d1:38:26:15:5f:21:f8: a4:d9:27:51:90:89:4c:68:f9:cb:41:f1:30:2f:05: ac:0b:09:4d:16:65:cb:12:0e:d1:80:5c:42:62:53: 22:67:83:80:ba:70:bb:f0:af:93:3d:67:5e:09:07: 6c:ee:eb:99:6b:87:4f:ae:dd:80:c7:1b:45:3e:b9: c8:5b:d3:e4:b6:11:bd:60:db:e9:9d:9d:f0:a0:8c: 55:6b:b2:cd:ce:81:19:96:a8:8e:d6:ab:ee:2f:cf: b0:f2:12:44:c3:50:9a:f8:86:5e:ec:53:bf:31:a4: cf:5d:b2:1a:09:10:bf:9e:9b:56:4d:e5:78:a2:2f: 64:d6:f5:f3:ac:d7:05:16:c7:27:96:c8:12:ea:02: 2b:c8:bb:4e:bf:f3:37:b0:91:9b:97:a1:95:71:4e: 97:e4:6c:1e:96:ee:d9:5a:3e:9c:80:ef:22:67:2b: 9e:d2:cd:0e:e7:06:f1:3c:93:7b:2b:1c:84:71:d0: 49:54:68:4f:df:19:13:ec:cb:49:b8:9f:aa:38:d7: d7:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:4C:E3:80:32:C8:D1:FA:20:5C:6B:4E:C3:F3:1D:E5:FD:EB:25:22 X509v3 Authority Key Identifier: keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/0kzjgDLI0fogXGtOw_Md5f3rJSI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.212.0/22 Signature Algorithm: sha256WithRSAEncryption b7:18:4f:43:62:98:84:db:e8:ec:f6:9c:3f:be:af:bf:b7:ea: df:5f:e9:8b:e9:b9:49:65:4f:59:82:83:9a:ff:38:6a:fe:15: 1e:46:0a:79:7a:ac:aa:46:08:41:de:b0:72:34:4d:36:43:ce: 5a:e9:ba:60:16:6a:8e:43:97:e1:ec:8e:6c:83:57:60:d5:22: 28:a7:e2:93:2a:46:dc:e8:b8:5b:f8:be:68:0f:82:aa:03:fd: 6f:fa:50:6d:6f:80:31:99:e4:57:6c:f0:dd:a4:bd:b3:80:66: b0:12:e5:fd:73:b5:34:e2:a4:ed:fe:d7:06:f6:26:2c:02:74: c4:6c:76:ac:67:df:69:03:0d:cc:5a:23:a3:5c:d6:29:60:06: 1b:7f:ec:e3:e0:9d:8e:92:a7:e5:84:6d:94:61:df:4f:81:1d: 43:27:37:3f:88:e8:f7:49:76:19:38:f2:cb:c8:f1:90:9b:ae: 1d:88:5f:cd:4e:9a:ef:5b:be:e2:b9:74:20:c4:d3:04:c3:ed: e9:ec:7c:5e:45:00:a9:36:9d:2c:0e:d1:48:cd:d9:2c:32:a3: 79:91:9b:f8:08:64:ac:14:e9:3b:2d:9a:59:1b:6b:c6:36:24: f1:97:52:99:3c:ce:66:90:ca:35:80:4d:2d:2b:3e:f6:fa:1e: 30:9b:36:78 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICCv8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yMzA5MDEw ODMwNDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQyNENFMzgwMzJDOEQx RkEyMDVDNkI0RUMzRjMxREU1RkRFQjI1MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEb7mIa8Xs/FcEEsUcKIyEnaE4TIwCPDTl4z/VB781xQPpmukY Kp9m8Aw/dEhHyzGo3Ap40TgmFV8h+KTZJ1GQiUxo+ctB8TAvBawLCU0WZcsSDtGA XEJiUyJng4C6cLvwr5M9Z14JB2zu65lrh0+u3YDHG0U+uchb0+S2Eb1g2+mdnfCg jFVrss3OgRmWqI7Wq+4vz7DyEkTDUJr4hl7sU78xpM9dshoJEL+em1ZN5XiiL2TW 9fOs1wUWxyeWyBLqAivIu06/8zewkZuXoZVxTpfkbB6W7tlaPpyA7yJnK57SzQ7n BvE8k3srHIRx0ElUaE/fGRPsy0m4n6o419efAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU0kzjgDLI0fogXGtOw/Md5f3rJSIwHwYDVR0jBBgwFoAUXNEK1bakd108UE1m EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvMGt6amdETEkwZm9nWEd0 T3dfTWQ1ZjNySlNJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME Amd31DANBgkqhkiG9w0BAQsFAAOCAQEAtxhPQ2KYhNvo7PacP76vv7fq31/pi+m5 SWVPWYKDmv84av4VHkYKeXqsqkYIQd6wcjRNNkPOWum6YBZqjkOX4eyObINXYNUi KKfikypG3Oi4W/i+aA+CqgP9b/pQbW+AMZnkV2zw3aS9s4BmsBLl/XO1NOKk7f7X BvYmLAJ0xGx2rGffaQMNzFojo1zWKWAGG3/s4+CdjpKn5YRtlGHfT4EdQyc3P4jo 90l2GTjyy8jxkJuuHYhfzU6a71u+4rl0IMTTBMPt6ex8XkUAqTadLA7RSM3ZLDKj eZGb+AhkrBTpOy2aWRtrxjYk8ZdSmTzOZpDKNYBNLSs+9voeMJs2eA== -----END CERTIFICATE-----Generated at Sun Jun 2 09:37:05 2024 by rpki-client on console-ams.rpki-client.org