$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/ZYJKDcP3qx7eSDIGlSd5PRbHlRE.roa File: ZYJKDcP3qx7eSDIGlSd5PRbHlRE.roa (raw, json) Hash identifier: TJwNbDD21a7HmWKW7YV2IYPEga3WqYfkPrVTugO1YB8= Subject key identifier: 65:82:4A:0D:C3:F7:AB:1E:DE:48:32:06:95:27:79:3D:16:C7:95:11 Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Certificate serial: 0CB2 Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/ZYJKDcP3qx7eSDIGlSd5PRbHlRE.roa Signing time: Mon 26 Aug 2024 05:19:28 +0000 ROA not before: Mon 26 Aug 2024 05:19:28 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18042 IP address blocks: 2400:df40::/32 maxlen: 56 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Sep 2024 03:51:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3250 (0xcb2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Validity Not Before: Aug 26 05:19:28 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=65824A0DC3F7AB1EDE4832069527793D16C79511 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:b9:af:90:95:ae:a5:13:1e:60:0e:e6:f0:a5: b8:57:d3:2c:2c:dd:9c:fe:1d:ea:90:ee:2f:03:51: 66:6f:f1:b4:fb:23:87:ae:c1:14:ce:ce:b9:d1:47: 94:0e:aa:d7:39:af:3a:1f:ae:24:35:e9:49:6b:02: f3:77:72:36:58:94:bf:81:8d:03:27:6c:08:73:26: 9f:87:d5:74:a4:b6:31:8c:0a:8f:95:da:ac:ea:03: 77:f3:22:a0:9a:e0:dd:c1:ed:75:71:15:39:0d:d2: 47:04:fc:83:c9:dc:fc:37:2d:3a:37:c5:57:f2:90: 31:82:ec:ae:91:fc:11:7b:02:0a:c3:aa:24:c5:7e: f5:95:f9:9d:33:a0:2a:87:74:51:3a:b7:fb:9d:75: 81:c8:db:7b:e0:11:fc:2f:95:2e:88:f1:11:11:8b: a5:a6:e8:b4:2e:7a:53:bf:d9:bb:da:14:2d:25:16: cc:07:55:5b:82:e1:34:00:dd:a6:5d:23:d6:8b:18: d3:e3:23:c5:99:01:b1:d9:cf:7d:b4:9c:d9:ee:d2: cc:5b:3c:c4:ec:03:25:74:49:bc:9e:b9:93:d1:67: 02:24:00:b7:bc:92:75:50:73:b4:81:11:90:72:e5: e1:aa:86:45:4d:45:9e:5f:11:37:21:f3:7d:59:cd: 62:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:82:4A:0D:C3:F7:AB:1E:DE:48:32:06:95:27:79:3D:16:C7:95:11 X509v3 Authority Key Identifier: keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/ZYJKDcP3qx7eSDIGlSd5PRbHlRE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:df40::/32 Signature Algorithm: sha256WithRSAEncryption 1c:14:2f:7d:84:61:b6:8d:ec:6e:a4:93:47:6d:01:91:c8:a8: 06:1b:18:dc:d4:a4:5a:21:38:0b:6f:bf:40:00:51:0b:28:27: c6:47:54:ff:f6:00:fe:81:a5:7b:a7:5b:1c:a9:c7:55:1f:95: 51:ec:a2:5c:4c:4a:eb:8e:48:56:6c:1f:ae:77:40:4a:6b:da: d8:34:bd:d4:3b:53:bc:6b:2e:d0:aa:83:7f:b6:0b:64:80:12: 54:02:2f:50:cb:5e:e6:77:9f:d0:d8:88:c0:a8:9e:65:b9:68: 22:9a:f6:19:8a:62:23:84:95:76:b3:5d:1a:0b:c5:b7:18:8a: 22:f7:37:e4:44:a8:6f:7e:90:7e:af:da:54:09:d8:e4:ff:68: 72:3b:8c:23:e3:4c:57:c4:68:a4:4a:b8:19:60:6b:5f:89:1d: 57:74:9e:2c:ef:97:3a:73:96:74:d8:b4:77:0d:8d:1f:37:8b: b5:2c:89:25:85:35:b0:b3:c8:cd:eb:87:16:9c:f5:31:ee:b8: 1b:17:25:0f:1d:fc:8c:a3:77:45:a1:1d:44:c0:1c:4d:52:ac: e4:94:aa:59:ab:08:1b:91:bc:a7:e2:d3:65:92:de:e4:53:d5: 0e:c6:c0:f9:89:b4:69:c5:9f:59:82:bf:5c:f2:0e:b5:1d:7c: 36:a9:d0:11 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICDLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNDA4MjYw NTE5MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY1ODI0QTBEQzNGN0FC MUVERTQ4MzIwNjk1Mjc3OTNEMTZDNzk1MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGua+Qla6lEx5gDubwpbhX0yws3Zz+HeqQ7i8DUWZv8bT7I4eu wRTOzrnRR5QOqtc5rzofriQ16UlrAvN3cjZYlL+BjQMnbAhzJp+H1XSktjGMCo+V 2qzqA3fzIqCa4N3B7XVxFTkN0kcE/IPJ3Pw3LTo3xVfykDGC7K6R/BF7AgrDqiTF fvWV+Z0zoCqHdFE6t/uddYHI23vgEfwvlS6I8RERi6Wm6LQuelO/2bvaFC0lFswH VVuC4TQA3aZdI9aLGNPjI8WZAbHZz320nNnu0sxbPMTsAyV0SbyeuZPRZwIkALe8 knVQc7SBEZBy5eGqhkVNRZ5fETch831ZzWIjAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUZYJKDcP3qx7eSDIGlSd5PRbHlREwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1pZSktEY1AzcXg3ZVNESUdsU2Q1UFJi SGxSRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAN9AMA0G CSqGSIb3DQEBCwUAA4IBAQAcFC99hGG2jexupJNHbQGRyKgGGxjc1KRaITgLb79A AFELKCfGR1T/9gD+gaV7p1scqcdVH5VR7KJcTErrjkhWbB+ud0BKa9rYNL3UO1O8 ay7QqoN/tgtkgBJUAi9Qy17md5/Q2IjAqJ5luWgimvYZimIjhJV2s10aC8W3GIoi 9zfkRKhvfpB+r9pUCdjk/2hyO4wj40xXxGikSrgZYGtfiR1XdJ4s75c6c5Z02LR3 DY0fN4u1LIklhTWws8jN64cWnPUx7rgbFyUPHfyMo3dFoR1EwBxNUqzklKpZqwgb kbyn4tNlkt7kU9UOxsD5ibRpxZ9Zgr9c8g61HXw2qdAR -----END CERTIFICATE-----Generated at Fri Sep 27 23:36:46 2024 by rpki-client on console-fra.rpki-client.org