$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/DzjbAuH0bl2w3EvIS3verodCD3Y.roa File: DzjbAuH0bl2w3EvIS3verodCD3Y.roa (raw, json) Hash identifier: C3ljFjCi6y/2H2T7IPaQA44FoxAp7Ys93+CAGL0W2/I= Subject key identifier: 0F:38:DB:02:E1:F4:6E:5D:B0:DC:4B:C8:4B:7B:DE:AE:87:42:0F:76 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0D14 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/DzjbAuH0bl2w3EvIS3verodCD3Y.roa Signing time: Mon 26 Aug 2024 05:19:33 +0000 ROA not before: Mon 26 Aug 2024 05:19:33 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 18042 IP address blocks: 119.14.0.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Sep 2024 03:51:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3348 (0xd14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 26 05:19:33 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0F38DB02E1F46E5DB0DC4BC84B7BDEAE87420F76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ae:d5:eb:f3:65:06:67:ed:d0:7f:c9:14:bd: 57:d7:d5:02:1e:30:78:cc:55:e0:c5:81:a0:96:0e: a5:b6:47:09:14:a2:ad:b6:f6:dd:ab:92:8c:43:e4: 39:b3:bb:22:42:b3:8d:09:95:1b:31:ec:6f:aa:28: 2d:43:b3:35:ae:04:7d:6d:e6:d5:26:a4:78:e2:17: 84:a9:e8:d1:c4:14:76:4f:c9:13:09:7d:b6:d3:96: fe:f0:bf:86:5c:ef:8b:da:bb:b4:28:db:c6:a7:9e: b1:4d:0d:14:63:78:e2:d9:ea:dd:77:ae:26:bc:39: ea:f4:e5:f1:f1:49:26:b3:1a:27:6e:7f:20:53:18: 0e:96:c6:05:01:45:d5:fb:55:33:91:f4:b9:62:e2: d8:60:5a:1a:19:14:58:9a:e9:13:87:a6:43:37:a6: 42:65:aa:43:69:f1:39:19:a5:7f:6b:73:a1:1e:39: 72:10:f9:53:db:ad:d3:0a:a3:36:5b:5a:c0:f9:fe: 05:a2:fd:d9:3c:7f:f4:9b:7e:34:76:c2:87:d6:6f: 22:af:34:16:9e:50:a8:d4:05:a4:69:e9:4e:dd:6b: 24:4b:56:20:8e:3c:0a:30:27:a5:83:88:7c:8d:dc: 4c:31:e4:d1:70:f4:d2:98:49:a9:37:ff:34:8c:26: a3:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:38:DB:02:E1:F4:6E:5D:B0:DC:4B:C8:4B:7B:DE:AE:87:42:0F:76 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/DzjbAuH0bl2w3EvIS3verodCD3Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.14.0.0/17 Signature Algorithm: sha256WithRSAEncryption 05:3b:0c:72:74:f7:9d:11:ed:61:cf:31:0d:dd:b0:51:e0:6c: bd:c3:53:fd:d7:06:e3:8a:44:d9:52:40:30:19:c5:ba:ab:a3: 0e:e9:0e:93:b5:f8:f9:1f:13:cd:21:b5:7b:57:d4:48:3c:d9: 0f:16:5e:3d:55:09:14:75:60:35:4e:7b:2d:46:91:53:fb:bf: 6c:c6:de:63:65:81:58:48:90:e8:84:9e:85:a6:91:dd:4e:4e: 2a:a8:08:b0:d0:7e:93:40:3b:6a:6f:23:c4:ca:1e:9f:42:cb: 98:1b:0f:05:5c:99:ca:5b:ce:fc:f9:69:f2:06:eb:6b:1b:97: d5:f7:b3:a3:49:f3:e8:db:68:35:5b:63:40:a2:49:24:f6:e8: 83:65:a9:bc:4a:41:ee:87:27:46:9b:7d:d8:4f:16:1a:81:52: 4c:bc:4a:18:c1:98:b0:27:9b:41:e4:bd:b4:1a:2a:4b:ce:4e: 08:5a:03:49:9b:d4:e0:77:e0:e3:98:3a:e2:80:8a:c5:8a:e2: c4:e0:82:88:64:ee:d3:a9:48:04:2b:fc:88:fb:d4:f0:f6:cc: 0d:cc:85:e9:91:3a:08:47:a3:f3:de:bc:de:b9:73:4a:3f:f1: ab:00:d5:44:c9:f9:cd:72:5d:ac:79:3d:cf:2f:61:53:31:b2: d6:6c:25:2b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDRQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNDA4MjYw NTE5MzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBGMzhEQjAyRTFGNDZF NURCMERDNEJDODRCN0JERUFFODc0MjBGNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDertXr82UGZ+3Qf8kUvVfX1QIeMHjMVeDFgaCWDqW2RwkUoq22 9t2rkoxD5DmzuyJCs40JlRsx7G+qKC1DszWuBH1t5tUmpHjiF4Sp6NHEFHZPyRMJ fbbTlv7wv4Zc74vau7Qo28annrFNDRRjeOLZ6t13ria8Oer05fHxSSazGidufyBT GA6WxgUBRdX7VTOR9Lli4thgWhoZFFia6ROHpkM3pkJlqkNp8TkZpX9rc6EeOXIQ +VPbrdMKozZbWsD5/gWi/dk8f/SbfjR2wofWbyKvNBaeUKjUBaRp6U7dayRLViCO PAowJ6WDiHyN3Ewx5NFw9NKYSak3/zSMJqNpAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUDzjbAuH0bl2w3EvIS3verodCD3YwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL0R6amJBdUgwYmwydzNFdklT M3Zlcm9kQ0QzWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd3 DgAwDQYJKoZIhvcNAQELBQADggEBAAU7DHJ0950R7WHPMQ3dsFHgbL3DU/3XBuOK RNlSQDAZxbqrow7pDpO1+PkfE80htXtX1Eg82Q8WXj1VCRR1YDVOey1GkVP7v2zG 3mNlgVhIkOiEnoWmkd1OTiqoCLDQfpNAO2pvI8TKHp9Cy5gbDwVcmcpbzvz5afIG 62sbl9X3s6NJ8+jbaDVbY0CiSST26INlqbxKQe6HJ0abfdhPFhqBUky8ShjBmLAn m0HkvbQaKkvOTghaA0mb1OB34OOYOuKAisWK4sTggohk7tOpSAQr/Ij71PD2zA3M hemROghHo/PevN65c0o/8asA1UTJ+c1yXax5Pc8vYVMxstZsJSs= -----END CERTIFICATE-----Generated at Fri Sep 27 23:36:46 2024 by rpki-client on console-fra.rpki-client.org