$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/stczqrTGZ2c_sObLfCz8folcXEM.roa File: stczqrTGZ2c_sObLfCz8folcXEM.roa (raw, json) Hash identifier: vrHE8FXS8kwvj5Sl8ZyVC3wlLIHz31nCTTCYHoSCImU= Subject key identifier: B2:D7:33:AA:B4:C6:67:67:3F:B0:E6:CB:7C:2C:FC:7E:89:5C:5C:43 Certificate issuer: /CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Certificate serial: 0AE2 Authority key identifier: 75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/stczqrTGZ2c_sObLfCz8folcXEM.roa Signing time: Fri 01 Sep 2023 08:30:16 +0000 ROA not before: Fri 01 Sep 2023 08:30:16 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131143 IP address blocks: 2405:3300::/32 maxlen: 96 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 02:54:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2786 (0xae2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Validity Not Before: Sep 1 08:30:16 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=B2D733AAB4C667673FB0E6CB7C2CFC7E895C5C43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:cb:bc:52:66:1e:df:e6:00:a0:ee:f1:a3:ed: 31:04:70:cb:72:2b:3c:22:85:93:b2:6b:03:74:5e: 8e:e4:74:41:3d:4d:73:17:33:c8:b4:1b:36:e7:c2: a0:a0:a5:45:cb:32:56:f9:cc:0f:5f:d3:af:1a:cd: a5:b1:74:7c:fe:b1:4f:07:3a:b9:b8:3b:03:18:60: 9c:ee:b0:48:a5:a7:ed:66:aa:5e:3f:fb:fa:2f:2d: c3:0f:d9:27:ef:63:2c:68:8b:a9:bc:07:bd:95:7a: 3f:c6:d7:06:e5:5b:6a:1c:98:98:d5:15:8e:1f:9c: 45:f5:3f:5f:18:15:2e:c5:bc:14:a0:ca:34:75:2d: 3c:ec:32:1e:b8:61:60:d6:95:77:fd:64:bb:75:37: a2:15:88:24:13:4a:66:97:39:32:f1:0d:a9:f3:ab: 81:13:3a:65:6d:b8:d7:e1:b8:c5:2b:d1:35:45:d6: 5f:a7:b0:0a:c4:db:ed:2a:99:c0:ee:79:88:86:5f: 32:5c:a6:61:aa:18:81:17:52:16:ee:94:10:ab:c4: b0:af:3d:33:9f:d3:cd:41:d6:86:13:73:b4:60:09: 24:9b:c3:df:2c:5f:d6:1c:94:c8:2e:81:72:1d:24: 61:03:26:ca:68:89:f8:2a:9f:bb:34:1d:d3:c4:67: dc:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:D7:33:AA:B4:C6:67:67:3F:B0:E6:CB:7C:2C:FC:7E:89:5C:5C:43 X509v3 Authority Key Identifier: keyid:75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/stczqrTGZ2c_sObLfCz8folcXEM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:3300::/32 Signature Algorithm: sha256WithRSAEncryption 78:f8:f6:40:58:8c:01:51:d2:3f:36:22:13:37:3b:5c:59:24: 8b:22:15:00:65:e2:69:49:e3:d8:75:ce:68:09:a3:07:b5:c5: f0:6f:06:b1:7f:69:3d:8e:c9:76:46:16:9f:a4:32:28:25:b3: 47:16:d5:de:6e:3d:2e:04:11:40:62:60:63:cc:8e:8a:e5:ed: 89:a4:f4:c4:f7:23:1d:2e:43:c2:df:83:be:2e:a3:b8:05:44: 14:fe:7b:e3:a2:23:62:81:5b:79:33:d0:7f:a6:e0:4a:6c:45: a6:67:50:1d:cd:54:a7:f2:55:4c:14:75:93:1e:23:f8:2c:65: 77:c2:84:35:b4:8b:b1:f1:10:09:54:7e:ac:f5:21:fc:72:77: b3:10:a0:ee:2e:6a:19:38:9e:c9:82:fe:c7:8c:b9:62:5d:cd: e9:d4:4f:67:f3:8b:5b:de:5c:fa:cb:a3:c7:2b:c9:2f:c8:e2: 57:3b:25:83:31:df:7e:bb:08:eb:20:72:56:05:63:ac:b7:4c: 2a:1c:8a:d9:ea:44:17:65:18:37:cc:61:9a:fa:69:c2:b2:f7: 24:14:06:3f:28:7b:4f:1c:fa:ae:89:99:a8:bd:a9:9d:b1:13: a9:84:e8:16:ec:7a:27:80:ab:14:92:82:b4:32:6b:fe:37:d0: 20:de:d8:e3 -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICCuIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC RDkzMEM3NDVEMjNFOUVBNTg1QzA0RDZCOTlGOTVBOTYzMjJFNTAeFw0yMzA5MDEw ODMwMTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEIyRDczM0FBQjRDNjY3 NjczRkIwRTZDQjdDMkNGQzdFODk1QzVDNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWy7xSZh7f5gCg7vGj7TEEcMtyKzwihZOyawN0Xo7kdEE9TXMX M8i0GzbnwqCgpUXLMlb5zA9f068azaWxdHz+sU8HOrm4OwMYYJzusEilp+1mql4/ +/ovLcMP2SfvYyxoi6m8B72Vej/G1wblW2ocmJjVFY4fnEX1P18YFS7FvBSgyjR1 LTzsMh64YWDWlXf9ZLt1N6IViCQTSmaXOTLxDanzq4ETOmVtuNfhuMUr0TVF1l+n sArE2+0qmcDueYiGXzJcpmGqGIEXUhbulBCrxLCvPTOf081B1oYTc7RgCSSbw98s X9YclMgugXIdJGEDJspoifgqn7s0HdPEZ9wtAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQUstczqrTGZ2c/sObLfCz8folcXEMwHwYDVR0jBBgwFoAUdb2TDHRdI+nqWFwE 1rmflaljIuUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU UlVTVC9kYjJUREhSZEktbnFXRndFMXJtZmxhbGpJdVUuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL2RiMlRESFJkSS1ucVdGd0Uxcm1mbGFsakl1VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISU5BVFJVU1Qvc3RjenFyVEda MmNfc09iTGZDejhmb2xjWEVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC AAIwBwMFACQFMwAwDQYJKoZIhvcNAQELBQADggEBAHj49kBYjAFR0j82IhM3O1xZ JIsiFQBl4mlJ49h1zmgJowe1xfBvBrF/aT2OyXZGFp+kMigls0cW1d5uPS4EEUBi YGPMjorl7Ymk9MT3Ix0uQ8Lfg74uo7gFRBT+e+OiI2KBW3kz0H+m4EpsRaZnUB3N VKfyVUwUdZMeI/gsZXfChDW0i7HxEAlUfqz1Ifxyd7MQoO4uahk4nsmC/seMuWJd zenUT2fzi1veXPrLo8cryS/I4lc7JYMx3367COsgclYFY6y3TCocitnqRBdlGDfM YZr6acKy9yQUBj8oe08c+q6Jmai9qZ2xE6mE6BbseieAqxSSgrQya/430CDe2OM= -----END CERTIFICATE-----Generated at Mon Jun 3 02:57:38 2024 by rpki-client on console-fra.rpki-client.org