$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/KVM9WYBYY7lAk8pfrjwhl8X2uuA.roa File: KVM9WYBYY7lAk8pfrjwhl8X2uuA.roa (raw, json) Hash identifier: 892Cm3n0iksl1YphuiUPU8nlwz6TaVfvIlaAKTbkvi4= Subject key identifier: 29:53:3D:59:80:58:63:B9:40:93:CA:5F:AE:3C:21:97:C5:F6:BA:E0 Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C Certificate serial: 0678 Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/KVM9WYBYY7lAk8pfrjwhl8X2uuA.roa Signing time: Mon 26 Aug 2024 05:18:40 +0000 ROA not before: Mon 26 Aug 2024 05:18:40 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 9678 IP address blocks: 2401:95c0::/36 maxlen: 36 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1656 (0x678) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C Validity Not Before: Aug 26 05:18:40 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=29533D59805863B94093CA5FAE3C2197C5F6BAE0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e2:65:e3:f8:46:2b:d4:c5:7b:4e:96:49:07: 77:67:f3:4e:82:8b:e7:ee:23:2b:b5:28:68:10:25: 12:cd:75:f6:2a:52:d2:07:76:ac:cb:4a:a2:41:99: bd:3c:f1:ea:a4:87:e4:49:43:91:13:fb:02:b7:5b: 13:cf:76:68:19:0b:70:8f:ad:d0:f6:63:99:0c:55: f7:c9:29:7c:0d:f5:ee:2a:42:f2:0c:2a:2c:b6:7a: 0e:c7:bf:8d:a1:a2:48:47:c9:1a:e1:6b:3a:8b:9e: 72:e5:28:b5:50:e3:c4:d9:bd:36:c3:a1:e0:d3:05: 16:94:47:3f:36:09:f2:bf:49:5c:4b:f9:ed:3c:3e: fd:1b:e8:e1:e8:c3:06:8b:80:a8:fe:20:3a:1c:cb: 6b:f5:48:7d:60:59:54:a2:bd:3f:23:7a:df:96:b8: 74:40:87:55:a5:70:6f:f8:3a:2f:9d:97:ea:c0:37: 73:e3:df:39:87:95:af:79:d9:9b:ae:26:48:5a:f3: eb:77:c2:ec:27:89:99:d7:00:b9:f3:b9:1f:fc:82: 5d:cc:70:93:a4:3d:d4:4f:09:33:14:b3:59:32:77: 4a:04:2e:77:aa:b4:94:c1:cb:46:34:85:ca:7d:ea: f7:66:54:e4:dd:dd:97:e4:75:14:4b:54:e2:d2:c1: 70:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:53:3D:59:80:58:63:B9:40:93:CA:5F:AE:3C:21:97:C5:F6:BA:E0 X509v3 Authority Key Identifier: keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/KVM9WYBYY7lAk8pfrjwhl8X2uuA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:95c0::/36 Signature Algorithm: sha256WithRSAEncryption b5:3a:da:79:9b:56:f8:b5:17:25:e6:55:90:00:a2:8d:70:ec: c9:68:5c:4c:f2:a7:80:16:49:60:7d:f6:5e:f1:a8:ac:a3:46: db:9d:fc:b8:31:5f:49:c2:91:57:6d:c5:ab:a4:fd:ec:40:b4: 8c:3e:28:a2:ff:01:46:04:85:03:af:cb:35:af:da:13:b3:f0: 61:f5:8a:7d:db:2b:c3:5b:f7:e1:3b:aa:e4:cb:2d:c5:9d:2a: f6:09:62:17:6d:28:43:b6:29:bd:a2:d7:f3:8d:10:84:6e:0b: 13:53:79:61:9c:1b:37:44:dc:bb:98:25:ea:b2:b4:2d:d1:be: 44:5c:4f:91:c0:48:37:fb:8c:aa:eb:b1:a4:b6:17:26:42:00: 31:b4:a3:f1:7b:85:7f:6c:3e:d3:5e:9f:49:b4:cd:1e:e7:9d: 24:83:c3:b6:49:d3:ad:7e:38:3b:cf:f8:3d:9a:e1:c7:b4:e1: 8a:b0:5d:4c:54:0a:3a:95:e5:3b:b9:da:fb:1b:e3:b0:a1:c3: d3:59:fd:51:1d:ba:eb:14:10:92:25:c0:d3:57:37:b4:ae:49: 4a:66:61:53:cc:fd:e3:ba:90:1d:b2:8a:22:a8:0c:25:5a:b2: b9:a5:e2:4d:b4:a2:a4:70:85:c9:89:ea:84:4c:7d:d4:b5:e3: 66:b7:10:4c -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICBngwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yNDA4MjYw NTE4NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5NTMzRDU5ODA1ODYz Qjk0MDkzQ0E1RkFFM0MyMTk3QzVGNkJBRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCr4mXj+EYr1MV7TpZJB3dn806Ci+fuIyu1KGgQJRLNdfYqUtIH dqzLSqJBmb088eqkh+RJQ5ET+wK3WxPPdmgZC3CPrdD2Y5kMVffJKXwN9e4qQvIM Kiy2eg7Hv42hokhHyRrhazqLnnLlKLVQ48TZvTbDoeDTBRaURz82CfK/SVxL+e08 Pv0b6OHowwaLgKj+IDocy2v1SH1gWVSivT8jet+WuHRAh1WlcG/4Oi+dl+rAN3Pj 3zmHla952ZuuJkha8+t3wuwniZnXALnzuR/8gl3McJOkPdRPCTMUs1kyd0oELneq tJTBy0Y0hcp96vdmVOTd3ZfkdRRLVOLSwXABAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUKVM9WYBYY7lAk8pfrjwhl8X2uuAwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL0tWTTlXWUJZWTdsQWs4cGZy andobDhYMnV1QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQk AZXAADANBgkqhkiG9w0BAQsFAAOCAQEAtTraeZtW+LUXJeZVkACijXDsyWhcTPKn gBZJYH32XvGorKNG2538uDFfScKRV23Fq6T97EC0jD4oov8BRgSFA6/LNa/aE7Pw YfWKfdsrw1v34Tuq5MstxZ0q9gliF20oQ7YpvaLX840QhG4LE1N5YZwbN0Tcu5gl 6rK0LdG+RFxPkcBIN/uMquuxpLYXJkIAMbSj8XuFf2w+016fSbTNHuedJIPDtknT rX44O8/4PZrhx7ThirBdTFQKOpXlO7na+xvjsKHD01n9UR266xQQkiXA01c3tK5J SmZhU8z947qQHbKKIqgMJVqyuaXiTbSipHCFyYnqhEx91LXjZrcQTA== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:51 2024 by rpki-client on console-fra.rpki-client.org