$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/b4ckK-d3hUnMwtdtiY8N3Km4geM.roa File: b4ckK-d3hUnMwtdtiY8N3Km4geM.roa (raw, json) Hash identifier: Cu9n+K+0aAStEGbJ2LUXRf8FOPJMfVNlV9OGFMO/VAM= Subject key identifier: 6F:87:24:2B:E7:77:85:49:CC:C2:D7:6D:89:8F:0D:DC:A9:B8:81:E3 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0C00 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/b4ckK-d3hUnMwtdtiY8N3Km4geM.roa Signing time: Fri 01 Sep 2023 09:11:52 +0000 ROA not before: Fri 01 Sep 2023 09:11:52 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 9416 IP address blocks: 115.43.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Jun 2024 13:38:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3072 (0xc00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Sep 1 09:11:52 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=6F87242BE7778549CCC2D76D898F0DDCA9B881E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ea:3b:77:34:d7:5f:81:e1:a6:bb:85:27:f6: b2:86:55:e5:29:66:d4:bd:ae:00:54:01:bb:b6:7c: 2a:53:70:3b:0e:e5:c1:06:1c:3e:4c:72:41:68:e1: 6b:e6:ce:16:9b:a5:d3:94:3d:c5:5f:16:95:3d:c0: 95:5c:a1:fd:f4:25:05:e2:e5:d2:3d:4d:ea:2a:6c: 9a:93:df:fe:f7:be:53:48:5c:d5:58:6b:59:1e:20: a2:fc:bf:5d:83:77:9c:0b:6e:10:0d:da:53:c8:7d: 82:9d:c9:c7:25:3f:a8:36:b6:b8:ec:97:42:33:1a: 56:03:71:ff:95:85:d9:1f:05:9b:85:34:a3:68:41: 58:f3:09:6e:ce:b3:2c:8f:95:be:da:d2:19:a2:2c: f1:84:7c:4e:af:de:0d:5b:27:7a:82:08:b5:f8:67: 53:e1:5d:59:15:fc:e9:34:9d:76:55:74:0b:04:f3: a8:49:8f:a3:07:d6:dc:5a:c9:18:9d:5e:a2:65:1a: 66:49:9f:08:37:7d:c0:7d:4c:31:1f:8f:2e:ab:d9: 11:f3:56:b3:a0:72:4b:08:c1:1b:4b:17:9d:7c:cc: 8f:2a:fc:28:ec:6f:45:03:1a:fb:6d:21:a8:ce:af: b1:9e:77:37:1c:7f:f9:3d:ab:10:a7:13:8d:c3:b8: e9:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:87:24:2B:E7:77:85:49:CC:C2:D7:6D:89:8F:0D:DC:A9:B8:81:E3 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/b4ckK-d3hUnMwtdtiY8N3Km4geM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.43.128.0/17 Signature Algorithm: sha256WithRSAEncryption 2c:fb:bc:db:3e:77:fb:6f:1f:f8:3a:35:93:36:cf:00:60:24: 9b:7c:0f:25:71:f7:40:66:52:4d:06:26:bc:f3:19:43:47:51: 62:ad:cc:11:0b:73:4f:05:64:b1:ac:97:7a:12:7f:35:ca:3b: f3:9f:ef:63:80:c9:09:58:bb:1c:e3:61:dd:33:b6:a3:6d:da: f1:87:84:64:6a:8c:12:67:1f:25:cd:c0:f0:73:76:db:e0:8c: 07:ac:07:2c:a1:30:06:f3:ac:55:b7:55:2a:09:02:bf:cc:63: 42:7d:14:14:23:8b:a7:07:ba:45:a2:c7:9b:d6:f0:fb:f3:e3: d6:73:fd:69:4e:e4:50:ef:28:8c:d0:74:41:fd:7f:e5:f8:f5: cc:dc:ef:e0:a3:67:1e:d3:49:bd:0c:7d:0a:36:ad:99:6b:dd: c2:05:0e:89:ba:3d:af:97:1f:8b:23:75:24:1c:42:8e:5c:6e: b9:1c:04:6c:b4:a6:39:a6:c6:76:1f:32:95:e2:e7:91:c5:1f: a9:f1:7f:2b:e8:8e:79:dc:47:57:8a:3a:67:bd:56:d5:63:78: d7:06:ab:69:1f:4e:60:70:75:91:3c:96:80:17:d6:0c:98:05: 20:a3:3f:19:ae:b4:bd:70:2b:f0:df:77:1f:43:e9:1b:94:65: 38:12:a0:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDAAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMzA5MDEw OTExNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDZGODcyNDJCRTc3Nzg1 NDlDQ0MyRDc2RDg5OEYwRERDQTlCODgxRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF6jt3NNdfgeGmu4Un9rKGVeUpZtS9rgBUAbu2fCpTcDsO5cEG HD5MckFo4WvmzhabpdOUPcVfFpU9wJVcof30JQXi5dI9TeoqbJqT3/73vlNIXNVY a1keIKL8v12Dd5wLbhAN2lPIfYKdycclP6g2trjsl0IzGlYDcf+VhdkfBZuFNKNo QVjzCW7OsyyPlb7a0hmiLPGEfE6v3g1bJ3qCCLX4Z1PhXVkV/Ok0nXZVdAsE86hJ j6MH1txayRidXqJlGmZJnwg3fcB9TDEfjy6r2RHzVrOgcksIwRtLF518zI8q/Cjs b0UDGvttIajOr7Gedzccf/k9qxCnE43DuOl1AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUb4ckK+d3hUnMwtdtiY8N3Km4geMwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2I0Y2tLLWQzaFVuTXd0ZHRp WThOM0ttNGdlTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAdz K4AwDQYJKoZIhvcNAQELBQADggEBACz7vNs+d/tvH/g6NZM2zwBgJJt8DyVx90Bm Uk0GJrzzGUNHUWKtzBELc08FZLGsl3oSfzXKO/Of72OAyQlYuxzjYd0ztqNt2vGH hGRqjBJnHyXNwPBzdtvgjAesByyhMAbzrFW3VSoJAr/MY0J9FBQji6cHukWix5vW 8Pvz49Zz/WlO5FDvKIzQdEH9f+X49czc7+CjZx7TSb0MfQo2rZlr3cIFDom6Pa+X H4sjdSQcQo5cbrkcBGy0pjmmxnYfMpXi55HFH6nxfyvojnncR1eKOme9VtVjeNcG q2kfTmBwdZE8loAX1gyYBSCjPxmutL1wK/Dfdx9D6RuUZTgSoCQ= -----END CERTIFICATE-----Generated at Sun Jun 2 09:37:16 2024 by rpki-client on console-ams.rpki-client.org