$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/ZsnFLyzYvP_AWDfyRCTle9JPPmg.roa File: ZsnFLyzYvP_AWDfyRCTle9JPPmg.roa (raw, json) Hash identifier: EBeVNgHGfspqvVY+PXrTmfc+hL8NRcR181XC+4PUwaE= Subject key identifier: 66:C9:C5:2F:2C:D8:BC:FF:C0:58:37:F2:44:24:E5:7B:D2:4F:3E:68 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0C14 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ZsnFLyzYvP_AWDfyRCTle9JPPmg.roa Signing time: Fri 01 Sep 2023 09:13:57 +0000 ROA not before: Fri 01 Sep 2023 09:13:57 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131602 IP address blocks: 211.78.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 03:39:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3092 (0xc14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Sep 1 09:13:57 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=66C9C52F2CD8BCFFC05837F24424E57BD24F3E68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:8a:1a:e0:aa:0a:ed:2c:fd:64:81:64:1f:72: 00:2b:0f:78:f2:37:5b:2e:72:43:54:93:40:a9:ef: 74:5d:6a:68:ad:a0:84:93:ec:11:52:61:21:d2:31: 14:02:cf:88:1f:23:84:a1:6c:7e:d9:a1:b0:1b:2d: 65:3d:66:a4:7b:59:02:0c:9c:b0:fe:d0:8c:5a:23: d9:16:e8:14:b2:a9:7a:9e:20:ac:b9:1c:4d:bd:6e: 85:f0:2f:2a:d8:7c:13:33:17:51:2f:44:51:af:4a: 4f:fb:ee:95:67:52:2e:8a:a8:ac:51:f8:6e:0c:fa: 34:2f:65:50:aa:27:6c:9e:4d:32:f1:92:26:89:e4: d3:b0:bc:fb:af:e6:ee:2e:41:29:e6:f5:02:b0:be: f2:2e:1b:56:08:f4:82:04:06:12:e9:22:18:fe:38: e1:f2:e3:ab:23:ae:05:1a:ab:5c:11:6d:bf:3b:cd: 70:48:13:78:cf:a3:6d:2c:d6:9b:a6:1d:ef:71:e7: ca:d6:7d:72:a0:9c:7a:d8:e0:d9:cc:71:7a:6d:7b: 8a:1c:f1:a6:57:97:84:5d:77:68:ea:c8:24:a8:51: 0a:25:c9:5b:e5:7a:15:7e:9d:29:d1:13:99:18:c8: e9:c4:04:42:98:d5:a0:82:a4:4e:22:90:3d:92:a8: ce:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:C9:C5:2F:2C:D8:BC:FF:C0:58:37:F2:44:24:E5:7B:D2:4F:3E:68 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ZsnFLyzYvP_AWDfyRCTle9JPPmg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.78.4.0/22 Signature Algorithm: sha256WithRSAEncryption a7:92:aa:69:42:5d:08:b1:9d:bc:ec:08:7f:9f:01:c1:98:9d: 2d:19:62:4a:0e:52:c7:96:b2:b9:e8:5f:3d:b6:93:23:24:bd: f1:ef:4e:7a:47:5b:70:73:d9:b6:f4:fe:78:b0:ed:5b:ca:d1: dd:18:15:2e:ea:55:85:17:66:15:ed:97:ea:ef:23:cf:f0:00: 9d:34:3f:23:58:ae:43:3a:47:b2:42:df:a0:89:26:a2:2d:1e: fb:72:82:b9:9c:a9:9f:f3:06:52:71:55:8f:85:ab:b5:fe:24: c9:33:90:c0:34:28:9f:77:7d:5d:6b:69:b3:a8:5d:b6:fa:27: ea:7a:c7:27:04:48:1c:60:9d:43:09:4f:52:ea:c1:e7:d9:c6: fd:f5:96:68:b6:e5:22:d0:a6:56:d0:e5:d9:c4:ea:a2:d2:45: f1:d8:4d:50:0f:10:a8:a9:4d:fd:e8:3e:b6:41:26:22:f0:00: 35:bc:d7:53:79:dc:a8:7a:95:04:cf:97:90:3e:f7:fa:79:f1: c2:eb:31:02:ce:65:8f:38:77:74:63:d0:a6:b1:16:56:31:63: 40:b3:d3:d8:f1:fa:b3:1a:32:02:27:77:a5:66:3a:88:77:47: a2:2f:9e:53:77:0b:9b:3b:9a:70:d7:12:a9:f5:c6:84:91:78: 54:33:25:b8 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDBQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA5MDEw OTEzNTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY2QzlDNTJGMkNEOEJD RkZDMDU4MzdGMjQ0MjRFNTdCRDI0RjNFNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgihrgqgrtLP1kgWQfcgArD3jyN1suckNUk0Cp73RdamitoIST 7BFSYSHSMRQCz4gfI4ShbH7ZobAbLWU9ZqR7WQIMnLD+0IxaI9kW6BSyqXqeIKy5 HE29boXwLyrYfBMzF1EvRFGvSk/77pVnUi6KqKxR+G4M+jQvZVCqJ2yeTTLxkiaJ 5NOwvPuv5u4uQSnm9QKwvvIuG1YI9IIEBhLpIhj+OOHy46sjrgUaq1wRbb87zXBI E3jPo20s1pumHe9x58rWfXKgnHrY4NnMcXpte4oc8aZXl4Rdd2jqyCSoUQolyVvl ehV+nSnRE5kYyOnEBEKY1aCCpE4ikD2SqM55AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUZsnFLyzYvP/AWDfyRCTle9JPPmgwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1pzbkZMeXpZdlBfQVdEZnlSQ1RsZTlK UFBtZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTgQwDQYJ KoZIhvcNAQELBQADggEBAKeSqmlCXQixnbzsCH+fAcGYnS0ZYkoOUseWsrnoXz22 kyMkvfHvTnpHW3Bz2bb0/niw7VvK0d0YFS7qVYUXZhXtl+rvI8/wAJ00PyNYrkM6 R7JC36CJJqItHvtygrmcqZ/zBlJxVY+Fq7X+JMkzkMA0KJ93fV1rabOoXbb6J+p6 xycESBxgnUMJT1LqwefZxv31lmi25SLQplbQ5dnE6qLSRfHYTVAPEKipTf3oPrZB JiLwADW811N53Kh6lQTPl5A+9/p58cLrMQLOZY84d3Rj0KaxFlYxY0Cz09jx+rMa MgInd6VmOoh3R6IvnlN3C5s7mnDXEqn1xoSReFQzJbg= -----END CERTIFICATE-----Generated at Mon Jun 3 12:44:01 2024 by rpki-client on console-fra.rpki-client.org