$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/ZKyJhhvG1JZTrBZ9fBS1dDtl0RM.roa File: ZKyJhhvG1JZTrBZ9fBS1dDtl0RM.roa (raw, json) Hash identifier: nvAF4Il7L4bme5kl5PmbUEVWuK2xlckGmfdQRiUPXTc= Subject key identifier: 64:AC:89:86:1B:C6:D4:96:53:AC:16:7D:7C:14:B5:74:3B:65:D1:13 Certificate issuer: /CN=EDC0457A140B2D436CE7FAE67D8491CFFC6E7F3E Certificate serial: 0AE3 Authority key identifier: ED:C0:45:7A:14:0B:2D:43:6C:E7:FA:E6:7D:84:91:CF:FC:6E:7F:3E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7cBFehQLLUNs5_rmfYSRz_xufz4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/ZKyJhhvG1JZTrBZ9fBS1dDtl0RM.roa Signing time: Fri 01 Sep 2023 09:16:01 +0000 ROA not before: Fri 01 Sep 2023 09:16:01 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 9676 IP address blocks: 103.123.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/7cBFehQLLUNs5_rmfYSRz_xufz4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/7cBFehQLLUNs5_rmfYSRz_xufz4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/7cBFehQLLUNs5_rmfYSRz_xufz4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 03:44:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2787 (0xae3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EDC0457A140B2D436CE7FAE67D8491CFFC6E7F3E Validity Not Before: Sep 1 09:16:01 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=64AC89861BC6D49653AC167D7C14B5743B65D113 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:6b:be:16:53:87:21:a7:9f:b5:02:0d:11:c9: 7c:8a:7c:10:eb:04:e7:76:37:5e:e1:cc:4a:87:3b: b0:ef:01:c1:aa:d6:9e:32:32:b5:0c:2a:57:08:51: b4:e2:56:38:6f:4c:68:3f:89:d7:e1:92:9d:70:10: e1:1d:88:6d:cb:01:91:fa:da:ac:62:cd:44:3c:fd: 73:b6:de:0f:e3:c3:83:7e:73:40:f1:5f:5a:92:31: 64:ad:b5:0d:02:04:96:a1:71:db:0f:3f:5d:4e:84: 30:0b:ed:23:4f:89:1a:69:c9:34:52:6a:e3:8f:d5: 46:54:8d:a5:42:a8:9e:5b:05:63:e6:b0:83:d4:9c: 18:f3:47:39:ad:61:86:59:a6:3e:15:05:97:54:5f: 92:66:8e:5a:5d:36:51:99:f0:71:48:79:eb:01:f7: 43:f1:cb:c3:d2:11:67:d2:04:b7:9e:03:65:1a:6a: 21:a2:13:97:3e:8c:ad:0b:42:25:64:74:d3:c6:d9: 8c:9f:31:c0:52:78:d2:e8:6f:15:a0:bc:3c:8f:21: 42:9f:76:58:e3:29:87:50:27:c6:59:f4:ca:28:54: 57:80:f2:ab:a8:5c:7e:e0:65:a6:2f:62:a1:b9:e7: 73:56:e2:8e:7a:3b:a8:84:63:93:5b:43:e6:0a:5f: e8:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:AC:89:86:1B:C6:D4:96:53:AC:16:7D:7C:14:B5:74:3B:65:D1:13 X509v3 Authority Key Identifier: keyid:ED:C0:45:7A:14:0B:2D:43:6C:E7:FA:E6:7D:84:91:CF:FC:6E:7F:3E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/7cBFehQLLUNs5_rmfYSRz_xufz4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7cBFehQLLUNs5_rmfYSRz_xufz4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LETSWIN/ZKyJhhvG1JZTrBZ9fBS1dDtl0RM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.123.3.0/24 Signature Algorithm: sha256WithRSAEncryption 67:7d:8d:5c:d5:ad:cb:25:7d:d1:2d:f6:d2:18:8a:cd:87:5a: ea:06:4e:bf:6a:52:93:97:4f:28:dc:a6:b8:1b:20:76:18:e3: e0:6d:11:23:72:60:50:73:32:fa:a4:a9:6a:f6:91:1f:69:aa: 7b:b2:5e:e8:a2:66:4e:49:66:fc:e9:a4:f0:ea:7f:8a:c1:e9: ed:a7:f5:ad:98:38:d9:99:7b:46:a1:b5:80:64:1c:c2:86:d2: 2c:72:d9:31:d1:af:72:aa:d5:10:81:65:e2:25:82:89:7e:13: ee:67:89:f5:f1:16:e6:39:9b:f2:6f:04:8a:78:30:a8:1a:d6: 01:11:47:26:79:f8:b8:32:2b:4e:52:b0:49:44:26:d4:0a:66: 8b:73:d0:e4:37:b3:cd:0a:7c:d8:02:ed:20:45:62:d5:13:de: 63:ba:35:55:04:95:a0:10:19:4d:e9:a4:91:f8:9e:a2:e7:d8: 30:ec:5c:9a:a4:6a:31:83:3d:78:9c:81:a2:b2:05:4c:e6:3b: 3c:29:14:14:c9:a3:d5:68:1f:99:3c:ec:38:a1:6a:6b:89:93: 52:7e:b0:21:33:e6:1a:85:79:50:f7:ad:8b:87:89:c1:70:d3: 2f:98:4e:1f:83:2b:98:b4:4f:8e:1a:04:f1:9b:ad:4a:02:cd: 0b:51:49:84 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICCuMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRURD MDQ1N0ExNDBCMkQ0MzZDRTdGQUU2N0Q4NDkxQ0ZGQzZFN0YzRTAeFw0yMzA5MDEw OTE2MDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY0QUM4OTg2MUJDNkQ0 OTY1M0FDMTY3RDdDMTRCNTc0M0I2NUQxMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUa74WU4chp5+1Ag0RyXyKfBDrBOd2N17hzEqHO7DvAcGq1p4y MrUMKlcIUbTiVjhvTGg/idfhkp1wEOEdiG3LAZH62qxizUQ8/XO23g/jw4N+c0Dx X1qSMWSttQ0CBJahcdsPP11OhDAL7SNPiRppyTRSauOP1UZUjaVCqJ5bBWPmsIPU nBjzRzmtYYZZpj4VBZdUX5JmjlpdNlGZ8HFIeesB90Pxy8PSEWfSBLeeA2UaaiGi E5c+jK0LQiVkdNPG2YyfMcBSeNLobxWgvDyPIUKfdljjKYdQJ8ZZ9MooVFeA8quo XH7gZaYvYqG553NW4o56O6iEY5NbQ+YKX+jpAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUZKyJhhvG1JZTrBZ9fBS1dDtl0RMwHwYDVR0jBBgwFoAU7cBFehQLLUNs5/rm fYSRz/xufz4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVUU1dJ Ti83Y0JGZWhRTExVTnM1X3JtZllTUnpfeHVmejQuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBLzdjQkZlaFFMTFVOczVfcm1mWVNSel94dWZ6NC5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0xFVFNXSU4vWkt5SmhodkcxSlpUckJa OWZCUzFkRHRsMFJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGd7AzANBgkqhkiG9w0BAQsFAAOCAQEAZ32NXNWtyyV90S320hiKzYda6gZOv2pS k5dPKNymuBsgdhjj4G0RI3JgUHMy+qSpavaRH2mqe7Je6KJmTklm/Omk8Op/isHp 7af1rZg42Zl7RqG1gGQcwobSLHLZMdGvcqrVEIFl4iWCiX4T7meJ9fEW5jmb8m8E ingwqBrWARFHJnn4uDIrTlKwSUQm1Apmi3PQ5DezzQp82ALtIEVi1RPeY7o1VQSV oBAZTemkkfieoufYMOxcmqRqMYM9eJyBorIFTOY7PCkUFMmj1WgfmTzsOKFqa4mT Un6wITPmGoV5UPeti4eJwXDTL5hOH4MrmLRPjhoE8ZutSgLNC1FJhA== -----END CERTIFICATE-----Generated at Mon Jun 3 15:52:34 2024 by rpki-client on console-ams.rpki-client.org