$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/cvwxL18KNh7MKYUmD1IxF51IUJk.roa File: cvwxL18KNh7MKYUmD1IxF51IUJk.roa (raw, json) Hash identifier: 4s3Lh5lENS1YWOHs5AF4X71XlHGqsoQ6iTsfeEDQGZY= Subject key identifier: 72:FC:31:2F:5F:0A:36:1E:CC:29:85:26:0F:52:31:17:9D:48:50:99 Certificate issuer: /CN=A18EB377DD0318AE465D8F3F7D6E0AD0A4E9ED1E Certificate serial: 0DD8 Authority key identifier: A1:8E:B3:77:DD:03:18:AE:46:5D:8F:3F:7D:6E:0A:D0:A4:E9:ED:1E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/oY6zd90DGK5GXY8_fW4K0KTp7R4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/cvwxL18KNh7MKYUmD1IxF51IUJk.roa Signing time: Fri 08 Mar 2024 15:03:17 +0000 ROA not before: Fri 08 Mar 2024 15:03:17 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 48024 IP address blocks: 2404:73c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/oY6zd90DGK5GXY8_fW4K0KTp7R4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/oY6zd90DGK5GXY8_fW4K0KTp7R4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/oY6zd90DGK5GXY8_fW4K0KTp7R4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 23:45:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3544 (0xdd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A18EB377DD0318AE465D8F3F7D6E0AD0A4E9ED1E Validity Not Before: Mar 8 15:03:17 2024 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=72FC312F5F0A361ECC2985260F5231179D485099 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:fa:e4:dd:16:80:d6:eb:57:ce:ef:62:2c:59: f9:58:62:54:b3:ed:bc:15:46:4f:59:e4:19:40:8d: 0e:78:95:31:0e:d6:07:03:67:a9:21:38:fb:0d:a6: ba:a6:89:ce:e4:c1:2b:72:bb:2e:2b:e1:3c:df:b7: e3:b1:f7:c5:7d:48:7a:f4:c3:d7:8f:ca:0d:5e:57: 67:1f:04:5d:e7:e3:5a:21:aa:28:a3:ea:5f:04:fa: d1:16:eb:8a:a9:4d:21:79:b5:ee:7f:f7:4e:e6:5a: 6d:6c:3a:59:7b:32:fc:d2:b9:89:ba:a3:c7:50:34: de:1c:0c:3d:95:0d:ea:d4:ef:84:97:42:0f:0b:c8: 35:42:d8:bf:d9:df:6b:92:5b:90:b6:a1:be:b5:fb: 64:0b:7c:fe:8a:cf:e8:61:76:1d:85:ea:35:26:4a: 77:40:f2:30:f6:a1:35:6a:57:1e:e3:0b:69:38:13: 43:cd:8e:49:55:a2:c7:01:21:0a:50:f0:5b:e6:2f: c4:c8:c3:c1:2e:9f:c8:c7:2e:9b:62:3d:fa:cc:5c: 99:83:3f:6b:9e:db:72:01:d9:6e:26:99:c5:e8:0f: e4:fb:1e:14:88:91:83:34:3a:b4:e4:5b:22:cb:32: 92:d5:cf:f2:fe:e3:e8:3f:a7:51:fc:ad:2b:f8:06: d4:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:FC:31:2F:5F:0A:36:1E:CC:29:85:26:0F:52:31:17:9D:48:50:99 X509v3 Authority Key Identifier: keyid:A1:8E:B3:77:DD:03:18:AE:46:5D:8F:3F:7D:6E:0A:D0:A4:E9:ED:1E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/oY6zd90DGK5GXY8_fW4K0KTp7R4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/oY6zd90DGK5GXY8_fW4K0KTp7R4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MINGJINGEN/cvwxL18KNh7MKYUmD1IxF51IUJk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:73c0::/32 Signature Algorithm: sha256WithRSAEncryption 7a:66:b7:f5:f6:97:88:4f:8e:98:10:36:e5:a7:20:d1:00:39: 5a:70:93:4c:33:68:37:2c:7a:92:a6:89:cd:20:91:2a:d0:eb: f8:c1:f3:12:58:db:db:6f:0a:89:db:cc:0e:e7:b5:30:a1:4e: c5:82:59:f3:a4:42:4f:f6:04:1e:a0:4e:82:ed:9c:15:b7:d0: cd:18:25:61:d7:3b:7e:c5:32:8e:43:c8:93:39:61:03:8c:c2: 16:29:cc:5e:a4:b5:40:7f:a7:cc:d4:12:1b:e5:fc:ab:b2:99: 64:41:d1:20:f4:68:76:42:fa:b2:67:8a:82:93:1d:c1:ed:eb: 3d:cd:c8:da:c3:e7:cd:ad:34:c0:7c:a6:bf:fd:b8:30:03:62: f6:ba:f2:19:5f:7c:a6:fd:95:33:df:62:ec:4b:e5:70:f9:f6: 9a:e8:d5:dd:69:50:fb:cf:0d:58:f4:47:27:61:a6:f0:e7:c8: cb:41:6c:e3:0d:e0:e5:e7:8c:23:1a:d9:84:9b:40:59:a4:32: d6:2f:9c:bd:b0:1d:1e:50:44:81:ad:1d:5f:73:8f:08:80:66: 7a:05:2d:b3:ba:a8:68:6e:d8:02:89:17:d7:08:28:1a:62:b0: 70:4b:ed:c4:c7:81:c2:44:35:5e:31:b2:62:38:f5:b9:72:17: 30:0e:a0:b4 -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICDdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTE4 RUIzNzdERDAzMThBRTQ2NUQ4RjNGN0Q2RTBBRDBBNEU5RUQxRTAeFw0yNDAzMDgx NTAzMTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDcyRkMzMTJGNUYwQTM2 MUVDQzI5ODUyNjBGNTIzMTE3OUQ0ODUwOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDu+uTdFoDW61fO72IsWflYYlSz7bwVRk9Z5BlAjQ54lTEO1gcD Z6khOPsNprqmic7kwStyuy4r4Tzft+Ox98V9SHr0w9ePyg1eV2cfBF3n41ohqiij 6l8E+tEW64qpTSF5te5/907mWm1sOll7MvzSuYm6o8dQNN4cDD2VDerU74SXQg8L yDVC2L/Z32uSW5C2ob61+2QLfP6Kz+hhdh2F6jUmSndA8jD2oTVqVx7jC2k4E0PN jklVoscBIQpQ8FvmL8TIw8Eun8jHLptiPfrMXJmDP2ue23IB2W4mmcXoD+T7HhSI kYM0OrTkWyLLMpLVz/L+4+g/p1H8rSv4BtTtAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQUcvwxL18KNh7MKYUmD1IxF51IUJkwHwYDVR0jBBgwFoAUoY6zd90DGK5GXY8/ fW4K0KTp7R4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUlOR0pJ TkdFTi9vWTZ6ZDkwREdLNUdYWThfZlc0SzBLVHA3UjQuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL29ZNnpkOTBER0s1R1hZOF9mVzRLMEtUcDdSNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL01JTkdKSU5HRU4vY3Z3eEwxOEtO aDdNS1lVbUQxSXhGNTFJVUprLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC AAIwBwMFACQEc8AwDQYJKoZIhvcNAQELBQADggEBAHpmt/X2l4hPjpgQNuWnINEA OVpwk0wzaDcsepKmic0gkSrQ6/jB8xJY29tvConbzA7ntTChTsWCWfOkQk/2BB6g ToLtnBW30M0YJWHXO37FMo5DyJM5YQOMwhYpzF6ktUB/p8zUEhvl/KuymWRB0SD0 aHZC+rJnioKTHcHt6z3NyNrD582tNMB8pr/9uDADYva68hlffKb9lTPfYuxL5XD5 9pro1d1pUPvPDVj0RydhpvDnyMtBbOMN4OXnjCMa2YSbQFmkMtYvnL2wHR5QRIGt HV9zjwiAZnoFLbO6qGhu2AKJF9cIKBpisHBL7cTHgcJENV4xsmI49blyFzAOoLQ= -----END CERTIFICATE-----Generated at Mon May 6 16:52:58 2024 by rpki-client on console-fra.rpki-client.org