$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/KCl8LSoH-KGlJMHSZNH3xretQqU.roa File: KCl8LSoH-KGlJMHSZNH3xretQqU.roa (raw, json) Hash identifier: PYJ1nGMHP+tOeTxljk0yjY3ne6wYr+3aGhsZfPZbgWQ= Subject key identifier: 28:29:7C:2D:2A:07:F8:A1:A5:24:C1:D2:64:D1:F7:C6:B7:AD:42:A5 Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Certificate serial: 0CC7 Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/KCl8LSoH-KGlJMHSZNH3xretQqU.roa Signing time: Fri 01 Sep 2023 09:39:44 +0000 ROA not before: Fri 01 Sep 2023 09:39:44 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 38843 IP address blocks: 223.27.40.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 04:08:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3271 (0xcc7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3 Validity Not Before: Sep 1 09:39:44 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=28297C2D2A07F8A1A524C1D264D1F7C6B7AD42A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:28:de:be:72:cd:b4:7a:63:94:1b:a6:4a:75: 13:f6:eb:94:ec:f4:a3:b7:b0:82:f5:28:61:14:67: b2:8b:28:1b:c2:44:84:57:41:82:55:4d:2e:17:e3: 54:39:a6:e1:22:5c:33:62:ad:3d:b5:fb:03:bb:c6: 6f:f8:ba:90:6b:1f:01:ef:16:78:47:cf:35:4f:cb: 10:75:22:fb:1e:62:ed:2e:0a:43:ac:ae:f7:59:97: 5b:a0:cc:f6:8d:77:cd:63:67:c7:94:bb:8a:20:0a: 77:6e:42:06:4a:52:b0:ae:c0:3e:d0:f9:2d:2c:2a: 88:b4:79:06:2e:02:55:0f:a4:23:03:17:34:21:a4: 85:6b:98:69:ec:bf:7b:6f:37:f8:f2:43:13:ce:03: 14:bb:91:7f:ab:f7:33:d7:bd:ad:bc:28:a5:77:61: 52:8b:4f:52:16:96:2e:ab:74:d8:31:73:4b:36:ad: 53:4d:90:ab:04:70:c4:3e:fc:3d:1b:50:df:d9:c5: b0:ad:57:24:3e:c5:3d:28:13:5a:af:e5:6f:00:a6: 0c:e0:4b:2d:b9:4b:fb:7a:fc:78:4e:e5:a3:81:bd: 8f:00:49:db:48:c1:71:05:ac:cb:b7:8c:2e:79:9e: 24:89:1e:e1:7d:50:84:5f:d3:e0:0a:69:79:e9:bf: f5:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:29:7C:2D:2A:07:F8:A1:A5:24:C1:D2:64:D1:F7:C6:B7:AD:42:A5 X509v3 Authority Key Identifier: keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/KCl8LSoH-KGlJMHSZNH3xretQqU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.27.40.0/21 Signature Algorithm: sha256WithRSAEncryption aa:17:c3:6e:70:70:fb:01:67:58:e2:5b:34:9f:de:5c:c1:c0: 47:34:f6:7f:b1:ed:21:54:22:55:c2:6d:24:e8:2b:2c:77:30: 6b:56:42:50:e0:0b:74:34:29:f1:a2:04:e9:4d:a5:a9:7f:1e: 35:b0:54:09:ce:4e:66:e8:ef:96:90:7f:d4:c3:00:18:a2:e5: e3:17:05:24:f1:c4:4f:6a:75:ed:fa:b8:d2:80:81:3c:ca:fe: 67:b3:80:1a:07:38:45:21:bb:3f:45:be:e7:13:ea:95:b7:b8: 06:90:d9:5d:08:0f:3b:eb:5f:09:87:54:c5:14:2d:01:8a:ec: 52:2b:9f:2f:10:39:3f:f5:d6:2f:a7:a0:2f:83:b7:d7:52:1b: 72:b1:29:78:66:79:30:4b:21:01:e2:7a:83:31:22:ff:3d:71: d7:08:b0:c0:d7:88:a4:69:d2:f5:c1:83:93:f7:46:ca:45:90: 45:97:5b:05:28:41:5c:3f:c6:23:e0:2f:7c:46:f5:c5:2d:ac: 5f:42:3a:ed:72:b9:44:37:1c:e5:66:35:44:86:a6:c3:74:0f: 36:e7:75:eb:8d:64:4b:8d:a4:9e:76:38:48:4f:c9:53:f3:0c: cb:b9:69:62:90:36:93:50:df:a6:0b:e8:d3:b4:9d:56:62:b3: be:56:60:e5 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw OTM5NDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI4Mjk3QzJEMkEwN0Y4 QTFBNTI0QzFEMjY0RDFGN0M2QjdBRDQyQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5KN6+cs20emOUG6ZKdRP265Ts9KO3sIL1KGEUZ7KLKBvCRIRX QYJVTS4X41Q5puEiXDNirT21+wO7xm/4upBrHwHvFnhHzzVPyxB1IvseYu0uCkOs rvdZl1ugzPaNd81jZ8eUu4ogCnduQgZKUrCuwD7Q+S0sKoi0eQYuAlUPpCMDFzQh pIVrmGnsv3tvN/jyQxPOAxS7kX+r9zPXva28KKV3YVKLT1IWli6rdNgxc0s2rVNN kKsEcMQ+/D0bUN/ZxbCtVyQ+xT0oE1qv5W8ApgzgSy25S/t6/HhO5aOBvY8ASdtI wXEFrMu3jC55niSJHuF9UIRf0+AKaXnpv/UlAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUKCl8LSoH+KGlJMHSZNH3xretQqUwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80 sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vS0NsOExTb0gtS0dsSk1IU1pOSDN4 cmV0UXFVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA98bKDAN BgkqhkiG9w0BAQsFAAOCAQEAqhfDbnBw+wFnWOJbNJ/eXMHARzT2f7HtIVQiVcJt JOgrLHcwa1ZCUOALdDQp8aIE6U2lqX8eNbBUCc5OZujvlpB/1MMAGKLl4xcFJPHE T2p17fq40oCBPMr+Z7OAGgc4RSG7P0W+5xPqlbe4BpDZXQgPO+tfCYdUxRQtAYrs UiufLxA5P/XWL6egL4O311IbcrEpeGZ5MEshAeJ6gzEi/z1x1wiwwNeIpGnS9cGD k/dGykWQRZdbBShBXD/GI+AvfEb1xS2sX0I67XK5RDcc5WY1RIamw3QPNud1641k S42knnY4SE/JU/MMy7lpYpA2k1Dfpgvo07SdVmKzvlZg5Q== -----END CERTIFICATE-----Generated at Mon Jun 3 04:21:51 2024 by rpki-client on console-ams.rpki-client.org