$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/oOKhZMpygPoyPnNGE7ON1-neRG0.roa File: oOKhZMpygPoyPnNGE7ON1-neRG0.roa (raw, json) Hash identifier: uJu6ojv4KeUd8syrDu68nLaztbyq9aFQVfMullKOwnA= Subject key identifier: A0:E2:A1:64:CA:72:80:FA:32:3E:73:46:13:B3:8D:D7:E9:DE:44:6D Certificate issuer: /CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Certificate serial: 0B1B Authority key identifier: 99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/oOKhZMpygPoyPnNGE7ON1-neRG0.roa Signing time: Sat 07 Oct 2023 08:02:44 +0000 ROA not before: Sat 07 Oct 2023 08:02:44 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 18464 IP address blocks: 103.122.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 01:43:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2843 (0xb1b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Validity Not Before: Oct 7 08:02:44 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=A0E2A164CA7280FA323E734613B38DD7E9DE446D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:26:1a:bf:61:a6:49:02:9d:95:e8:c4:43:07: 87:d0:e5:c0:64:b0:d7:c9:31:b9:6d:fb:7f:ce:43: 29:4e:ba:63:97:94:62:cc:c9:5f:d4:d7:8c:df:45: 1f:74:eb:6e:89:fa:b1:fe:1a:64:cb:23:cb:02:1c: 04:24:af:8a:1b:4f:db:f5:49:05:cc:20:bf:21:26: 8d:2f:40:1e:9d:40:d4:c1:6f:52:b3:ca:bb:ed:6d: 1a:17:d1:e6:a9:b5:d2:39:95:15:c1:ad:04:51:6a: 07:b0:ca:9b:1c:96:a6:46:f5:40:f6:74:a3:c5:a6: 52:a4:59:ca:bc:84:dd:7e:ce:ae:57:b3:d9:c7:b4: 39:9b:04:c3:81:3b:33:6e:20:3a:1d:f8:22:0f:d8: 4e:4e:a0:30:50:04:90:f2:ea:95:0e:24:e8:f3:cc: b3:23:99:a1:24:f5:4a:9f:41:2e:10:03:c4:e4:fb: fe:36:36:3b:ea:55:32:94:52:0f:f8:ba:42:44:12: 72:ac:87:9d:5c:49:4b:23:a9:32:e2:4c:ee:27:0f: b1:6d:d7:bf:99:37:da:d2:28:65:52:e7:e4:e0:3e: 98:b7:ac:1b:f6:03:6f:a6:39:d8:da:a8:65:f6:35: 51:d0:9b:91:3e:a9:f2:20:9b:f1:88:4d:9a:33:be: 43:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:E2:A1:64:CA:72:80:FA:32:3E:73:46:13:B3:8D:D7:E9:DE:44:6D X509v3 Authority Key Identifier: keyid:99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/oOKhZMpygPoyPnNGE7ON1-neRG0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.20.0/24 Signature Algorithm: sha256WithRSAEncryption 65:ba:76:c0:b8:ed:93:ef:74:13:80:f2:6c:39:82:33:d9:2a: de:50:fd:ce:ca:53:a3:3a:b5:ef:b7:11:2f:4d:15:66:27:53: ff:6e:78:92:82:bb:54:ea:e1:32:e7:3a:74:63:03:08:e1:d8: 71:e7:ff:6c:4e:24:5c:b4:f8:f8:89:d3:b0:4f:44:10:21:c0: ec:d6:0a:51:13:34:73:a6:6e:a6:c1:f2:42:2b:41:d4:15:b9: d4:b7:55:fa:c0:ad:79:32:88:0b:aa:c1:ff:b8:51:13:db:6b: 7c:74:db:df:2e:ec:94:51:1c:49:01:7b:13:c6:7e:a4:70:ae: 88:46:f4:b1:96:a9:2a:7d:d1:a0:96:47:69:a5:f1:17:fd:e1: 18:e9:1b:cb:13:ca:36:13:4a:d4:6c:17:6e:ef:62:65:39:1a: 7f:98:17:ce:09:ab:49:1c:5d:fe:24:06:e5:fb:c1:53:0a:c3: 53:f8:12:40:a0:ea:77:1c:27:43:98:9b:ef:76:8e:26:ec:a4: b9:f7:ba:b3:69:a4:a2:a6:54:89:ff:3d:88:f0:01:6f:db:74: 21:17:f7:7c:de:39:b9:5e:e1:a2:32:cc:cd:34:a1:17:b4:d4: 84:c9:88:4f:e2:bf:50:7d:10:8a:ea:f6:2e:24:a9:72:6b:96: 03:30:01:10 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICCxswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTkz RjcyODBGMUY5QjY1NDM5REQ2NUFERkI2OENBMEQ2Qzk5QkVDNTAeFw0yMzEwMDcw ODAyNDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEwRTJBMTY0Q0E3Mjgw RkEzMjNFNzM0NjEzQjM4REQ3RTlERTQ0NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXJhq/YaZJAp2V6MRDB4fQ5cBksNfJMblt+3/OQylOumOXlGLM yV/U14zfRR90626J+rH+GmTLI8sCHAQkr4obT9v1SQXMIL8hJo0vQB6dQNTBb1Kz yrvtbRoX0eaptdI5lRXBrQRRagewypsclqZG9UD2dKPFplKkWcq8hN1+zq5Xs9nH tDmbBMOBOzNuIDod+CIP2E5OoDBQBJDy6pUOJOjzzLMjmaEk9UqfQS4QA8Tk+/42 NjvqVTKUUg/4ukJEEnKsh51cSUsjqTLiTO4nD7Ft17+ZN9rSKGVS5+TgPpi3rBv2 A2+mOdjaqGX2NVHQm5E+qfIgm/GITZozvkPdAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUoOKhZMpygPoyPnNGE7ON1+neRG0wHwYDVR0jBBgwFoAUmT9ygPH5tlQ53WWt +2jKDWyZvsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FLVVJB SE9TVC9tVDl5Z1BINXRsUTUzV1d0LTJqS0RXeVp2c1UuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL21UOXlnUEg1dGxRNTNXV3QtMmpLRFd5WnZzVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBS1VSQUhPU1Qvb09LaFpNcHln UG95UG5OR0U3T04xLW5lUkcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAGd6FDANBgkqhkiG9w0BAQsFAAOCAQEAZbp2wLjtk+90E4DybDmCM9kq 3lD9zspTozq177cRL00VZidT/254koK7VOrhMuc6dGMDCOHYcef/bE4kXLT4+InT sE9EECHA7NYKURM0c6ZupsHyQitB1BW51LdV+sCteTKIC6rB/7hRE9trfHTb3y7s lFEcSQF7E8Z+pHCuiEb0sZapKn3RoJZHaaXxF/3hGOkbyxPKNhNK1GwXbu9iZTka f5gXzgmrSRxd/iQG5fvBUwrDU/gSQKDqdxwnQ5ib73aOJuykufe6s2mkoqZUif89 iPABb9t0IRf3fN45uV7hojLMzTShF7TUhMmIT+K/UH0Qiur2LiSpcmuWAzABEA== -----END CERTIFICATE-----Generated at Mon Jun 3 04:21:52 2024 by rpki-client on console-ams.rpki-client.org