$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/zKppHaxVIHEhnG7tklmqV2xlKik.roa File: zKppHaxVIHEhnG7tklmqV2xlKik.roa (raw, json) Hash identifier: Scf7m/rf04Upz0EuRLpA1ZThfYvnKv0jXiVbfVC8lQk= Subject key identifier: CC:AA:69:1D:AC:55:20:71:21:9C:6E:ED:92:59:AA:57:6C:65:2A:29 Certificate issuer: /CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Certificate serial: 0B18 Authority key identifier: 99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/zKppHaxVIHEhnG7tklmqV2xlKik.roa Signing time: Wed 04 Oct 2023 17:19:38 +0000 ROA not before: Wed 04 Oct 2023 17:19:38 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 18464 IP address blocks: 103.122.20.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 01:43:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2840 (0xb18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5 Validity Not Before: Oct 4 17:19:38 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=CCAA691DAC552071219C6EED9259AA576C652A29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:9a:5b:cc:fc:64:25:a7:65:5d:cf:7f:24:6c: f4:0d:c9:b8:da:a8:d9:6a:91:17:ae:ee:c0:cb:21: 0b:fa:d5:c4:30:68:15:24:1f:ca:3f:70:5a:8f:60: 24:be:06:f8:00:1c:c2:7f:68:c1:aa:41:40:9e:46: 62:e1:29:a8:a7:0d:a5:6d:f9:51:a0:c2:dc:df:b2: e2:b7:19:ef:64:9c:9d:6a:38:b5:cb:46:dc:5e:7d: 53:7b:ae:9f:92:1f:65:75:22:02:ed:13:bc:f4:de: cf:1f:10:f0:45:b0:a0:ab:5b:0d:47:40:9a:6a:d3: 86:a6:cb:d5:3f:4a:b9:93:b0:27:1f:f5:24:fa:40: fc:2c:67:24:e5:00:8b:34:dd:fe:e1:94:14:81:35: c8:cd:fa:9b:61:04:87:1d:9f:c9:91:bf:76:d1:a2: 55:34:25:70:57:11:58:b2:22:ad:53:24:2d:2e:48: a5:61:f3:a2:91:44:b0:1f:0f:3e:2a:14:75:ac:94: cd:d6:b4:de:23:88:30:21:8b:f4:27:38:56:83:3e: 6b:b6:19:14:a0:7a:82:30:82:29:64:e1:aa:eb:aa: f3:52:47:f9:fd:31:c0:ea:a0:8c:e9:e4:7e:9c:e2: e6:a5:ae:b2:4d:58:58:6c:36:3b:67:1d:a2:39:17: 00:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:AA:69:1D:AC:55:20:71:21:9C:6E:ED:92:59:AA:57:6C:65:2A:29 X509v3 Authority Key Identifier: keyid:99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/zKppHaxVIHEhnG7tklmqV2xlKik.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.20.0/22 Signature Algorithm: sha256WithRSAEncryption b5:9d:b2:36:ed:48:2a:60:50:c2:87:30:cf:5b:e6:52:37:57: 5c:53:a7:3a:fc:41:d1:d1:d4:7a:d9:01:21:85:2b:82:46:da: 54:2e:bd:8b:d5:ac:4f:d5:17:9e:61:53:8a:a5:8f:a0:79:5f: be:02:6b:05:d2:e5:22:eb:57:8e:db:35:38:c9:8a:3d:68:99: 8e:c1:8a:b5:70:fe:f4:2f:36:fa:0c:ca:73:ad:10:b2:22:d5: 43:14:65:40:53:3f:4c:48:17:0b:b0:f3:74:59:c9:53:91:0c: de:81:2b:6c:f0:be:08:d8:15:95:86:77:e1:40:38:c6:b6:ba: 80:90:d1:3d:07:9d:03:d9:8a:f1:60:52:ce:ba:b7:0e:b3:88: 3f:f5:5b:be:b3:6c:a3:c1:a9:28:6e:39:c2:d1:c2:0c:ee:ec: a3:a3:74:9c:a4:1b:bb:1b:19:35:c1:ea:2d:79:1f:9a:8b:33: 18:ec:e5:d7:b7:73:d3:fe:4f:27:54:b2:d2:dc:4f:65:a9:2f: 7a:93:79:8b:36:58:b8:57:e4:d1:d2:4a:6a:06:32:3e:19:c4: 47:99:79:cc:da:3a:ac:bd:b7:e3:41:95:93:a2:2d:a2:f2:07: 7c:a0:f6:e7:fc:2d:b8:0d:76:ba:53:1e:82:a8:25:8d:71:91: e6:85:04:39 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICCxgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTkz RjcyODBGMUY5QjY1NDM5REQ2NUFERkI2OENBMEQ2Qzk5QkVDNTAeFw0yMzEwMDQx NzE5MzhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENDQUE2OTFEQUM1NTIw NzEyMTlDNkVFRDkyNTlBQTU3NkM2NTJBMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVmlvM/GQlp2Vdz38kbPQNybjaqNlqkReu7sDLIQv61cQwaBUk H8o/cFqPYCS+BvgAHMJ/aMGqQUCeRmLhKainDaVt+VGgwtzfsuK3Ge9knJ1qOLXL RtxefVN7rp+SH2V1IgLtE7z03s8fEPBFsKCrWw1HQJpq04amy9U/SrmTsCcf9ST6 QPwsZyTlAIs03f7hlBSBNcjN+pthBIcdn8mRv3bRolU0JXBXEViyIq1TJC0uSKVh 86KRRLAfDz4qFHWslM3WtN4jiDAhi/QnOFaDPmu2GRSgeoIwgilk4arrqvNSR/n9 McDqoIzp5H6c4ualrrJNWFhsNjtnHaI5FwD3AgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUzKppHaxVIHEhnG7tklmqV2xlKikwHwYDVR0jBBgwFoAUmT9ygPH5tlQ53WWt +2jKDWyZvsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FLVVJB SE9TVC9tVDl5Z1BINXRsUTUzV1d0LTJqS0RXeVp2c1UuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL21UOXlnUEg1dGxRNTNXV3QtMmpLRFd5WnZzVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBS1VSQUhPU1QvektwcEhheFZJ SEVobkc3dGtsbXFWMnhsS2lrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAmd6FDANBgkqhkiG9w0BAQsFAAOCAQEAtZ2yNu1IKmBQwocwz1vmUjdX XFOnOvxB0dHUetkBIYUrgkbaVC69i9WsT9UXnmFTiqWPoHlfvgJrBdLlIutXjts1 OMmKPWiZjsGKtXD+9C82+gzKc60QsiLVQxRlQFM/TEgXC7DzdFnJU5EM3oErbPC+ CNgVlYZ34UA4xra6gJDRPQedA9mK8WBSzrq3DrOIP/VbvrNso8GpKG45wtHCDO7s o6N0nKQbuxsZNcHqLXkfmoszGOzl17dz0/5PJ1Sy0txPZakvepN5izZYuFfk0dJK agYyPhnER5l5zNo6rL2340GVk6ItovIHfKD25/wtuA12ulMegqgljXGR5oUEOQ== -----END CERTIFICATE-----Generated at Mon Jun 3 04:21:52 2024 by rpki-client on console-ams.rpki-client.org