$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/K9nrkDge7zcQtbJ6ADADmyP0uQA.roa File: K9nrkDge7zcQtbJ6ADADmyP0uQA.roa (raw, json) Hash identifier: SqIIv72jbLu2yB+yKMrEsd8TNZOtGYtTICKaHud/rgg= Subject key identifier: 2B:D9:EB:90:38:1E:EF:37:10:B5:B2:7A:00:30:03:9B:23:F4:B9:00 Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0BBB Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/K9nrkDge7zcQtbJ6ADADmyP0uQA.roa Signing time: Fri 01 Sep 2023 09:45:02 +0000 ROA not before: Fri 01 Sep 2023 09:45:02 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 4780 IP address blocks: 203.121.240.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 04:13:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3003 (0xbbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Sep 1 09:45:02 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=2BD9EB90381EEF3710B5B27A0030039B23F4B900 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:94:53:28:cf:c5:05:43:40:9e:ec:ae:ab:6b: 70:ab:d1:a7:44:f7:eb:b7:79:e8:17:ee:43:95:99: bc:64:0a:80:03:f5:c9:cd:f0:b9:4e:9e:e6:51:ad: 0b:83:6f:19:0a:4b:7c:cd:34:cd:14:31:81:68:70: fb:ee:28:52:ac:9c:23:5c:3f:d8:74:3b:6b:fb:a2: 6f:55:9d:af:3a:ce:4d:f9:7e:a0:0b:c6:9a:f1:61: d5:7c:d9:04:0e:77:a6:b9:65:3d:3f:6f:6a:02:e5: 69:f3:81:68:ca:d6:78:d8:d0:04:bb:64:3d:16:5a: f1:09:7c:55:d9:08:a6:ba:90:7b:fc:93:19:46:aa: f9:18:50:9f:77:ad:8a:66:d6:0e:08:f9:e5:85:47: 0e:50:dd:ee:5f:ce:f9:f5:84:62:16:30:22:a7:ac: ac:86:7f:be:fa:d0:a6:1d:37:23:3b:9d:00:6f:59: 5f:cb:8b:54:6f:33:fb:a7:d8:a3:81:75:83:22:e9: d7:c4:65:fd:ff:76:29:16:11:ba:7f:33:f2:d9:32: 42:31:b0:c1:da:5a:d5:77:05:db:c3:d3:19:8e:b6: 48:f6:3c:1a:db:e4:47:37:7d:5e:43:47:1e:cb:9c: 64:fc:42:ad:db:10:70:f2:fa:44:44:cb:46:9e:44: 49:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:D9:EB:90:38:1E:EF:37:10:B5:B2:7A:00:30:03:9B:23:F4:B9:00 X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/K9nrkDge7zcQtbJ6ADADmyP0uQA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.121.240.0/20 Signature Algorithm: sha256WithRSAEncryption b1:d9:bb:e8:a6:9d:36:e5:b5:2e:38:f4:8b:e9:b3:0d:3a:42: cd:71:e3:d1:02:69:b3:62:37:ba:65:27:49:25:97:0b:91:46: bc:b9:7f:71:12:72:9d:f9:12:f3:8e:85:92:23:1c:73:99:cc: c8:22:0f:c5:11:cb:90:71:40:5a:c4:0a:42:11:27:62:f5:51: c0:45:aa:fe:ef:93:4e:8c:dc:ba:5b:9a:b7:67:9c:cd:29:c8: 57:e4:37:5a:91:3d:7f:5f:2f:25:c9:9f:e3:4b:63:0a:0e:d4: 91:c6:2f:2d:46:da:49:4d:de:67:53:86:e7:bd:db:84:8c:db: a0:69:ae:d1:ef:cb:23:81:35:16:3c:32:d2:2e:a6:b2:de:1b: 77:42:c1:48:d7:09:06:23:87:5b:67:f2:79:3e:54:77:c2:26: bc:f5:a4:14:22:4b:a4:95:aa:7a:68:0d:95:c4:3d:0d:85:fb: d7:c2:33:a7:c2:29:41:f0:bb:67:d9:87:e5:e3:ca:d9:99:69: 84:5c:6c:0b:aa:17:4d:07:77:92:9e:1d:f5:f3:0f:77:85:db: ab:83:15:62:2f:57:0b:6d:c5:ac:b8:01:5a:db:cd:69:b0:2d: 2d:17:0a:50:55:c2:b0:62:e6:1d:71:37:d2:5b:3a:06:0f:39: 10:88:c2:64 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICC7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMzA5MDEw OTQ1MDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJCRDlFQjkwMzgxRUVG MzcxMEI1QjI3QTAwMzAwMzlCMjNGNEI5MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWlFMoz8UFQ0Ce7K6ra3Cr0adE9+u3eegX7kOVmbxkCoAD9cnN 8LlOnuZRrQuDbxkKS3zNNM0UMYFocPvuKFKsnCNcP9h0O2v7om9Vna86zk35fqAL xprxYdV82QQOd6a5ZT0/b2oC5WnzgWjK1njY0AS7ZD0WWvEJfFXZCKa6kHv8kxlG qvkYUJ93rYpm1g4I+eWFRw5Q3e5fzvn1hGIWMCKnrKyGf7760KYdNyM7nQBvWV/L i1RvM/un2KOBdYMi6dfEZf3/dikWEbp/M/LZMkIxsMHaWtV3BdvD0xmOtkj2PBrb 5Ec3fV5DRx7LnGT8Qq3bEHDy+kREy0aeREl1AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUK9nrkDge7zcQtbJ6ADADmyP0uQAwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9LOW5ya0RnZTd6Y1F0Yko2QURB RG15UDB1UUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3nw MA0GCSqGSIb3DQEBCwUAA4IBAQCx2bvopp025bUuOPSL6bMNOkLNcePRAmmzYje6 ZSdJJZcLkUa8uX9xEnKd+RLzjoWSIxxzmczIIg/FEcuQcUBaxApCESdi9VHARar+ 75NOjNy6W5q3Z5zNKchX5DdakT1/Xy8lyZ/jS2MKDtSRxi8tRtpJTd5nU4bnvduE jNugaa7R78sjgTUWPDLSLqay3ht3QsFI1wkGI4dbZ/J5PlR3wia89aQUIkuklap6 aA2VxD0NhfvXwjOnwilB8Ltn2Yfl48rZmWmEXGwLqhdNB3eSnh318w93hdurgxVi L1cLbcWsuAFa281psC0tFwpQVcKwYuYdcTfSWzoGDzkQiMJk -----END CERTIFICATE-----Generated at Mon Jun 3 04:21:52 2024 by rpki-client on console-ams.rpki-client.org