$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KMHgg4R6govtme_q7NYfC-RytJI.roa File: KMHgg4R6govtme_q7NYfC-RytJI.roa (raw, json) Hash identifier: kEYZMo5m88U2uMhfPoxFh1yWIv1g84jTshANowTEPFI= Subject key identifier: 28:C1:E0:83:84:7A:82:8B:ED:99:EF:EA:EC:D6:1F:0B:E4:72:B4:92 Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Certificate serial: 116B Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KMHgg4R6govtme_q7NYfC-RytJI.roa Signing time: Fri 01 Sep 2023 03:14:20 +0000 ROA not before: Fri 01 Sep 2023 03:14:20 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 14618 IP address blocks: 103.235.88.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 23:27:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4459 (0x116b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965 Validity Not Before: Sep 1 03:14:20 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=28C1E083847A828BED99EFEAECD61F0BE472B492 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:82:01:1f:22:b7:98:bc:39:f0:89:9c:b4:99: 2b:82:06:49:b7:f4:57:38:1e:0a:43:bb:a2:99:0e: 6e:4d:d2:94:dc:f7:db:70:42:87:d0:85:98:61:c4: 46:43:be:b1:af:67:02:d0:34:eb:91:ee:4a:a0:16: 96:2d:e3:be:ec:11:97:77:ee:6b:4d:c3:4b:c0:88: f7:2e:a3:52:70:e0:e7:63:75:2b:60:23:34:82:f2: 45:e3:34:9e:ab:b6:57:39:43:42:2c:fb:0e:48:85: d4:4c:98:6e:df:61:c3:3d:87:9e:a6:cd:ac:71:e2: 78:4c:5c:f3:07:f1:38:f3:89:4f:be:94:cb:22:6f: 87:e0:83:d6:37:e9:eb:27:9f:8e:4d:b2:51:4d:3e: 9e:c1:d8:7b:02:83:e4:ce:8a:44:7b:b0:03:55:6f: e5:c4:38:ed:0f:59:26:dc:9e:5c:a9:e9:51:59:b8: 0a:52:b1:af:d4:7e:b0:e3:02:e6:00:0b:e8:a1:63: 08:66:84:26:1f:9a:e3:cc:62:11:c2:7a:cf:f9:85: 45:dc:fe:3b:23:70:3b:bb:b3:2d:e9:e7:7b:e6:6f: 0a:a6:6e:5c:2c:06:98:0e:2d:38:0c:9c:5d:74:49: 2b:fd:d8:b4:13:b4:3e:14:da:18:08:1d:02:7c:29: b8:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:C1:E0:83:84:7A:82:8B:ED:99:EF:EA:EC:D6:1F:0B:E4:72:B4:92 X509v3 Authority Key Identifier: keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KMHgg4R6govtme_q7NYfC-RytJI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.235.88.0/24 Signature Algorithm: sha256WithRSAEncryption ae:0d:8d:02:40:1e:64:ce:14:7e:c3:88:a5:6e:01:8b:77:bb: a7:a1:33:50:55:21:15:cc:74:95:a8:0a:f6:00:86:83:8e:ff: 21:fa:f6:b3:14:6f:40:85:e4:dc:67:14:64:2f:20:50:26:96: de:d3:58:17:4f:77:ff:59:32:47:03:22:69:9a:70:c7:12:51: e3:57:65:fa:08:74:d3:35:7b:63:af:3f:cb:d5:8d:c5:64:62: 36:fd:1b:99:6d:9b:52:27:bf:b7:1b:73:cf:dd:1d:d4:f9:66: a8:41:29:25:ea:bd:46:d0:12:82:27:65:02:09:8f:92:80:fd: 0c:6b:71:85:da:e9:b4:9f:98:9b:bd:d2:45:9c:f3:6f:35:d9: 30:99:0b:2f:13:1f:84:3c:81:bd:10:25:b1:ca:92:ea:32:26: 5e:03:da:fe:67:77:7c:e8:62:03:38:10:bf:cc:b3:f8:32:6b: 1b:39:f7:4a:c0:57:83:4c:84:7b:04:2c:35:3d:a6:89:ed:09: ad:1a:d1:3a:13:f0:2e:57:bb:3e:14:bc:26:e2:04:48:6b:39: 75:34:52:04:1c:a9:aa:cf:d1:b2:aa:9b:3a:bb:34:bc:cd:f8: 6b:31:fe:8d:60:94:c8:80:d2:7b:3f:a2:0e:0a:ea:75:6a:cd: b4:8e:28:a0 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMzA5MDEw MzE0MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI4QzFFMDgzODQ3QTgy OEJFRDk5RUZFQUVDRDYxRjBCRTQ3MkI0OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgggEfIreYvDnwiZy0mSuCBkm39Fc4HgpDu6KZDm5N0pTc99tw QofQhZhhxEZDvrGvZwLQNOuR7kqgFpYt477sEZd37mtNw0vAiPcuo1Jw4OdjdStg IzSC8kXjNJ6rtlc5Q0Is+w5IhdRMmG7fYcM9h56mzaxx4nhMXPMH8TjziU++lMsi b4fgg9Y36esnn45NslFNPp7B2HsCg+TOikR7sANVb+XEOO0PWSbcnlyp6VFZuApS sa/UfrDjAuYAC+ihYwhmhCYfmuPMYhHCes/5hUXc/jsjcDu7sy3p53vmbwqmblws BpgOLTgMnF10SSv92LQTtD4U2hgIHQJ8Kbg/AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUKMHgg4R6govtme/q7NYfC+RytJIwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0 p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9LTUhnZzRSNmdvdnRtZV9xN05Z ZkMtUnl0Skkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tY MA0GCSqGSIb3DQEBCwUAA4IBAQCuDY0CQB5kzhR+w4ilbgGLd7unoTNQVSEVzHSV qAr2AIaDjv8h+vazFG9AheTcZxRkLyBQJpbe01gXT3f/WTJHAyJpmnDHElHjV2X6 CHTTNXtjrz/L1Y3FZGI2/RuZbZtSJ7+3G3PP3R3U+WaoQSkl6r1G0BKCJ2UCCY+S gP0Ma3GF2um0n5ibvdJFnPNvNdkwmQsvEx+EPIG9ECWxypLqMiZeA9r+Z3d86GID OBC/zLP4MmsbOfdKwFeDTIR7BCw1PaaJ7QmtGtE6E/AuV7s+FLwm4gRIazl1NFIE HKmqz9Gyqps6uzS8zfhrMf6NYJTIgNJ7P6IOCup1as20jiig -----END CERTIFICATE-----Generated at Wed May 1 15:29:39 2024 by rpki-client on console-fra.rpki-client.org