$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/-BWhANQSc-hbRPc9SjDxFXm3CU4.roa File: -BWhANQSc-hbRPc9SjDxFXm3CU4.roa (raw, json) Hash identifier: 1X++6J+3+uSBz6jx65B9zddzMH3tmOA9e1/dvnqJBlo= Subject key identifier: F8:15:A1:00:D4:12:73:E8:5B:44:F7:3D:4A:30:F1:15:79:B7:09:4E Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0F80 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/-BWhANQSc-hbRPc9SjDxFXm3CU4.roa Signing time: Fri 01 Sep 2023 08:29:12 +0000 ROA not before: Fri 01 Sep 2023 08:29:12 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131627 IP address blocks: 150.117.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 08:21:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3968 (0xf80) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:12 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=F815A100D41273E85B44F73D4A30F11579B7094E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:6d:20:0c:00:95:0a:04:98:ec:3e:df:1a:c0: 90:63:d8:1a:a2:ee:bc:4f:08:a2:a0:a5:57:3c:10: 86:15:05:0a:29:da:e3:06:e2:96:44:49:41:87:24: 7a:7f:f4:56:b5:84:35:33:16:67:3b:5f:15:81:94: a0:0d:f1:55:cc:6f:87:71:8a:02:3a:29:6a:17:1c: f6:4e:a9:66:59:b9:bf:b6:99:37:39:fb:89:7b:fb: 7d:6d:84:2c:dc:4c:b7:41:73:a8:97:f1:fb:f4:fe: 09:6b:61:5f:de:4b:c6:c8:34:cb:32:89:7d:73:9b: 13:58:c5:dd:a6:bc:db:f5:3f:30:f6:c1:f1:ac:d8: 1c:b7:34:4a:7d:8c:1b:0f:a9:fe:66:9a:3c:5c:c6: 94:f7:a7:62:47:5b:3c:26:e1:18:54:21:e2:55:05: 40:86:9b:17:a8:80:0a:8c:77:2e:e2:a1:60:a5:da: 60:d2:d2:94:b3:90:0b:a2:24:5f:ec:d0:bf:a3:27: fc:01:4b:3a:23:21:30:88:82:36:ed:c9:a3:3f:8a: 95:39:e3:7e:0c:a9:c4:8e:af:76:be:da:60:69:f4: ed:97:2c:47:fa:3c:5f:ce:56:c6:04:9b:35:2a:3d: 7b:d8:21:b0:7d:31:ff:39:3d:b4:22:ae:5e:23:9f: 87:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:15:A1:00:D4:12:73:E8:5B:44:F7:3D:4A:30:F1:15:79:B7:09:4E X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/-BWhANQSc-hbRPc9SjDxFXm3CU4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.232.0/21 Signature Algorithm: sha256WithRSAEncryption ac:8f:65:d7:18:0f:b0:b2:90:52:24:6a:f5:e9:55:b2:68:55: 29:8e:ae:87:eb:9e:b3:be:a4:9c:03:a7:7c:81:a8:37:0e:3e: 33:ee:a1:30:1e:7b:03:f1:ac:75:da:c1:cc:b7:32:c4:38:51: 1f:69:19:30:82:3b:b1:12:b2:75:58:8a:e9:23:0c:43:a3:c5: 89:d0:35:a4:80:97:b0:33:da:09:0b:9d:a9:f0:bd:d4:79:a7: 2a:6b:54:ab:23:38:87:ff:e5:88:21:f1:1b:f2:0d:e3:f2:c7: 49:f0:54:23:c6:e3:5e:6a:b6:14:90:47:f1:4e:17:5b:59:70: 40:b7:cc:e3:ee:4a:16:5a:13:cb:13:14:f0:e4:7c:75:f6:5e: 26:26:5f:f2:30:48:4a:39:ef:4d:ab:5a:d4:9c:72:94:58:5b: a4:b9:f6:ba:20:7c:91:62:98:a0:ab:ac:f2:0c:d3:22:9c:5b: f0:8f:38:52:61:9c:a3:86:55:39:69:7a:49:48:0c:3e:e9:3f: 39:29:90:19:e4:c5:48:ac:a4:11:c6:c3:3e:fe:c7:ed:39:95: 79:e9:12:d7:bc:31:93:38:74:ca:40:f7:63:0e:45:eb:b5:94: 8d:fb:30:61:4d:58:78:80:c2:84:29:bf:5f:55:57:54:04:2f: e7:f8:54:f8 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD4AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEY4MTVBMTAwRDQxMjcz RTg1QjQ0RjczRDRBMzBGMTE1NzlCNzA5NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDobSAMAJUKBJjsPt8awJBj2Bqi7rxPCKKgpVc8EIYVBQop2uMG 4pZESUGHJHp/9Fa1hDUzFmc7XxWBlKAN8VXMb4dxigI6KWoXHPZOqWZZub+2mTc5 +4l7+31thCzcTLdBc6iX8fv0/glrYV/eS8bINMsyiX1zmxNYxd2mvNv1PzD2wfGs 2By3NEp9jBsPqf5mmjxcxpT3p2JHWzwm4RhUIeJVBUCGmxeogAqMdy7ioWCl2mDS 0pSzkAuiJF/s0L+jJ/wBSzojITCIgjbtyaM/ipU5434MqcSOr3a+2mBp9O2XLEf6 PF/OVsYEmzUqPXvYIbB9Mf85PbQirl4jn4enAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU+BWhANQSc+hbRPc9SjDxFXm3CU4wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8tQldoQU5RU2MtaGJS UGM5U2pEeEZYbTNDVTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnXoMA0GCSqGSIb3DQEBCwUAA4IBAQCsj2XXGA+wspBSJGr16VWyaFUpjq6H 656zvqScA6d8gag3Dj4z7qEwHnsD8ax12sHMtzLEOFEfaRkwgjuxErJ1WIrpIwxD o8WJ0DWkgJewM9oJC52p8L3Ueacqa1SrIziH/+WIIfEb8g3j8sdJ8FQjxuNearYU kEfxThdbWXBAt8zj7koWWhPLExTw5Hx19l4mJl/yMEhKOe9Nq1rUnHKUWFukufa6 IHyRYpigq6zyDNMinFvwjzhSYZyjhlU5aXpJSAw+6T85KZAZ5MVIrKQRxsM+/sft OZV56RLXvDGTOHTKQPdjDkXrtZSN+zBhTVh4gMKEKb9fVVdUBC/n+FT4 -----END CERTIFICATE-----Generated at Tue Jun 18 12:53:57 2024 by rpki-client on console-ams.rpki-client.org