$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/1-A_4m_6JT2BMiZy8tSmaUjt6gs.roa File: 1-A_4m_6JT2BMiZy8tSmaUjt6gs.roa (raw, json) Hash identifier: R4jZmaYPWS9WKb+IOKpzm136e1vzU+KNcWg5h205Muk= Subject key identifier: D7:E0:3F:E2:6F:FA:25:3D:81:32:26:72:F2:D4:A6:69:48:ED:EA:0B Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 127F Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/1-A_4m_6JT2BMiZy8tSmaUjt6gs.roa Signing time: Mon 10 Feb 2025 14:14:55 +0000 ROA not before: Mon 10 Feb 2025 14:14:55 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 150.117.160.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4735 (0x127f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:55 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=D7E03FE26FFA253D81322672F2D4A66948EDEA0B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f5:df:92:38:0a:90:a1:8e:49:90:5a:89:85: 4f:ab:e3:ec:94:77:56:d0:07:b4:1f:37:02:c0:db: bc:d7:59:a8:ef:17:aa:10:d6:d7:ef:bd:db:30:37: 96:cb:6d:76:f5:52:32:c8:24:5f:c2:fb:06:56:16: 41:d3:61:5c:1d:88:bb:f3:21:ad:00:62:fd:62:56: c5:7d:45:93:d1:50:fc:d4:f7:d8:d7:73:a9:ac:23: 5a:2c:8c:c6:a1:09:ab:c2:8e:76:5b:cc:29:19:14: 55:72:62:2e:f3:11:c3:59:8b:6d:19:15:f9:08:52: bf:56:5d:d2:19:5a:c8:51:5b:55:c2:d7:92:fe:8f: 8c:42:de:29:3b:79:48:5b:45:cf:d9:fe:43:32:d7: 07:e2:81:ee:95:5d:7b:86:7d:17:a9:91:ac:f3:ca: 5f:74:28:10:6c:c6:ea:53:15:b6:bf:3d:89:7f:41: c5:17:ba:c2:11:f3:56:c0:82:c0:a9:10:b8:29:0e: a8:ef:85:03:c4:d7:79:02:94:e1:c5:b0:da:b5:0d: 24:06:f2:c6:58:39:76:1a:b1:51:36:c4:af:6f:45: 99:8f:0f:54:01:ac:0c:45:4a:b2:79:08:0a:9a:e3: 13:3c:c8:ca:5b:87:c4:94:5c:27:de:15:70:a1:61: 81:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:E0:3F:E2:6F:FA:25:3D:81:32:26:72:F2:D4:A6:69:48:ED:EA:0B X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/1-A_4m_6JT2BMiZy8tSmaUjt6gs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.160.0/21 Signature Algorithm: sha256WithRSAEncryption 6e:a5:20:22:3c:be:f3:c3:ed:bc:d5:57:14:0a:94:6c:12:65: cf:2c:52:b7:9a:63:74:e6:ff:03:58:c3:b3:12:66:d4:5c:ff: 88:7a:ee:f0:21:8a:30:47:59:d7:be:a2:4e:cb:aa:e2:40:1b: 77:a5:f4:69:5c:e7:21:a7:22:63:72:e4:04:d9:d7:d9:cf:4a: 69:7f:a2:7b:e5:03:76:90:b9:af:f4:ca:95:df:c3:e9:82:de: d7:40:7e:28:0f:19:37:d8:d2:90:13:0a:cc:d6:aa:12:98:4d: e8:ee:bf:a7:97:3c:47:95:5a:3c:8a:d3:a6:86:21:81:ff:18: f7:25:27:7b:21:c3:bd:72:94:de:26:9f:1b:d2:2c:cc:fc:1d: 1b:4c:5b:80:48:f5:e4:cf:dc:82:0d:dc:d7:a7:c5:2f:b6:0a: fb:87:83:6a:57:18:8b:c2:13:eb:52:30:61:93:2c:75:9a:32: ad:36:ca:c2:2d:da:26:a2:8a:ec:f0:4c:4e:5c:3a:3c:ed:3b: e4:e0:86:70:41:a2:c9:25:30:f7:5c:ac:c8:0b:9b:b1:f6:35: a5:94:1b:57:cd:6e:27:63:68:d8:2a:59:25:e7:d7:98:10:e1: 91:07:26:a0:91:7a:a3:9f:9d:ec:60:11:39:ab:18:c4:1e:f0: f6:dc:ee:aa -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEn8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ3RTAzRkUyNkZGQTI1 M0Q4MTMyMjY3MkYyRDRBNjY5NDhFREVBMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCq9d+SOAqQoY5JkFqJhU+r4+yUd1bQB7QfNwLA27zXWajvF6oQ 1tfvvdswN5bLbXb1UjLIJF/C+wZWFkHTYVwdiLvzIa0AYv1iVsV9RZPRUPzU99jX c6msI1osjMahCavCjnZbzCkZFFVyYi7zEcNZi20ZFfkIUr9WXdIZWshRW1XC15L+ j4xC3ik7eUhbRc/Z/kMy1wfige6VXXuGfRepkazzyl90KBBsxupTFba/PYl/QcUX usIR81bAgsCpELgpDqjvhQPE13kClOHFsNq1DSQG8sZYOXYasVE2xK9vRZmPD1QB rAxFSrJ5CAqa4xM8yMpbh8SUXCfeFXChYYEdAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU1+A/4m/6JT2BMiZy8tSmaUjt6gswHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8xLUFfNG1fNkpUMkJN aVp5OHRTbWFVanQ2Z3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnWgMA0GCSqGSIb3DQEBCwUAA4IBAQBupSAiPL7zw+281VcUCpRsEmXPLFK3 mmN05v8DWMOzEmbUXP+Ieu7wIYowR1nXvqJOy6riQBt3pfRpXOchpyJjcuQE2dfZ z0ppf6J75QN2kLmv9MqV38Ppgt7XQH4oDxk32NKQEwrM1qoSmE3o7r+nlzxHlVo8 itOmhiGB/xj3JSd7IcO9cpTeJp8b0izM/B0bTFuASPXkz9yCDdzXp8Uvtgr7h4Nq VxiLwhPrUjBhkyx1mjKtNsrCLdomoors8ExOXDo87Tvk4IZwQaLJJTD3XKzIC5ux 9jWllBtXzW4nY2jYKlkl59eYEOGRByagkXqjn53sYBE5qxjEHvD23O6q -----END CERTIFICATE-----Generated at Sat Apr 5 16:36:19 2025 by rpki-client