$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/10jFCvdKhNdM9AQrMY_vMcR0l1Q.roa File: 10jFCvdKhNdM9AQrMY_vMcR0l1Q.roa (raw, json) Hash identifier: 5pCcqZeP36dS3FxEwfoB0fLTuwicBjQ6W8ujyafyPX0= Subject key identifier: D7:48:C5:0A:F7:4A:84:D7:4C:F4:04:2B:31:8F:EF:31:C4:74:97:54 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0FCB Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/10jFCvdKhNdM9AQrMY_vMcR0l1Q.roa Signing time: Fri 01 Sep 2023 08:29:34 +0000 ROA not before: Fri 01 Sep 2023 08:29:34 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 63199 IP address blocks: 150.116.82.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 08:21:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4043 (0xfcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:34 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=D748C50AF74A84D74CF4042B318FEF31C4749754 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:e0:3f:cb:50:e3:d2:2c:57:02:ef:17:ab:b6: a3:70:37:d6:c4:06:e2:fd:9c:b9:cd:38:1f:65:30: f9:59:af:7a:0f:d6:cf:ab:25:b5:70:b6:79:4a:38: 2c:7d:99:e0:0c:39:cf:bb:12:55:54:81:48:eb:ee: 1b:fa:aa:e4:a9:22:b4:7a:24:0f:8a:d0:6a:86:eb: c9:95:38:50:58:29:a7:b2:b1:e9:1b:4d:03:2c:40: 5b:57:95:79:42:65:fd:6a:e4:d7:52:0f:d7:24:cb: 5d:5d:20:c4:7c:a8:b4:43:e7:d3:45:42:fd:46:2e: 7d:00:50:a6:c1:da:d0:b6:8f:bb:3d:88:2f:1a:31: 85:c0:f3:c9:f8:e1:75:50:9c:06:37:92:52:c1:c4: 4b:50:b7:8d:1d:1d:2b:c9:db:6f:5c:1f:f0:01:2a: 7f:59:98:36:7f:b7:a3:60:99:fc:ba:72:83:4e:ab: 66:97:5d:83:79:03:99:73:4c:e3:37:29:d1:a7:72: 80:9a:85:b2:10:4e:03:10:9a:09:ea:9d:38:97:17: 19:09:2a:80:e7:b5:76:b9:63:15:a8:60:89:c5:e8: 45:a5:4d:53:ef:75:17:af:dc:68:77:a8:ca:3a:01: bd:fa:1c:dd:e6:f9:1c:81:12:41:c0:94:27:b4:44: 03:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:48:C5:0A:F7:4A:84:D7:4C:F4:04:2B:31:8F:EF:31:C4:74:97:54 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/10jFCvdKhNdM9AQrMY_vMcR0l1Q.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.82.0/24 Signature Algorithm: sha256WithRSAEncryption b0:14:b3:94:dd:05:96:c9:d6:84:f5:ff:d7:6e:39:89:a8:bc: e7:e9:f6:81:70:7f:67:f3:27:23:eb:ad:fa:2a:11:a7:39:2d: 99:43:7f:49:9d:9a:ca:6c:19:40:32:3b:35:82:b0:6d:af:51: 0b:c5:bf:fc:c0:6c:67:02:78:0e:07:69:21:b5:11:64:08:29: a7:41:2d:ea:a4:77:98:cd:73:85:6f:4b:db:25:e9:35:32:18: 3d:ba:d8:18:fa:b9:34:5a:79:ca:cb:47:90:6e:c5:cc:5a:fb: 2c:29:d0:88:2c:b6:5b:a6:79:f9:e0:a9:9e:38:5c:38:a1:cc: 3a:3e:8e:f5:95:ee:f9:40:22:45:c4:41:38:69:e2:99:49:79: 9f:39:7a:b2:d4:ce:34:ad:4d:3c:99:eb:a8:21:de:cf:c0:5c: 96:95:75:8e:d5:14:14:72:0f:84:73:2d:fb:3a:6e:ab:88:35: 97:94:bb:a0:ef:9c:7e:ef:5b:5a:6d:16:34:a8:da:c4:82:96: 35:04:dc:5c:b8:8e:82:06:d0:c0:28:16:95:3f:6f:8e:b6:e7: c5:4d:e8:f3:37:9b:be:b7:e9:46:ed:9e:4c:47:af:f7:f5:ab: 41:28:8f:27:9d:67:ab:c2:07:77:aa:20:b0:7b:3d:eb:d9:15: ed:13:c5:fb -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD8swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MzRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ3NDhDNTBBRjc0QTg0 RDc0Q0Y0MDQyQjMxOEZFRjMxQzQ3NDk3NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDG4D/LUOPSLFcC7xertqNwN9bEBuL9nLnNOB9lMPlZr3oP1s+r JbVwtnlKOCx9meAMOc+7ElVUgUjr7hv6quSpIrR6JA+K0GqG68mVOFBYKaeysekb TQMsQFtXlXlCZf1q5NdSD9cky11dIMR8qLRD59NFQv1GLn0AUKbB2tC2j7s9iC8a MYXA88n44XVQnAY3klLBxEtQt40dHSvJ229cH/ABKn9ZmDZ/t6Ngmfy6coNOq2aX XYN5A5lzTOM3KdGncoCahbIQTgMQmgnqnTiXFxkJKoDntXa5YxWoYInF6EWlTVPv dRev3Gh3qMo6Ab36HN3m+RyBEkHAlCe0RANTAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU10jFCvdKhNdM9AQrMY/vMcR0l1QwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8xMGpGQ3ZkS2hOZE05 QVFyTVlfdk1jUjBsMVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAlnRSMA0GCSqGSIb3DQEBCwUAA4IBAQCwFLOU3QWWydaE9f/XbjmJqLzn6faB cH9n8ycj6636KhGnOS2ZQ39JnZrKbBlAMjs1grBtr1ELxb/8wGxnAngOB2khtRFk CCmnQS3qpHeYzXOFb0vbJek1Mhg9utgY+rk0WnnKy0eQbsXMWvssKdCILLZbpnn5 4KmeOFw4ocw6Po71le75QCJFxEE4aeKZSXmfOXqy1M40rU08meuoId7PwFyWlXWO 1RQUcg+Ecy37Om6riDWXlLug75x+71tabRY0qNrEgpY1BNxcuI6CBtDAKBaVP2+O tufFTejzN5u+t+lG7Z5MR6/39atBKI8nnWerwgd3qiCwez3r2RXtE8X7 -----END CERTIFICATE-----Generated at Tue Jun 18 12:53:57 2024 by rpki-client on console-ams.rpki-client.org