$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/AIfMQ6ic-rFC6DoXvfraF8AGiHw.roa File: AIfMQ6ic-rFC6DoXvfraF8AGiHw.roa (raw, json) Hash identifier: HYJWGH5E6YHa3pDHUvuSNlCaxMJEXDC7BBBMF0cbT60= Subject key identifier: 00:87:CC:43:A8:9C:FA:B1:42:E8:3A:17:BD:FA:DA:17:C0:06:88:7C Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0F77 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/AIfMQ6ic-rFC6DoXvfraF8AGiHw.roa Signing time: Fri 01 Sep 2023 08:29:10 +0000 ROA not before: Fri 01 Sep 2023 08:29:10 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 18419 IP address blocks: 118.150.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 08:21:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3959 (0xf77) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:10 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=0087CC43A89CFAB142E83A17BDFADA17C006887C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5e:e4:da:b0:28:55:b2:06:32:95:e8:42:0e: 0f:3d:8b:17:48:17:67:c4:b7:10:bf:cd:57:11:f1: 7b:e3:15:a3:14:fd:1a:48:5a:74:34:4f:aa:76:30: 92:45:d9:10:13:3e:ee:57:2b:80:7d:47:4f:49:4e: 27:4e:03:c1:9b:60:26:0b:8b:45:ff:fb:44:d6:0c: 31:e5:db:4c:07:45:cb:2f:b6:1f:ac:29:bd:9e:0a: e9:97:29:76:45:01:0b:e1:8e:ee:30:41:57:c3:b9: 67:1e:65:2e:30:8f:c1:76:68:e0:4e:7d:ee:65:a8: 90:a3:19:7b:3b:7f:04:5b:20:54:28:ca:39:75:53: 30:07:2b:34:c2:3a:7f:a0:f7:1b:ef:1d:ca:3b:9c: 2c:50:d4:ed:80:d6:86:7a:88:40:4d:85:59:3a:4f: d1:e7:94:c9:cc:45:2e:ff:d1:f0:47:70:f0:dc:5d: f3:d2:0f:89:df:5a:28:09:24:e6:5c:0c:ca:34:ab: 93:f1:47:72:e8:2d:56:d3:76:43:2b:cf:30:55:dd: 55:cb:78:1b:96:f6:c6:b6:98:39:08:dd:55:f8:7e: 9b:ca:ea:ba:cf:b5:5e:5e:9d:ad:1a:fd:1a:f5:58: f2:d5:3c:7e:01:6b:c3:9e:d1:a9:b9:d4:f0:d7:1a: da:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:87:CC:43:A8:9C:FA:B1:42:E8:3A:17:BD:FA:DA:17:C0:06:88:7C X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/AIfMQ6ic-rFC6DoXvfraF8AGiHw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.150.0.0/17 Signature Algorithm: sha256WithRSAEncryption 6a:5e:4a:24:68:16:d3:24:19:3a:ff:e7:85:2a:ae:d3:f3:b0: 53:7a:29:5a:9c:ad:64:02:e3:07:00:0b:5d:8c:7e:1f:e0:d4: 44:05:51:68:7c:de:96:21:34:8e:9a:1a:8a:fd:08:4c:1b:d6: 37:c8:ef:9a:f8:0c:8e:b1:42:7f:87:ac:1e:29:a3:b2:7a:b1: 81:52:23:55:4b:d0:bd:39:83:93:00:4c:90:3e:df:af:f4:b0: 5e:fe:c2:cc:6f:82:59:35:82:17:ac:fb:19:39:1a:41:80:5f: 21:1d:50:e4:76:63:2c:80:75:4c:ef:ed:cd:fc:8b:3a:56:8d: 2b:ff:29:6d:23:44:73:19:76:55:7e:41:55:1a:ce:3a:86:69: 4c:76:4e:b1:37:5e:e6:7e:cb:81:2e:c8:ed:af:17:ad:24:e2: f6:3b:36:c0:d6:08:cd:1e:ad:80:fb:5a:79:9e:11:9d:8e:5f: 7f:41:cf:57:26:20:ec:82:83:bd:c8:19:3a:5e:9a:91:be:0f: f9:6e:cc:cc:56:46:b2:7e:20:0a:a0:6f:bb:5f:cc:5e:b6:90: 46:bb:62:ef:49:1d:94:9c:6b:d2:e6:c0:e2:fb:f7:13:b5:5e: 9f:90:a8:62:e3:c1:87:86:59:cb:49:b4:ab:51:51:20:69:10: ce:ec:24:94 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD3cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDAwODdDQzQzQTg5Q0ZB QjE0MkU4M0ExN0JERkFEQTE3QzAwNjg4N0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEXuTasChVsgYylehCDg89ixdIF2fEtxC/zVcR8XvjFaMU/RpI WnQ0T6p2MJJF2RATPu5XK4B9R09JTidOA8GbYCYLi0X/+0TWDDHl20wHRcsvth+s Kb2eCumXKXZFAQvhju4wQVfDuWceZS4wj8F2aOBOfe5lqJCjGXs7fwRbIFQoyjl1 UzAHKzTCOn+g9xvvHco7nCxQ1O2A1oZ6iEBNhVk6T9HnlMnMRS7/0fBHcPDcXfPS D4nfWigJJOZcDMo0q5PxR3LoLVbTdkMrzzBV3VXLeBuW9sa2mDkI3VX4fpvK6rrP tV5ena0a/Rr1WPLVPH4Ba8Oe0am51PDXGtrFAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUAIfMQ6ic+rFC6DoXvfraF8AGiHwwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9BSWZNUTZpYy1yRkM2 RG9YdmZyYUY4QUdpSHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQHdpYAMA0GCSqGSIb3DQEBCwUAA4IBAQBqXkokaBbTJBk6/+eFKq7T87BTeila nK1kAuMHAAtdjH4f4NREBVFofN6WITSOmhqK/QhMG9Y3yO+a+AyOsUJ/h6weKaOy erGBUiNVS9C9OYOTAEyQPt+v9LBe/sLMb4JZNYIXrPsZORpBgF8hHVDkdmMsgHVM 7+3N/Is6Vo0r/yltI0RzGXZVfkFVGs46hmlMdk6xN17mfsuBLsjtrxetJOL2OzbA 1gjNHq2A+1p5nhGdjl9/Qc9XJiDsgoO9yBk6XpqRvg/5bszMVkayfiAKoG+7X8xe tpBGu2LvSR2UnGvS5sDi+/cTtV6fkKhi48GHhlnLSbSrUVEgaRDO7CSU -----END CERTIFICATE-----Generated at Tue Jun 18 13:13:36 2024 by rpki-client on console-fra.rpki-client.org