$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DhBHTZ0eZOtZv1IwMgB7s_eyfBA.roa File: DhBHTZ0eZOtZv1IwMgB7s_eyfBA.roa (raw, json) Hash identifier: iFXIVHxUu2nsBUGBws+txIZrSWbUK/SRE48eB0oD2bU= Subject key identifier: 0E:10:47:4D:9D:1E:64:EB:59:BF:52:30:32:00:7B:B3:F7:B2:7C:10 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0F9D Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DhBHTZ0eZOtZv1IwMgB7s_eyfBA.roa Signing time: Fri 01 Sep 2023 08:29:21 +0000 ROA not before: Fri 01 Sep 2023 08:29:21 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 38851 IP address blocks: 150.116.120.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 08:21:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3997 (0xf9d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:21 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=0E10474D9D1E64EB59BF523032007BB3F7B27C10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:e4:6b:6a:06:86:dc:e1:b4:28:80:ae:fc:4e: 62:2f:9b:b7:bc:6f:e9:26:3f:39:e4:09:9a:57:83: 12:4c:24:69:0c:b5:30:42:e2:93:7b:ef:19:34:85: 11:9a:69:39:85:19:3b:ed:49:51:8d:d2:f7:bd:b3: 00:89:dc:79:f9:97:f8:d4:94:ff:af:c4:68:9e:ea: bc:65:a0:b7:24:4b:e0:34:ce:4c:b2:b8:a3:9f:03: 50:bc:53:79:28:d6:25:fa:6b:36:6c:25:1d:5a:61: 6b:6a:b1:33:92:68:10:e1:ca:f0:49:28:f6:89:26: 5c:22:97:e1:92:3f:5a:fd:b5:e2:f0:35:1d:0f:be: 38:ce:da:83:e9:56:4d:cd:20:d5:4b:70:be:57:f1: f0:00:b7:ab:27:52:d3:92:d3:35:c7:6a:13:2f:73: ae:8a:5a:5d:49:37:45:7e:7b:91:b4:11:36:e4:6a: 99:a9:e8:aa:ae:f7:89:e7:42:fd:49:d7:cd:01:6a: 96:7f:2a:c5:23:6e:ae:03:8d:64:c6:cb:95:14:18: d5:af:a3:d9:c0:aa:70:fc:68:0a:d0:58:89:eb:b7: 4e:09:14:18:74:ca:d9:b6:94:9c:73:8d:f9:05:0a: 5d:7e:04:f0:9d:fc:28:e9:73:1b:c4:c5:f9:e8:bc: 6f:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:10:47:4D:9D:1E:64:EB:59:BF:52:30:32:00:7B:B3:F7:B2:7C:10 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DhBHTZ0eZOtZv1IwMgB7s_eyfBA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.120.0/21 Signature Algorithm: sha256WithRSAEncryption 79:fe:6d:26:b2:22:1b:86:4e:8d:6a:fb:39:8c:e3:f9:ab:74: ca:e2:81:7d:63:7a:1d:bd:64:39:7a:a2:21:8a:b4:f2:7e:2f: 40:f8:ec:ed:7e:1a:08:f4:9d:1f:95:fe:a3:16:62:ac:a8:fd: e2:19:39:9d:46:33:85:bd:c1:c6:61:0a:50:1b:93:79:1c:92: 13:13:5d:e3:a4:1b:9d:8f:7b:a3:93:f1:ef:47:ee:5b:0b:be: 36:63:ce:fb:32:1c:20:70:26:52:82:24:16:40:50:33:dc:5a: 40:6b:46:02:d5:e0:79:5c:5a:80:e7:dd:fd:46:8f:d1:b7:11: b7:75:35:68:a9:ce:63:15:ce:be:3c:09:b4:78:1f:5f:d4:a2: a3:90:12:e6:00:a5:09:8f:fd:87:e5:e5:a8:bc:27:97:ef:43: a8:c2:2c:34:fe:29:b5:a4:e3:23:55:f2:af:17:ad:8c:12:d9: 27:e1:cd:4a:21:a8:c3:18:09:fd:37:98:77:00:f6:d6:d0:9a: 72:7e:95:86:47:2a:2d:ee:b3:71:ce:12:10:c7:aa:0c:83:bf: ff:b8:3a:0e:f7:72:fc:47:4c:30:62:73:c5:c8:17:b4:71:e7: bd:82:5c:c1:ef:0a:7a:32:b0:1c:1c:26:28:83:56:f9:7e:6b: 6d:f9:a1:0e -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD50wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBFMTA0NzREOUQxRTY0 RUI1OUJGNTIzMDMyMDA3QkIzRjdCMjdDMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCi5GtqBobc4bQogK78TmIvm7e8b+kmPznkCZpXgxJMJGkMtTBC 4pN77xk0hRGaaTmFGTvtSVGN0ve9swCJ3Hn5l/jUlP+vxGie6rxloLckS+A0zkyy uKOfA1C8U3ko1iX6azZsJR1aYWtqsTOSaBDhyvBJKPaJJlwil+GSP1r9teLwNR0P vjjO2oPpVk3NINVLcL5X8fAAt6snUtOS0zXHahMvc66KWl1JN0V+e5G0ETbkapmp 6Kqu94nnQv1J180BapZ/KsUjbq4DjWTGy5UUGNWvo9nAqnD8aArQWInrt04JFBh0 ytm2lJxzjfkFCl1+BPCd/CjpcxvExfnovG9tAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUDhBHTZ0eZOtZv1IwMgB7s/eyfBAwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9EaEJIVFowZVpPdFp2 MUl3TWdCN3NfZXlmQkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnR4MA0GCSqGSIb3DQEBCwUAA4IBAQB5/m0msiIbhk6Navs5jOP5q3TK4oF9 Y3odvWQ5eqIhirTyfi9A+OztfhoI9J0flf6jFmKsqP3iGTmdRjOFvcHGYQpQG5N5 HJITE13jpBudj3ujk/HvR+5bC742Y877MhwgcCZSgiQWQFAz3FpAa0YC1eB5XFqA 5939Ro/RtxG3dTVoqc5jFc6+PAm0eB9f1KKjkBLmAKUJj/2H5eWovCeX70Oowiw0 /im1pOMjVfKvF62MEtkn4c1KIajDGAn9N5h3APbW0JpyfpWGRyot7rNxzhIQx6oM g7//uDoO93L8R0wwYnPFyBe0cee9glzB7wp6MrAcHCYog1b5fmtt+aEO -----END CERTIFICATE-----Generated at Tue Jun 18 13:13:36 2024 by rpki-client on console-fra.rpki-client.org