$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/OnKiVyGKcKpyUyKQwWFD3paPcWk.roa File: OnKiVyGKcKpyUyKQwWFD3paPcWk.roa (raw, json) Hash identifier: oO8e4t+PBL4OfA0Ei04vLItAVEx4+3cD9YxilWyMluY= Subject key identifier: 3A:72:A2:57:21:8A:70:AA:72:53:22:90:C1:61:43:DE:96:8F:71:69 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0F6E Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/OnKiVyGKcKpyUyKQwWFD3paPcWk.roa Signing time: Fri 01 Sep 2023 08:29:08 +0000 ROA not before: Fri 01 Sep 2023 08:29:08 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 63199 IP address blocks: 150.116.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 08:21:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3950 (0xf6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:08 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=3A72A257218A70AA72532290C16143DE968F7169 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:aa:9a:c0:04:33:21:cb:bc:1f:56:34:16:cd: 38:1f:c8:fc:f5:15:87:e4:e8:9a:26:eb:5d:77:8b: fd:2e:87:1d:bc:20:27:50:bf:0a:be:f8:7e:ee:7e: 8a:b4:a0:66:50:11:b6:dd:d9:7b:cc:8d:29:c9:a2: 1e:45:2f:74:84:02:84:af:8e:f6:6f:c8:da:c7:c2: 94:b8:21:44:59:30:d4:5d:62:0a:74:63:77:2f:07: 4f:77:cc:98:a3:a8:b8:14:7e:d3:a6:15:fc:9a:ad: 10:7c:11:f5:28:e3:a3:d3:66:27:80:d5:d5:73:59: ba:bf:b4:e7:95:07:20:08:b0:5b:ad:49:93:1c:8c: bb:7d:2c:a3:3d:f8:c8:f6:d1:14:b5:66:1c:c1:66: 9e:17:dd:26:81:77:1a:8a:99:ed:fb:bb:50:8c:cd: dd:44:78:25:62:3f:ad:70:94:f1:3c:3a:28:55:5e: 66:91:6b:a0:7c:a2:01:f9:bc:81:96:a7:e8:52:e6: 5e:d1:bb:cf:6d:6a:3f:00:68:93:3b:ba:49:e3:4c: 95:d6:31:12:78:2e:42:85:ff:91:bb:b6:57:c1:9f: 00:72:09:5a:db:40:98:49:58:39:83:e4:b9:11:f8: 8a:d4:d0:34:ce:65:49:a6:29:22:5d:45:94:3a:69: 97:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:72:A2:57:21:8A:70:AA:72:53:22:90:C1:61:43:DE:96:8F:71:69 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/OnKiVyGKcKpyUyKQwWFD3paPcWk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.1.0/24 Signature Algorithm: sha256WithRSAEncryption 14:71:b5:3d:e2:20:e3:a8:0a:65:b2:63:c8:db:05:9b:04:f0: b6:30:f5:69:c4:b5:7b:53:fb:43:ac:9c:5d:f0:d1:51:5e:36: 05:77:8b:b9:e8:f7:fb:bd:4a:0c:bc:85:68:ec:5e:21:af:06: 07:b1:66:97:ab:05:38:d7:7e:15:e6:db:61:da:db:9c:02:98: a7:04:6e:be:67:6e:6d:5d:9c:11:4b:e3:80:3e:cd:c5:b9:b0: 11:e2:04:30:3c:a8:c4:41:ce:a2:eb:9d:be:47:4f:9d:b1:6b: c0:b5:49:72:73:0f:96:0c:d2:70:80:81:e0:ef:15:69:b6:62: 50:2e:9c:61:b4:f4:12:4a:d6:86:1d:76:c7:9d:16:b9:73:03: 45:dd:a6:23:52:69:4c:af:fe:76:6e:16:00:f3:d0:08:d4:a1: 2e:27:5d:88:4f:ff:70:0d:2c:99:ee:8b:92:10:09:16:de:43: 16:ed:85:28:c1:52:f8:e2:df:99:5f:25:26:c2:67:bf:01:13: fb:68:78:01:95:43:77:d5:e2:ac:55:d4:71:33:2b:5d:8e:3e: 0b:c5:02:0e:f4:87:8c:ac:7e:6d:d8:cb:ce:68:e6:29:d7:d4: f7:f9:3a:08:8f:e7:e8:5e:fa:3e:37:2e:ec:71:8c:b8:cb:2c: 1c:fc:3d:93 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD24wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNBNzJBMjU3MjE4QTcw QUE3MjUzMjI5MEMxNjE0M0RFOTY4RjcxNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+qprABDMhy7wfVjQWzTgfyPz1FYfk6Jom6113i/0uhx28ICdQ vwq++H7ufoq0oGZQEbbd2XvMjSnJoh5FL3SEAoSvjvZvyNrHwpS4IURZMNRdYgp0 Y3cvB093zJijqLgUftOmFfyarRB8EfUo46PTZieA1dVzWbq/tOeVByAIsFutSZMc jLt9LKM9+Mj20RS1ZhzBZp4X3SaBdxqKme37u1CMzd1EeCViP61wlPE8OihVXmaR a6B8ogH5vIGWp+hS5l7Ru89taj8AaJM7uknjTJXWMRJ4LkKF/5G7tlfBnwByCVrb QJhJWDmD5LkR+IrU0DTOZUmmKSJdRZQ6aZdpAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUOnKiVyGKcKpyUyKQwWFD3paPcWkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9PbktpVnlHS2NLcHlV eUtRd1dGRDNwYVBjV2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAlnQBMA0GCSqGSIb3DQEBCwUAA4IBAQAUcbU94iDjqAplsmPI2wWbBPC2MPVp xLV7U/tDrJxd8NFRXjYFd4u56Pf7vUoMvIVo7F4hrwYHsWaXqwU4134V5tth2tuc ApinBG6+Z25tXZwRS+OAPs3FubAR4gQwPKjEQc6i652+R0+dsWvAtUlycw+WDNJw gIHg7xVptmJQLpxhtPQSStaGHXbHnRa5cwNF3aYjUmlMr/52bhYA89AI1KEuJ12I T/9wDSyZ7ouSEAkW3kMW7YUowVL44t+ZXyUmwme/ARP7aHgBlUN31eKsVdRxMytd jj4LxQIO9IeMrH5t2MvOaOYp19T3+ToIj+foXvo+Ny7scYy4yywc/D2T -----END CERTIFICATE-----Generated at Tue Jun 18 13:13:36 2024 by rpki-client on console-fra.rpki-client.org