$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/VqwzpqIu290Zq5qRCjNvndJCeow.roa File: VqwzpqIu290Zq5qRCjNvndJCeow.roa (raw, json) Hash identifier: h2nrCObeUXojB7suMkmhL8ydYxz4WGaTfQBHndVwy0g= Subject key identifier: 56:AC:33:A6:A2:2E:DB:DD:19:AB:9A:91:0A:33:6F:9D:D2:42:7A:8C Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1285 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/VqwzpqIu290Zq5qRCjNvndJCeow.roa Signing time: Mon 10 Feb 2025 14:14:57 +0000 ROA not before: Mon 10 Feb 2025 14:14:57 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 150.116.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 12:06:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4741 (0x1285) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:57 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=56AC33A6A22EDBDD19AB9A910A336F9DD2427A8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6b:dd:b8:25:32:3b:87:a5:f0:c2:99:9d:de: 8f:67:88:e6:93:3b:c0:f8:ea:60:56:86:b1:5d:5b: e0:c9:73:59:93:f6:98:4b:9d:b3:a7:76:0b:cf:f5: 63:52:92:85:7a:f4:d9:c6:4a:0d:16:f7:6d:2c:04: 54:a5:4f:53:07:6b:1a:d4:88:a8:e3:33:ad:85:09: 42:e6:fb:bd:ea:2b:d0:3a:3c:51:05:96:0e:c3:d1: ac:0a:25:0b:61:ac:5b:a1:26:e9:3e:db:22:6c:bb: e3:ca:f1:76:ba:ae:97:0d:a2:7c:90:b1:e9:97:fb: f7:38:4b:43:a4:5a:e4:f6:42:82:bf:44:7e:49:14: 31:38:18:c2:8a:6c:f4:28:44:f0:f9:20:0b:aa:f5: 1e:8a:4c:01:86:18:06:3c:a6:d7:1a:bf:16:e5:70: 23:28:fe:21:b7:db:8b:e9:15:b4:6a:1b:0e:51:fc: a6:5d:a8:8c:6e:42:f7:c2:6d:64:eb:41:04:f1:0c: d6:6f:d2:bd:04:e2:39:f2:65:c3:d8:c6:48:64:63: 83:4c:75:df:1a:36:7f:fe:56:12:d3:69:90:d7:bc: 64:d8:cc:f2:d2:e3:e4:0c:3e:67:2c:f7:da:2f:a5: 9d:a8:dc:f0:19:74:39:a9:91:fa:d9:8c:07:80:9b: d1:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:AC:33:A6:A2:2E:DB:DD:19:AB:9A:91:0A:33:6F:9D:D2:42:7A:8C X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/VqwzpqIu290Zq5qRCjNvndJCeow.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.172.0/22 Signature Algorithm: sha256WithRSAEncryption 4a:46:e5:eb:7d:11:ca:c5:83:b8:c6:9d:84:6a:e4:e4:1e:ff: 49:07:ce:f5:4a:6f:c6:1e:f5:87:c4:64:35:e2:e7:d4:32:d7: f8:80:5a:e1:ec:51:b2:f3:80:4c:7f:65:f0:46:47:c9:d0:dc: 70:eb:af:52:c7:0e:89:8b:73:c1:c5:27:ec:bb:7a:b9:34:9b: 0c:db:d3:58:2b:9b:d2:ff:1a:97:9f:c8:99:d9:49:1d:19:76: aa:e8:16:60:09:33:bd:86:24:c1:08:af:76:ff:b6:38:25:56: ed:be:48:63:81:85:9a:9a:9d:09:d5:87:26:86:16:19:a5:e6: 6e:cf:f3:33:af:84:8e:ea:6e:e7:3c:6a:b6:a5:77:bf:76:cc: 54:20:ac:7b:f2:69:27:21:55:41:d9:c0:7b:55:9d:5c:29:3b: 1d:4d:d8:a6:8b:79:4e:60:65:b1:be:2a:0d:b9:71:de:12:59: 39:bb:ca:9a:bb:a1:51:88:f0:47:07:35:cb:52:f7:a5:cc:71: 7d:43:90:db:5c:c7:68:73:cf:74:8e:1a:7d:49:15:ec:c5:f4: 5f:d6:cc:64:9a:f4:dc:74:4a:d4:b5:a3:80:48:f8:3f:41:6f: ac:3d:c1:db:3f:76:a1:6f:39:42:c2:38:81:82:3d:5b:8d:a5: fc:a7:65:4b -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU2QUMzM0E2QTIyRURC REQxOUFCOUE5MTBBMzM2RjlERDI0MjdBOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDja924JTI7h6Xwwpmd3o9niOaTO8D46mBWhrFdW+DJc1mT9phL nbOndgvP9WNSkoV69NnGSg0W920sBFSlT1MHaxrUiKjjM62FCULm+73qK9A6PFEF lg7D0awKJQthrFuhJuk+2yJsu+PK8Xa6rpcNonyQsemX+/c4S0OkWuT2QoK/RH5J FDE4GMKKbPQoRPD5IAuq9R6KTAGGGAY8ptcavxblcCMo/iG324vpFbRqGw5R/KZd qIxuQvfCbWTrQQTxDNZv0r0E4jnyZcPYxkhkY4NMdd8aNn/+VhLTaZDXvGTYzPLS 4+QMPmcs99ovpZ2o3PAZdDmpkfrZjAeAm9F5AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUVqwzpqIu290Zq5qRCjNvndJCeowwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9WcXd6cHFJdTI5MFpx NXFSQ2pOdm5kSkNlb3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQClnSsMA0GCSqGSIb3DQEBCwUAA4IBAQBKRuXrfRHKxYO4xp2EauTkHv9JB871 Sm/GHvWHxGQ14ufUMtf4gFrh7FGy84BMf2XwRkfJ0Nxw669Sxw6Ji3PBxSfsu3q5 NJsM29NYK5vS/xqXn8iZ2UkdGXaq6BZgCTO9hiTBCK92/7Y4JVbtvkhjgYWamp0J 1YcmhhYZpeZuz/Mzr4SO6m7nPGq2pXe/dsxUIKx78mknIVVB2cB7VZ1cKTsdTdim i3lOYGWxvioNuXHeElk5u8qau6FRiPBHBzXLUvelzHF9Q5DbXMdoc890jhp9SRXs xfRf1sxkmvTcdErUtaOASPg/QW+sPcHbP3ahbzlCwjiBgj1bjaX8p2VL -----END CERTIFICATE-----Generated at Sun Apr 6 09:10:52 2025 by rpki-client