$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XzNNZsd5J_9pVeqRnpZLr2xXuNI.roa File: XzNNZsd5J_9pVeqRnpZLr2xXuNI.roa (raw, json) Hash identifier: n4+UXc3m36sPWg/Zn6QazwxHPcaOoziNuHXGuN+AaXU= Subject key identifier: 5F:33:4D:66:C7:79:27:FF:69:55:EA:91:9E:96:4B:AF:6C:57:B8:D2 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0F7A Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XzNNZsd5J_9pVeqRnpZLr2xXuNI.roa Signing time: Fri 01 Sep 2023 08:29:11 +0000 ROA not before: Fri 01 Sep 2023 08:29:11 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 17408 IP address blocks: 113.21.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 08:21:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3962 (0xf7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:11 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=5F334D66C77927FF6955EA919E964BAF6C57B8D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:e0:f6:70:a8:90:3b:3c:f2:64:db:e8:b3:ff: f4:d1:d3:a7:4b:e3:98:71:e1:d1:78:63:6e:87:07: 69:f8:b6:14:b3:c8:7d:1f:a0:28:3c:3a:e8:73:ce: 2e:f1:ef:61:70:e6:05:cc:c7:bb:5d:9b:ae:fd:8b: 5e:36:2f:b8:f1:01:7c:71:8f:b6:70:d4:13:40:fe: a3:fc:09:9a:37:08:1a:27:61:d7:4d:ef:14:c8:96: 36:9b:32:25:73:6a:71:dc:ad:f7:41:8b:8e:b7:49: dd:34:07:99:eb:8d:cd:3d:05:f3:6a:d5:ba:31:1f: c4:e4:7e:9e:bf:79:d7:68:3e:a3:0b:21:9d:df:6d: fe:fc:b5:cb:22:53:b7:ea:ba:60:b1:e1:5d:9e:cb: cf:b9:65:8a:13:cb:6b:f0:81:e3:bc:a9:17:c5:8f: 32:e3:4f:96:d8:c8:3e:e5:23:0d:9a:6d:19:72:41: 07:9b:c1:c1:05:6d:b6:a0:0b:d6:bf:27:4a:82:42: 46:21:74:c2:6f:12:ec:ae:38:77:05:ce:f5:cf:99: aa:3a:c3:1c:ba:89:59:8d:d3:fd:32:f0:22:fd:38: 5c:5b:70:77:cf:64:7b:9f:72:25:31:b6:04:d1:90: 7b:5e:c0:5a:d9:8c:ad:6a:b1:cc:cb:fc:89:10:ab: 59:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:33:4D:66:C7:79:27:FF:69:55:EA:91:9E:96:4B:AF:6C:57:B8:D2 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XzNNZsd5J_9pVeqRnpZLr2xXuNI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.21.95.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:83:e3:a5:7a:44:20:fa:4a:9a:7b:2e:94:a7:cc:92:f8:1a: 06:1d:ed:fc:20:0c:01:be:58:20:fd:c0:83:8b:08:c2:05:18: 8a:9e:74:f9:a2:7c:1e:21:32:ec:c4:21:91:fd:b0:69:14:71: ad:f3:53:58:69:8b:d7:df:2b:c8:0c:94:42:ae:ea:81:fc:26: 3d:65:3a:5f:c1:4d:1e:da:28:a5:a0:07:ec:37:43:55:31:7e: c3:c9:b4:b8:88:46:9f:36:4d:c5:0e:af:e5:c3:8a:eb:4e:29: b9:53:74:b0:96:d0:82:35:b9:7d:f9:48:dc:4a:8c:02:c2:ff: c0:af:05:13:57:48:89:ce:49:eb:78:5b:43:8a:54:32:57:c6: 8a:ab:3c:43:bc:46:f6:a0:6a:d2:ae:ec:1c:24:2c:dc:aa:1e: 8a:5d:f2:8d:f2:7c:79:f2:42:4f:2f:cb:3f:28:b4:85:f2:d8: ff:46:5c:fc:43:98:84:2e:f6:a6:84:71:fe:2d:bb:23:c8:b4: 0e:ea:f1:bb:b3:f7:50:97:35:e2:d2:94:5e:7a:63:06:4f:ac: d1:b0:79:fd:4f:4f:76:3d:50:a1:8e:44:58:89:86:e9:0c:e9: 10:4b:6b:db:9d:9d:f4:e6:52:18:7a:57:e8:8a:59:c1:00:d5: 02:23:b8:ec -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDVGMzM0RDY2Qzc3OTI3 RkY2OTU1RUE5MTlFOTY0QkFGNkM1N0I4RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW4PZwqJA7PPJk2+iz//TR06dL45hx4dF4Y26HB2n4thSzyH0f oCg8Ouhzzi7x72Fw5gXMx7tdm679i142L7jxAXxxj7Zw1BNA/qP8CZo3CBonYddN 7xTIljabMiVzanHcrfdBi463Sd00B5nrjc09BfNq1boxH8Tkfp6/eddoPqMLIZ3f bf78tcsiU7fqumCx4V2ey8+5ZYoTy2vwgeO8qRfFjzLjT5bYyD7lIw2abRlyQQeb wcEFbbagC9a/J0qCQkYhdMJvEuyuOHcFzvXPmao6wxy6iVmN0/0y8CL9OFxbcHfP ZHufciUxtgTRkHtewFrZjK1qsczL/IkQq1kRAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUXzNNZsd5J/9pVeqRnpZLr2xXuNIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9Yek5OWnNkNUpfOXBW ZXFSbnBaTHIyeFh1Tkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAcRVfMA0GCSqGSIb3DQEBCwUAA4IBAQBbg+OlekQg+kqaey6Up8yS+BoGHe38 IAwBvlgg/cCDiwjCBRiKnnT5onweITLsxCGR/bBpFHGt81NYaYvX3yvIDJRCruqB /CY9ZTpfwU0e2iiloAfsN0NVMX7DybS4iEafNk3FDq/lw4rrTim5U3SwltCCNbl9 +UjcSowCwv/ArwUTV0iJzknreFtDilQyV8aKqzxDvEb2oGrSruwcJCzcqh6KXfKN 8nx58kJPL8s/KLSF8tj/Rlz8Q5iELvamhHH+LbsjyLQO6vG7s/dQlzXi0pReemMG T6zRsHn9T092PVChjkRYiYbpDOkQS2vbnZ305lIYelfoilnBANUCI7js -----END CERTIFICATE-----Generated at Tue Jun 18 12:53:57 2024 by rpki-client on console-ams.rpki-client.org