$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z3tz4oLkW-sVdJZt1MDtelHdw5Y.roa File: Z3tz4oLkW-sVdJZt1MDtelHdw5Y.roa (raw, json) Hash identifier: cAewx9VKT0ulK6vQkPtpTpCDxSKlzlNZ+bxkta8ilF4= Subject key identifier: 67:7B:73:E2:82:E4:5B:EB:15:74:96:6D:D4:C0:ED:7A:51:DD:C3:96 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0F60 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z3tz4oLkW-sVdJZt1MDtelHdw5Y.roa Signing time: Fri 01 Sep 2023 08:29:03 +0000 ROA not before: Fri 01 Sep 2023 08:29:03 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131627 IP address blocks: 150.117.240.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Jun 2024 08:21:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3936 (0xf60) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:03 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=677B73E282E45BEB1574966DD4C0ED7A51DDC396 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:98:00:b9:a5:6d:23:75:71:f1:97:7c:df:9b: e0:87:81:65:88:92:97:da:15:c0:41:12:78:f2:1b: 45:60:12:e5:f8:75:f7:2f:9f:0f:0e:c3:8f:37:6d: 2f:13:83:4f:f5:44:15:98:3a:57:97:bb:97:d8:7d: c9:d1:aa:e0:42:b6:29:72:54:d7:ad:1e:58:e5:01: eb:cf:c3:9f:bc:86:a0:b3:07:f0:94:dc:5b:a7:63: 48:d1:4c:6c:75:3e:89:2d:b2:38:e1:d4:e8:df:88: 96:bd:0b:72:13:12:2d:d2:89:f9:57:30:6a:08:9b: 2b:10:48:de:25:e8:a3:e2:00:32:27:bb:4c:5a:db: 6b:8b:6f:73:a2:3d:6e:15:85:d3:e2:23:a9:df:de: 8c:11:72:b6:3e:6c:34:a6:69:1c:7d:0f:2e:46:4b: 75:81:46:4c:e1:8c:6f:4a:35:8f:b9:4b:43:ed:92: 90:b8:6e:7e:13:ac:cb:62:12:c8:8d:7b:60:a0:a7: 64:0b:1a:38:a4:8b:98:fb:0e:31:d0:25:9b:a4:78: 47:f6:83:d8:d4:38:63:05:7b:66:d0:cf:58:f7:a6: a0:f4:c8:87:40:c2:fd:f7:84:55:35:c6:85:a3:34: 10:70:41:76:3c:98:80:81:7c:76:67:02:67:0a:70: fe:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:7B:73:E2:82:E4:5B:EB:15:74:96:6D:D4:C0:ED:7A:51:DD:C3:96 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z3tz4oLkW-sVdJZt1MDtelHdw5Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.240.0/20 Signature Algorithm: sha256WithRSAEncryption 6c:8e:42:b6:bd:35:b6:bf:dd:84:4b:12:c1:05:bb:18:ff:39: b0:44:17:69:0f:14:0c:31:87:c5:b5:e9:16:03:8b:c7:b0:c1: 98:16:36:cf:51:c5:31:34:3e:51:2d:eb:8b:80:16:fb:ad:04: ff:67:be:41:59:53:3f:40:df:a1:c3:1a:7f:0a:a7:ae:61:ce: a6:41:12:79:5d:37:9d:51:d9:1f:1c:06:fb:ff:3e:a3:66:25: c7:75:89:ed:a5:09:94:93:d8:31:cf:3f:d4:8b:1a:c1:f0:13: 86:79:8d:13:18:1d:da:35:ad:6f:ab:ff:fe:73:ec:64:04:a2: dc:32:b9:4a:06:f1:f5:60:5e:0d:1c:46:11:03:87:2a:6c:f7: 3c:a9:b3:1a:f1:1f:e0:b4:78:10:8c:27:10:69:af:a9:74:4b: 03:b8:d4:58:35:74:47:25:11:c5:57:26:16:6c:97:c2:d7:f7: 97:91:25:eb:da:d9:45:71:14:25:12:b0:0f:c5:0e:94:17:47: 4e:11:70:10:ba:72:1d:bd:9f:3a:9f:d9:67:54:0a:d5:84:e3: aa:79:fa:16:ec:6a:06:55:2f:a2:49:f0:3f:31:4d:68:51:1a: 87:6c:0a:53:38:eb:9a:43:82:a7:b5:b4:8f:ae:d3:42:3d:22: 26:e8:8b:b0 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY3N0I3M0UyODJFNDVC RUIxNTc0OTY2REQ0QzBFRDdBNTFEREMzOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4mAC5pW0jdXHxl3zfm+CHgWWIkpfaFcBBEnjyG0VgEuX4dfcv nw8Ow483bS8Tg0/1RBWYOleXu5fYfcnRquBCtilyVNetHljlAevPw5+8hqCzB/CU 3FunY0jRTGx1Poktsjjh1OjfiJa9C3ITEi3SiflXMGoImysQSN4l6KPiADInu0xa 22uLb3OiPW4VhdPiI6nf3owRcrY+bDSmaRx9Dy5GS3WBRkzhjG9KNY+5S0PtkpC4 bn4TrMtiEsiNe2Cgp2QLGjiki5j7DjHQJZukeEf2g9jUOGMFe2bQz1j3pqD0yIdA wv33hFU1xoWjNBBwQXY8mICBfHZnAmcKcP5bAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUZ3tz4oLkW+sVdJZt1MDtelHdw5YwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9aM3R6NG9Ma1ctc1Zk Slp0MU1EdGVsSGR3NVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQElnXwMA0GCSqGSIb3DQEBCwUAA4IBAQBsjkK2vTW2v92ESxLBBbsY/zmwRBdp DxQMMYfFtekWA4vHsMGYFjbPUcUxND5RLeuLgBb7rQT/Z75BWVM/QN+hwxp/Cqeu Yc6mQRJ5XTedUdkfHAb7/z6jZiXHdYntpQmUk9gxzz/UixrB8BOGeY0TGB3aNa1v q//+c+xkBKLcMrlKBvH1YF4NHEYRA4cqbPc8qbMa8R/gtHgQjCcQaa+pdEsDuNRY NXRHJRHFVyYWbJfC1/eXkSXr2tlFcRQlErAPxQ6UF0dOEXAQunIdvZ86n9lnVArV hOOqefoW7GoGVS+iSfA/MU1oURqHbApTOOuaQ4KntbSPrtNCPSIm6Iuw -----END CERTIFICATE-----Generated at Tue Jun 18 12:53:57 2024 by rpki-client on console-ams.rpki-client.org