$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zjjsrR_Y1EGXgghYMcu25ORWX7s.roa File: zjjsrR_Y1EGXgghYMcu25ORWX7s.roa (raw, json) Hash identifier: r9i83n6Jw+B/HukqwYANjt4lQMw2/W6tOTtzjznjX7s= Subject key identifier: CE:38:EC:AD:1F:D8:D4:41:97:82:08:58:31:CB:B6:E4:E4:56:5F:BB Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1264 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zjjsrR_Y1EGXgghYMcu25ORWX7s.roa Signing time: Mon 10 Feb 2025 14:14:47 +0000 ROA not before: Mon 10 Feb 2025 14:14:47 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 150.116.32.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4708 (0x1264) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:47 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CE38ECAD1FD8D4419782085831CBB6E4E4565FBB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:a6:09:a2:ae:a2:f6:d7:de:30:08:dc:13:c2: 63:ba:45:dc:93:fb:4c:ff:b9:a9:e0:f7:8f:1b:18: 0c:16:5c:c2:05:06:27:e5:33:cf:ef:2d:a4:e0:39: c1:62:6b:32:76:18:08:23:49:44:da:4d:d6:37:44: e9:e0:cc:71:0c:e5:94:aa:bf:01:2f:77:c2:41:11: 7a:c5:91:59:2e:a5:2f:8d:19:bb:e0:97:3a:54:b7: e0:24:dd:17:86:58:9c:2b:9e:f2:4a:89:15:ab:fe: 78:45:85:c2:1b:60:fd:34:ef:d2:1b:40:b6:c1:9a: 6f:c1:8b:26:27:46:f3:37:13:60:d5:8e:6b:df:85: 1c:dd:89:ba:ad:f2:da:d8:68:fb:a2:af:b4:31:6d: 52:90:06:89:e8:04:6f:ee:9b:d4:64:ce:3b:0c:94: 12:53:4d:e9:d9:0c:4f:36:c0:62:e3:81:fb:b6:03: ff:d9:78:c9:65:2c:23:c7:77:b4:d1:c6:11:1c:64: 93:c5:d7:63:fe:d4:3f:c6:5b:5b:e3:39:d9:dc:86: 06:f8:63:92:bd:32:6a:10:19:98:4a:52:bb:dd:c6: 9a:da:f0:c9:43:e7:8f:68:d4:83:6c:95:d9:45:60: 39:54:3c:5f:40:ec:76:e4:c2:ad:02:0b:76:5f:05: 2d:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:38:EC:AD:1F:D8:D4:41:97:82:08:58:31:CB:B6:E4:E4:56:5F:BB X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zjjsrR_Y1EGXgghYMcu25ORWX7s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.32.0/20 Signature Algorithm: sha256WithRSAEncryption 28:ba:6c:02:23:0b:26:67:c9:ad:a0:d9:31:22:30:54:fd:d1: ce:06:cf:29:90:bb:66:e9:62:39:47:3b:1f:ff:17:a6:b0:e5: 74:5b:b6:a4:48:cb:f5:1b:fb:0d:13:95:94:bb:78:4b:59:fa: a8:4d:59:17:5f:a3:99:f1:02:7b:da:17:d7:2e:83:ab:5c:dd: 8a:44:46:b4:f5:a3:34:3f:57:7c:92:31:58:f7:6c:b8:77:8c: 6f:d8:14:f9:ae:51:09:98:0d:3d:b1:a6:2b:2b:e2:f4:3e:6c: 0c:f9:b6:6c:c5:98:bb:80:e3:61:a0:8a:7d:5e:fe:22:b7:28: 2e:ee:83:d7:ca:09:60:c3:9a:28:14:44:ff:07:34:35:43:46: e1:ed:95:a0:82:b3:61:ba:1b:65:3f:2b:7d:12:4b:c0:54:5d: a0:92:23:88:58:75:e7:85:37:59:b7:86:72:a5:31:e0:e3:58: 8f:cd:97:0a:ed:d3:b3:a8:47:5c:45:50:c8:7d:1d:1f:78:7b: 22:60:98:62:dc:59:b8:32:85:a1:7b:1d:fb:ed:0d:42:53:5e: 1b:b0:32:6f:43:d6:0a:bb:e6:82:12:30:01:80:40:ae:10:a8: d6:dc:99:39:97:19:f9:45:1e:a6:07:28:32:d3:30:b4:40:39: c0:68:32:29 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEmQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENFMzhFQ0FEMUZEOEQ0 NDE5NzgyMDg1ODMxQ0JCNkU0RTQ1NjVGQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2pgmirqL2194wCNwTwmO6RdyT+0z/uang948bGAwWXMIFBifl M8/vLaTgOcFiazJ2GAgjSUTaTdY3ROngzHEM5ZSqvwEvd8JBEXrFkVkupS+NGbvg lzpUt+Ak3ReGWJwrnvJKiRWr/nhFhcIbYP0079IbQLbBmm/BiyYnRvM3E2DVjmvf hRzdibqt8trYaPuir7QxbVKQBonoBG/um9RkzjsMlBJTTenZDE82wGLjgfu2A//Z eMllLCPHd7TRxhEcZJPF12P+1D/GW1vjOdnchgb4Y5K9MmoQGZhKUrvdxpra8MlD 549o1INsldlFYDlUPF9A7Hbkwq0CC3ZfBS1DAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUzjjsrR/Y1EGXgghYMcu25ORWX7swHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy96ampzclJfWTFFR1hn Z2hZTWN1MjVPUldYN3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQElnQgMA0GCSqGSIb3DQEBCwUAA4IBAQAoumwCIwsmZ8mtoNkxIjBU/dHOBs8p kLtm6WI5Rzsf/xemsOV0W7akSMv1G/sNE5WUu3hLWfqoTVkXX6OZ8QJ72hfXLoOr XN2KREa09aM0P1d8kjFY92y4d4xv2BT5rlEJmA09saYrK+L0PmwM+bZsxZi7gONh oIp9Xv4itygu7oPXyglgw5ooFET/BzQ1Q0bh7ZWggrNhuhtlPyt9EkvAVF2gkiOI WHXnhTdZt4ZypTHg41iPzZcK7dOzqEdcRVDIfR0feHsiYJhi3Fm4MoWhex377Q1C U14bsDJvQ9YKu+aCEjABgECuEKjW3Jk5lxn5RR6mBygy0zC0QDnAaDIp -----END CERTIFICATE-----Generated at Sat Apr 5 16:36:19 2025 by rpki-client