$ rpki-client -vvf rpkica.twnic.tw/rpki/CHIEF-TW/0/AS132157.roa File: AS132157.roa (raw, json) Hash identifier: tFFi1vSrbwtrfFt/UyfwLLV2meCBJmoSlGLhs6pZWrY= Subject key identifier: 0F:3A:B9:09:DB:DA:02:72:6B:1B:2D:C1:CD:40:71:69:21:42:93:35 Certificate issuer: /CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314 Certificate serial: 353A0396B103F60DA71CED329FC9FC7C67600230 Authority key identifier: 33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer Subject info access: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS132157.roa Signing time: Mon 11 May 2026 17:18:13 +0000 ROA not before: Mon 11 May 2026 17:13:13 +0000 ROA not after: Mon 10 May 2027 17:18:13 +0000 asID: 132157 IP address blocks: 150.116.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 12:50:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:3a:03:96:b1:03:f6:0d:a7:1c:ed:32:9f:c9:fc:7c:67:60:02:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314 Validity Not Before: May 11 17:13:13 2026 GMT Not After : May 10 17:18:13 2027 GMT Subject: CN=0F3AB909DBDA02726B1B2DC1CD40716921429335 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:8d:dd:21:52:85:58:14:67:ad:5d:44:78:9e: 9c:0b:8a:0a:31:50:84:a3:4c:87:90:92:67:7c:15: 46:1c:f2:0d:9c:51:43:3c:00:e8:06:42:a4:ad:02: df:a4:67:19:86:6d:b2:1d:e2:58:10:ca:44:1e:34: c9:1f:b9:c5:ac:a1:18:a3:8f:cf:4e:7a:53:15:78: 9c:c8:ed:6d:54:52:07:f9:58:a8:4e:45:44:37:0e: 4b:0a:dc:17:d8:a3:9c:ee:17:00:1b:74:01:4b:bc: b7:63:c2:4b:87:c1:ff:74:47:5a:76:a6:ee:0d:d7: 74:71:b5:38:0b:69:72:ae:22:aa:5c:de:12:a2:c4: ba:43:20:da:0a:0a:f5:a1:12:0f:2d:09:bb:9d:bb: b6:55:c8:16:a6:b9:a3:fa:0f:2a:e8:58:ad:cc:e6: da:92:2e:59:ad:c1:c2:b2:d3:18:e3:4a:e7:21:cc: 01:4d:e2:c6:fa:95:54:37:86:42:de:d6:64:0e:1e: eb:18:0f:3a:7f:a9:c0:c7:fb:58:c5:6a:a7:f0:3f: 34:d2:c2:a0:f7:d3:0d:15:99:a6:f9:e6:8c:07:61: 20:a7:f6:3b:6d:85:fa:23:5c:7e:71:2e:79:a7:2b: f6:7c:db:fd:12:a1:5e:e9:c0:1e:d5:84:05:5a:a1: fa:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:3A:B9:09:DB:DA:02:72:6B:1B:2D:C1:CD:40:71:69:21:42:93:35 X509v3 Authority Key Identifier: keyid:33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS132157.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 150.116.118.0/24 Signature Algorithm: sha256WithRSAEncryption a4:87:3b:57:77:a8:f8:bd:89:2c:ee:57:c7:2d:c6:73:50:34: 46:55:07:e3:f6:ab:91:72:70:3e:a0:85:8b:ad:dd:0a:cb:a2: 2a:93:2b:66:c0:7b:9b:5b:fe:5a:d7:32:c7:63:0d:b1:18:8f: 2d:f8:75:81:60:5c:79:50:c3:e4:3f:99:dc:ab:da:b9:86:e2: 25:a5:a6:8b:e3:04:90:90:c4:e3:bf:79:fd:78:19:04:4f:aa: 74:f0:b6:f5:55:fc:a5:95:cf:2b:50:fb:e3:6c:25:b5:96:0f: e0:76:32:67:a7:62:d8:d6:47:7c:74:04:5c:8a:d8:26:ad:ab: eb:85:5f:1c:2c:b0:e2:d6:a6:33:91:2a:3c:1d:91:ee:d8:a4: c1:76:ae:04:58:4e:15:b5:63:e6:35:e8:65:a6:e7:8e:03:8d: 27:9c:f8:b3:c4:2f:d0:3e:c1:cc:27:c5:cc:7b:76:89:ac:4b: 0b:97:8b:4e:44:e6:ec:0c:f9:8d:97:b2:d7:7b:fa:e2:52:7c: b2:78:2a:cf:85:ba:c6:b4:04:0f:33:a9:c8:70:5e:36:a4:5b: 20:f2:2f:e4:6f:51:9d:c3:94:70:65:74:2f:34:39:e4:8c:35: a5:a5:cb:31:ea:8d:43:f6:11:c0:cd:32:85:91:ac:b5:33:43: 5f:f2:19:1c -----BEGIN CERTIFICATE----- MIIErzCCA5egAwIBAgIUNToDlrED9g2nHO0yn8n8fGdgAjAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzNDQTRCNUY0Mjk1QjY4MTIxMjdBRjU3NjFDNkQ3MzUz RDFGMDMxNDAeFw0yNjA1MTExNzEzMTNaFw0yNzA1MTAxNzE4MTNaMDMxMTAvBgNV BAMTKDBGM0FCOTA5REJEQTAyNzI2QjFCMkRDMUNENDA3MTY5MjE0MjkzMzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjd0hUoVYFGetXUR4npwLigox UISjTIeQkmd8FUYc8g2cUUM8AOgGQqStAt+kZxmGbbId4lgQykQeNMkfucWsoRij j89OelMVeJzI7W1UUgf5WKhORUQ3DksK3BfYo5zuFwAbdAFLvLdjwkuHwf90R1p2 pu4N13RxtTgLaXKuIqpc3hKixLpDINoKCvWhEg8tCbudu7ZVyBamuaP6DyroWK3M 5tqSLlmtwcKy0xjjSuchzAFN4sb6lVQ3hkLe1mQOHusYDzp/qcDH+1jFaqfwPzTS wqD30w0Vmab55owHYSCn9jtthfojXH5xLnmnK/Z82/0SoV7pwB7VhAVaofqXAgMB AAGjggG5MIIBtTAdBgNVHQ4EFgQUDzq5CdvaAnJrGy3BzUBxaSFCkzUwHwYDVR0j BBgwFoAUM8pLX0KVtoEhJ69XYcbXNT0fAxQwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0hJRUYt VFcvMC8zM0NBNEI1RjQyOTVCNjgxMjEyN0FGNTc2MUM2RDczNTNEMUYwMzE0LmNy bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3 bmljLnR3L3Jwa2kvVFdOSUNDQS8xLzMzQ0E0QjVGNDI5NUI2ODEyMTI3QUY1NzYx QzZENzM1M0QxRjAzMTQuY2VyMFAGCCsGAQUFBwELBEQwQjBABggrBgEFBQcwC4Y0 cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DSElFRi1UVy8wL0FTMTMyMTU3 LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw DjAMBAIAATAGAwQAlnR2MA0GCSqGSIb3DQEBCwUAA4IBAQCkhztXd6j4vYks7lfH LcZzUDRGVQfj9quRcnA+oIWLrd0Ky6IqkytmwHubW/5a1zLHYw2xGI8t+HWBYFx5 UMPkP5ncq9q5huIlpaaL4wSQkMTjv3n9eBkET6p08Lb1Vfyllc8rUPvjbCW1lg/g djJnp2LY1kd8dARcitgmravrhV8cLLDi1qYzkSo8HZHu2KTBdq4EWE4VtWPmNehl pueOA40nnPizxC/QPsHMJ8XMe3aJrEsLl4tORObsDPmNl7LXe/riUnyyeCrPhbrG tAQPM6nIcF42pFsg8i/kb1Gdw5RwZXQvNDnkjDWlpcsx6o1D9hHAzTKFkay1M0Nf 8hkc -----END CERTIFICATE-----Generated at Wed May 13 21:51:25 2026 by rpki-client