$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/5SMfAdgl7vDS-KT4oDJ-pvP3uaY.roa File: 5SMfAdgl7vDS-KT4oDJ-pvP3uaY.roa (raw, json) Hash identifier: 34mm3rpO9eb3jzjxbkReTDgSQDGU5udxeO/2vBh6z7M= Subject key identifier: E5:23:1F:01:D8:25:EE:F0:D2:F8:A4:F8:A0:32:7E:A6:F3:F7:B9:A6 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 117A Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/5SMfAdgl7vDS-KT4oDJ-pvP3uaY.roa Signing time: Mon 26 Aug 2024 05:10:49 +0000 ROA not before: Mon 26 Aug 2024 05:10:49 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17408 IP address blocks: 223.26.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4474 (0x117a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:49 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=E5231F01D825EEF0D2F8A4F8A0327EA6F3F7B9A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b8:bf:d5:d9:db:79:e6:da:bc:9e:80:5d:1b: 20:4d:b0:41:63:58:ba:12:06:49:a5:6f:5d:7c:c2: 7b:6a:a1:a4:15:57:98:2a:ea:40:4c:5b:a2:ca:f1: f0:fb:bd:83:5f:be:41:a8:30:3e:e2:50:16:e2:d8: 42:c6:eb:89:06:b1:5b:2f:96:a5:f8:2b:1c:4e:50: 7f:83:d1:6f:9b:17:b7:c9:cc:79:a7:23:7b:cb:bd: e5:34:e9:c1:0f:f7:cf:93:ce:6a:8c:b8:6d:e9:f2: 6e:c2:2a:7d:f3:00:bb:58:7d:0f:3c:c9:b7:12:ea: d2:21:55:6e:38:cc:04:24:50:3f:07:9d:20:0c:74: cc:7e:b6:e2:13:1d:63:a9:0d:57:d5:d1:1c:96:1a: ad:07:1d:8e:90:eb:73:2c:c0:8f:49:3f:99:e6:c8: b2:c2:a6:fc:9b:22:93:0c:71:de:57:b3:17:18:44: 63:45:f9:d9:4e:fc:2f:84:43:db:72:0f:5d:b6:ee: c6:5f:35:23:03:90:27:0c:5c:d9:d1:76:89:7e:43: 01:d0:65:47:ae:d3:e7:db:38:98:00:a3:e5:86:bd: a6:83:de:5b:07:7c:fb:a2:20:ee:c8:da:25:a9:3c: 66:0f:45:eb:27:06:4d:64:a6:28:c4:8f:f6:4d:df: f9:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:23:1F:01:D8:25:EE:F0:D2:F8:A4:F8:A0:32:7E:A6:F3:F7:B9:A6 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/5SMfAdgl7vDS-KT4oDJ-pvP3uaY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.26.70.0/24 Signature Algorithm: sha256WithRSAEncryption 6c:72:00:98:02:92:a9:23:c7:92:43:c5:11:57:fc:6d:a4:80: ba:cd:77:87:43:3c:cf:88:31:c4:3b:5c:95:cc:29:d0:6d:d1: ba:38:b9:43:03:4c:97:1b:fe:bd:7d:4f:4c:0c:72:36:f1:10: 03:a6:b0:51:9b:23:29:bc:d7:a7:50:ca:33:b8:70:c5:f2:e4: df:43:70:a9:fb:f7:93:77:8f:1c:e1:93:3d:7a:d6:c2:de:2d: 6a:ad:6f:0c:eb:99:0a:54:6e:cc:03:3c:d4:77:d4:41:16:c7: 03:75:46:b8:a6:b7:38:fb:bf:8b:c1:53:07:00:28:3e:5a:36: 96:9b:8d:43:30:72:f4:ae:90:b0:3e:34:16:40:4e:95:8e:4a: 29:ba:38:4d:3a:c2:f9:36:34:de:2c:ee:9c:bd:e9:7e:d8:db: e3:12:20:62:43:32:ee:c7:fd:52:33:96:e3:b3:94:5b:fc:7b: 3d:35:f0:9c:81:96:9a:ed:a5:fb:91:63:96:9a:67:29:a4:ce: c8:a1:b0:e3:88:34:10:de:1a:60:39:84:db:12:a3:84:a3:ad: 26:96:9b:84:53:58:23:44:8f:cb:f5:d3:86:af:62:77:ec:17: d0:35:e8:4e:66:f5:11:f5:56:7b:8f:e4:9e:06:f8:6c:ea:b3: db:d8:57:9b -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEU1MjMxRjAxRDgyNUVF RjBEMkY4QTRGOEEwMzI3RUE2RjNGN0I5QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiuL/V2dt55tq8noBdGyBNsEFjWLoSBkmlb118wntqoaQVV5gq 6kBMW6LK8fD7vYNfvkGoMD7iUBbi2ELG64kGsVsvlqX4KxxOUH+D0W+bF7fJzHmn I3vLveU06cEP98+TzmqMuG3p8m7CKn3zALtYfQ88ybcS6tIhVW44zAQkUD8HnSAM dMx+tuITHWOpDVfV0RyWGq0HHY6Q63MswI9JP5nmyLLCpvybIpMMcd5XsxcYRGNF +dlO/C+EQ9tyD1227sZfNSMDkCcMXNnRdol+QwHQZUeu0+fbOJgAo+WGvaaD3lsH fPuiIO7I2iWpPGYPResnBk1kpijEj/ZN3/npAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU5SMfAdgl7vDS+KT4oDJ+pvP3uaYwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy81U01mQWRnbDd2RFMt S1Q0b0RKLXB2UDN1YVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQA3xpGMA0GCSqGSIb3DQEBCwUAA4IBAQBscgCYApKpI8eSQ8URV/xtpIC6zXeH QzzPiDHEO1yVzCnQbdG6OLlDA0yXG/69fU9MDHI28RADprBRmyMpvNenUMozuHDF 8uTfQ3Cp+/eTd48c4ZM9etbC3i1qrW8M65kKVG7MAzzUd9RBFscDdUa4prc4+7+L wVMHACg+WjaWm41DMHL0rpCwPjQWQE6VjkopujhNOsL5NjTeLO6cvel+2NvjEiBi QzLux/1SM5bjs5Rb/Hs9NfCcgZaa7aX7kWOWmmcppM7IobDjiDQQ3hpgOYTbEqOE o60mlpuEU1gjRI/L9dOGr2J37BfQNehOZvUR9VZ7j+SeBvhs6rPb2Feb -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org