$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DJ5u6mQL0RNMwpKb-QfJvy5UKTU.roa File: DJ5u6mQL0RNMwpKb-QfJvy5UKTU.roa (raw, json) Hash identifier: 9FcQ468B8haEKIw3C6p8F97MK5DVeyf0etsfhsrIUm0= Subject key identifier: 0C:9E:6E:EA:64:0B:D1:13:4C:C2:92:9B:F9:07:C9:BF:2E:54:29:35 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1271 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DJ5u6mQL0RNMwpKb-QfJvy5UKTU.roa Signing time: Mon 10 Feb 2025 14:14:51 +0000 ROA not before: Mon 10 Feb 2025 14:14:51 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17408 IP address blocks: 150.116.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4721 (0x1271) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:51 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=0C9E6EEA640BD1134CC2929BF907C9BF2E542935 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:d4:39:4d:e8:22:22:3b:65:92:20:a2:f1:81: 02:d7:25:54:5e:5c:44:39:4b:f5:62:d8:3e:10:a3: 0f:16:46:11:7d:ac:94:08:d5:4c:d5:25:ab:44:3c: 18:d0:b4:0a:63:18:ef:af:04:90:78:03:29:6e:b1: 1e:72:4b:24:89:b0:5d:85:da:2a:db:24:60:cd:b5: 81:d3:68:ab:e4:a9:74:c3:f1:a4:28:6b:16:b7:81: bc:4c:e4:1f:f0:32:8f:c6:5a:49:a7:b7:35:ad:b7: d1:64:99:70:af:4d:73:db:5e:fb:f3:5c:52:b6:90: 19:60:56:3b:8f:ca:3c:fd:7b:fd:b8:83:55:d3:16: b7:9a:25:77:25:f8:96:7a:2b:58:d1:96:e3:f0:b1: c4:77:3b:37:1c:95:18:f9:ad:37:dd:6f:15:ec:85: 26:1b:a2:9c:e4:0c:54:bb:c8:2f:58:5a:c2:79:ed: 90:89:3d:56:76:2e:f6:9e:4d:4c:86:9a:38:b9:b3: 1b:9c:8f:7e:85:e6:a2:17:a2:fd:54:f8:c6:bb:89: be:a2:03:6f:52:fe:e1:14:4a:af:76:92:b7:23:10: d5:a7:e8:7c:bb:11:d0:30:24:74:1c:4a:21:23:5d: ca:ab:ae:6c:12:85:f2:9f:61:8d:e4:80:12:38:8f: 45:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:9E:6E:EA:64:0B:D1:13:4C:C2:92:9B:F9:07:C9:BF:2E:54:29:35 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DJ5u6mQL0RNMwpKb-QfJvy5UKTU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.119.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:6f:39:9f:6d:33:53:78:87:fc:55:b8:2e:35:0d:03:94:d9: a0:da:7a:df:94:39:62:cf:56:d3:37:0f:67:9d:c9:9f:1a:60: d8:1e:e9:e5:70:75:f7:1d:a9:2a:bb:4f:cf:28:c2:bc:e4:6e: 09:78:ea:4a:2e:14:e3:23:b4:5a:c7:9b:1f:cb:f5:65:4d:8f: ac:de:16:34:e8:25:53:81:68:13:22:64:ed:bc:eb:52:03:65: 42:ff:5d:67:a6:e3:a6:6d:19:84:05:7c:3c:46:23:d7:bd:d7: 13:53:35:ff:66:7c:36:64:fd:90:7a:fd:ff:52:af:d8:62:6c: d8:dc:ea:16:70:fe:7d:6b:b5:75:46:e1:ce:4a:65:40:12:60: 56:db:23:37:50:2d:96:4d:68:d5:fa:a3:35:26:1d:2a:1d:c3: c2:2a:60:e1:d1:a9:a8:42:e5:fa:4b:2a:cd:a8:57:99:41:1e: 50:5e:d6:71:18:1b:03:2b:41:4f:62:ba:6c:a4:a5:d7:46:22: fc:11:50:65:a6:89:5d:50:c0:a2:1c:6f:84:e8:38:46:75:1f: b2:b7:67:b8:cd:77:88:ec:8a:3b:a3:e7:3a:e5:9c:cb:a9:ab: 11:14:76:4f:8b:22:a8:70:18:0e:32:9a:5b:2e:c7:bd:10:3b: 0e:05:52:54 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEnEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBDOUU2RUVBNjQwQkQx MTM0Q0MyOTI5QkY5MDdDOUJGMkU1NDI5MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDk1DlN6CIiO2WSIKLxgQLXJVReXEQ5S/Vi2D4Qow8WRhF9rJQI 1UzVJatEPBjQtApjGO+vBJB4AylusR5ySySJsF2F2irbJGDNtYHTaKvkqXTD8aQo axa3gbxM5B/wMo/GWkmntzWtt9FkmXCvTXPbXvvzXFK2kBlgVjuPyjz9e/24g1XT FreaJXcl+JZ6K1jRluPwscR3OzcclRj5rTfdbxXshSYbopzkDFS7yC9YWsJ57ZCJ PVZ2LvaeTUyGmji5sxucj36F5qIXov1U+Ma7ib6iA29S/uEUSq92krcjENWn6Hy7 EdAwJHQcSiEjXcqrrmwShfKfYY3kgBI4j0VTAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUDJ5u6mQL0RNMwpKb+QfJvy5UKTUwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9ESjV1Nm1RTDBSTk13 cEtiLVFmSnZ5NVVLVFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAlnR3MA0GCSqGSIb3DQEBCwUAA4IBAQArbzmfbTNTeIf8VbguNQ0DlNmg2nrf lDliz1bTNw9nncmfGmDYHunlcHX3Hakqu0/PKMK85G4JeOpKLhTjI7Rax5sfy/Vl TY+s3hY06CVTgWgTImTtvOtSA2VC/11npuOmbRmEBXw8RiPXvdcTUzX/Znw2ZP2Q ev3/Uq/YYmzY3OoWcP59a7V1RuHOSmVAEmBW2yM3UC2WTWjV+qM1Jh0qHcPCKmDh 0amoQuX6SyrNqFeZQR5QXtZxGBsDK0FPYrpspKXXRiL8EVBlpoldUMCiHG+E6DhG dR+yt2e4zXeI7Io7o+c65ZzLqasRFHZPiyKocBgOMppbLse9EDsOBVJU -----END CERTIFICATE-----Generated at Sat Apr 5 14:09:08 2025 by rpki-client