$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/HdLBkrPYIn62SYwwo82MaVTZcUo.roa File: HdLBkrPYIn62SYwwo82MaVTZcUo.roa (raw, json) Hash identifier: Sn3G33y4RJn1i196riHcHxTp+bvVXur2WBnARf3E9To= Subject key identifier: 1D:D2:C1:92:B3:D8:22:7E:B6:49:8C:30:A3:CD:8C:69:54:D9:71:4A Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0FB3 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/HdLBkrPYIn62SYwwo82MaVTZcUo.roa Signing time: Fri 01 Sep 2023 08:29:26 +0000 ROA not before: Fri 01 Sep 2023 08:29:26 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131627 IP address blocks: 150.116.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 19:57:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4019 (0xfb3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:26 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=1DD2C192B3D8227EB6498C30A3CD8C6954D9714A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:5b:32:16:51:7b:01:a9:05:48:75:97:52:2f: 46:3f:31:f2:93:56:ee:26:6d:ca:f4:cd:ad:d6:8d: 1d:46:fe:b9:79:d1:07:da:70:1c:3f:fb:99:c1:0b: 6f:50:b4:b1:b7:57:c7:0e:3a:01:a0:0a:d6:22:07: 34:92:3f:c3:7e:34:4a:49:f7:61:a3:53:a8:38:0c: e2:3e:0c:3b:1e:fc:8b:b3:c0:4b:6e:95:c8:c2:43: a6:41:c9:ef:60:78:83:c2:93:d7:ba:1f:31:8e:bb: 10:d8:bf:67:1e:e6:9d:35:d8:26:ca:0c:c9:d6:5a: be:fe:12:f5:77:50:c7:05:50:03:7b:16:1d:86:a2: e6:66:24:b5:2e:92:95:c5:2f:fa:5d:68:28:18:8a: 5b:a8:89:e5:75:c8:92:eb:88:bc:24:57:84:12:18: 63:ac:6c:05:cf:77:c0:82:1a:f5:4c:5c:be:21:9e: 2e:a8:e6:f6:a9:53:a2:6b:d5:32:09:c5:ee:e1:cd: 9b:21:00:87:77:d2:53:88:f7:bb:02:8c:be:12:a8: 24:ad:4e:4b:e8:f1:21:87:6e:8d:a5:cb:7c:50:52: 5f:48:d8:74:b4:f0:d0:12:85:a2:90:d1:b5:4a:77: d1:e2:58:0d:9f:38:1e:58:65:42:a0:2e:35:2e:92: 5b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:D2:C1:92:B3:D8:22:7E:B6:49:8C:30:A3:CD:8C:69:54:D9:71:4A X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/HdLBkrPYIn62SYwwo82MaVTZcUo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.104.0/21 Signature Algorithm: sha256WithRSAEncryption 2e:49:ea:a8:92:28:36:4c:0a:58:60:e4:fd:86:ac:84:ec:4f: 1b:4e:e1:57:e9:e5:bf:84:d7:fb:7c:d0:24:a8:01:f1:93:a6: 94:1a:68:8f:d5:09:ea:1f:07:1c:8f:cd:fd:cd:3a:be:55:c9: 46:d9:bb:83:f8:eb:d2:1a:30:e0:58:85:4d:95:2d:86:28:54: 86:d7:7d:34:fc:2a:f2:1b:5f:55:dd:a1:2a:c9:e4:6c:47:e0: 05:68:1b:c7:ea:79:4a:79:2d:eb:cb:76:e1:92:c6:8c:0a:fc: 33:44:ca:77:de:52:91:f0:2c:ac:f2:78:22:c3:fe:01:a5:50: bc:db:78:3f:0c:f6:8c:bd:7d:ee:48:2c:b8:1e:e3:fc:6c:83: 97:46:ec:b8:70:e2:8c:71:80:e3:12:69:30:a4:49:b9:eb:63: 52:63:a2:2e:fc:6b:79:d7:7c:97:a8:0d:78:4a:39:28:f8:a7: 7b:72:10:19:19:63:33:52:07:7d:c2:57:44:56:71:38:99:2f: 87:24:9c:bd:c9:22:5b:67:3e:70:0d:33:cb:0b:f2:70:40:e6: cc:87:39:9c:f2:26:9c:e3:31:d1:fb:5f:f4:e9:e3:34:89:30: d1:0e:72:c3:31:25:6b:b6:d8:cd:64:de:40:8b:28:81:da:89: db:e6:56:03 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD7MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MjZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFERDJDMTkyQjNEODIy N0VCNjQ5OEMzMEEzQ0Q4QzY5NTREOTcxNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaWzIWUXsBqQVIdZdSL0Y/MfKTVu4mbcr0za3WjR1G/rl50Qfa cBw/+5nBC29QtLG3V8cOOgGgCtYiBzSSP8N+NEpJ92GjU6g4DOI+DDse/IuzwEtu lcjCQ6ZBye9geIPCk9e6HzGOuxDYv2ce5p012CbKDMnWWr7+EvV3UMcFUAN7Fh2G ouZmJLUukpXFL/pdaCgYiluoieV1yJLriLwkV4QSGGOsbAXPd8CCGvVMXL4hni6o 5vapU6Jr1TIJxe7hzZshAId30lOI97sCjL4SqCStTkvo8SGHbo2ly3xQUl9I2HS0 8NAShaKQ0bVKd9HiWA2fOB5YZUKgLjUuklsfAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUHdLBkrPYIn62SYwwo82MaVTZcUowHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9IZExCa3JQWUluNjJT WXd3bzgyTWFWVFpjVW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnRoMA0GCSqGSIb3DQEBCwUAA4IBAQAuSeqokig2TApYYOT9hqyE7E8bTuFX 6eW/hNf7fNAkqAHxk6aUGmiP1QnqHwccj839zTq+VclG2buD+OvSGjDgWIVNlS2G KFSG1300/CryG19V3aEqyeRsR+AFaBvH6nlKeS3ry3bhksaMCvwzRMp33lKR8Cys 8ngiw/4BpVC823g/DPaMvX3uSCy4HuP8bIOXRuy4cOKMcYDjEmkwpEm562NSY6Iu /Gt513yXqA14Sjko+Kd7chAZGWMzUgd9wldEVnE4mS+HJJy9ySJbZz5wDTPLC/Jw QObMhzmc8iac4zHR+1/06eM0iTDRDnLDMSVrttjNZN5AiyiB2onb5lYD -----END CERTIFICATE-----Generated at Sat Jun 1 23:25:29 2024 by rpki-client on console-ams.rpki-client.org