$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/JD0RJz79Du8Y2xd062WzYP7HOuI.roa File: JD0RJz79Du8Y2xd062WzYP7HOuI.roa (raw, json) Hash identifier: 27mmTImBjFTo/kG1MvmpD378guMk+ZdQ1dT5KeeWykU= Subject key identifier: 24:3D:11:27:3E:FD:0E:EF:18:DB:17:74:EB:65:B3:60:FE:C7:3A:E2 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 0F8E Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/JD0RJz79Du8Y2xd062WzYP7HOuI.roa Signing time: Fri 01 Sep 2023 08:29:17 +0000 ROA not before: Fri 01 Sep 2023 08:29:17 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131627 IP address blocks: 150.116.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 19:57:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3982 (0xf8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Sep 1 08:29:17 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=243D11273EFD0EEF18DB1774EB65B360FEC73AE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:56:71:b5:8a:05:13:e9:cd:11:4e:35:9c:9c: 36:4c:4f:51:61:7b:49:8d:83:11:1f:77:24:3f:1d: bd:20:f9:c7:54:15:a3:2e:1e:55:14:92:19:db:1d: 45:8e:e7:04:31:8c:92:30:5a:bd:0d:fe:ab:16:db: 5c:58:e6:68:f4:c0:6b:cc:42:d6:4e:6c:dc:ae:6f: f3:36:70:54:fb:80:1e:0a:79:ba:a0:00:72:0d:69: 6f:8d:5c:99:fb:01:13:13:e1:f7:bd:b6:44:13:19: b5:39:b9:52:8a:1e:e9:da:de:77:5e:32:9c:50:e0: ac:df:7d:10:88:37:72:5f:51:81:93:88:cd:bc:6a: 14:f8:c7:30:1f:50:03:d9:fb:98:74:59:b2:cd:71: 9c:98:2d:11:69:c1:68:8e:54:8b:49:8a:54:2d:19: 9d:e8:92:b6:af:b3:e8:53:94:9a:56:3b:d8:bf:80: 25:13:05:7c:bc:25:9f:dd:ce:04:b1:45:9a:4c:74: b2:16:0d:8f:c1:b6:fe:1b:a5:fb:d5:ea:9d:f9:2f: f9:18:a4:3d:ee:22:60:37:58:8a:8d:93:fa:15:cd: 40:e4:8b:f4:45:ce:11:4a:2e:8b:ce:28:1a:dd:40: 04:c2:1b:1c:49:18:24:3d:46:cc:30:bf:9a:92:d3: a2:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:3D:11:27:3E:FD:0E:EF:18:DB:17:74:EB:65:B3:60:FE:C7:3A:E2 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/JD0RJz79Du8Y2xd062WzYP7HOuI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.128.0/17 Signature Algorithm: sha256WithRSAEncryption 54:46:17:f7:88:84:fc:77:a7:dd:5c:a8:88:c0:88:e3:5b:eb: e7:bd:d9:f7:71:14:58:76:e8:21:09:c5:7f:45:97:05:64:3a: 6b:9d:ee:33:95:7a:81:3b:bf:82:e6:17:3a:a6:b6:9a:e9:7f: b2:f9:86:a0:7c:7d:fa:03:d1:b8:69:36:a0:a0:fd:ba:5a:6a: b3:73:6f:09:9f:e8:4f:6d:e9:f9:c2:82:f8:72:01:68:53:62: f5:39:a2:c4:1e:75:84:59:f9:ab:40:7d:54:d6:39:7b:46:ce: 98:2c:99:be:b4:a9:f0:88:b3:b9:2a:91:5c:f4:dc:26:de:05: 1b:cb:5f:2a:6f:91:60:26:82:de:2f:d1:37:8d:af:1e:dd:1e: 38:95:03:5d:f3:5f:f4:15:45:8b:d1:48:82:7f:eb:52:0a:a5: fe:ab:5d:b1:a6:25:b4:0a:d7:e2:a7:d8:10:89:ee:58:94:71: ab:ee:ed:7a:6a:a4:0d:5d:30:63:f5:e0:79:79:96:ee:fa:19: a2:9c:d0:18:36:42:27:9e:56:75:95:2a:d8:98:f9:5b:8a:80: b3:df:6d:72:eb:0f:ac:48:22:97:87:c1:76:2a:86:22:d0:4e: 7c:25:cd:80:b4:75:15:f9:77:a6:c9:93:35:7d:77:34:b2:e7: 32:68:3e:e6 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICD44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw ODI5MTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI0M0QxMTI3M0VGRDBF RUYxOERCMTc3NEVCNjVCMzYwRkVDNzNBRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1VnG1igUT6c0RTjWcnDZMT1Fhe0mNgxEfdyQ/Hb0g+cdUFaMu HlUUkhnbHUWO5wQxjJIwWr0N/qsW21xY5mj0wGvMQtZObNyub/M2cFT7gB4Kebqg AHINaW+NXJn7ARMT4fe9tkQTGbU5uVKKHuna3ndeMpxQ4KzffRCIN3JfUYGTiM28 ahT4xzAfUAPZ+5h0WbLNcZyYLRFpwWiOVItJilQtGZ3okravs+hTlJpWO9i/gCUT BXy8JZ/dzgSxRZpMdLIWDY/Btv4bpfvV6p35L/kYpD3uImA3WIqNk/oVzUDki/RF zhFKLovOKBrdQATCGxxJGCQ9Rswwv5qS06IZAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUJD0RJz79Du8Y2xd062WzYP7HOuIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9KRDBSSno3OUR1OFky eGQwNjJXellQN0hPdUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQHlnSAMA0GCSqGSIb3DQEBCwUAA4IBAQBURhf3iIT8d6fdXKiIwIjjW+vnvdn3 cRRYdughCcV/RZcFZDprne4zlXqBO7+C5hc6praa6X+y+YagfH36A9G4aTagoP26 Wmqzc28Jn+hPben5woL4cgFoU2L1OaLEHnWEWfmrQH1U1jl7Rs6YLJm+tKnwiLO5 KpFc9Nwm3gUby18qb5FgJoLeL9E3ja8e3R44lQNd81/0FUWL0UiCf+tSCqX+q12x piW0Ctfip9gQie5YlHGr7u16aqQNXTBj9eB5eZbu+hminNAYNkInnlZ1lSrYmPlb ioCz321y6w+sSCKXh8F2KoYi0E58Jc2AtHUV+XemyZM1fXc0sucyaD7m -----END CERTIFICATE-----Generated at Sat Jun 1 22:20:14 2024 by rpki-client on console-fra.rpki-client.org