$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/O5CEwPaMAR_uzjEtJ4GxlMUO3OQ.roa File: O5CEwPaMAR_uzjEtJ4GxlMUO3OQ.roa (raw, json) Hash identifier: 6KMnXpFxuguzeGv3Ga1N7suc7JNRHDVdOSrFEj+uf4A= Subject key identifier: 3B:90:84:C0:F6:8C:01:1F:EE:CE:31:2D:27:81:B1:94:C5:0E:DC:E4 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 12C4 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/O5CEwPaMAR_uzjEtJ4GxlMUO3OQ.roa Signing time: Mon 10 Feb 2025 14:15:12 +0000 ROA not before: Mon 10 Feb 2025 14:15:12 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 142142 IP address blocks: 150.116.14.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 21:36:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4804 (0x12c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:15:12 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=3B9084C0F68C011FEECE312D2781B194C50EDCE4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:43:5d:e3:3f:46:f5:fc:ab:46:10:b9:93:0f: c1:e9:ce:52:c1:21:7f:59:c7:b0:dd:dd:80:c8:bc: ab:eb:55:75:af:e7:21:d5:7d:6d:14:7f:6d:ae:f0: f9:01:fd:2a:81:8e:96:bb:6e:43:9d:ed:d6:dc:7e: 71:f1:99:4d:89:f1:66:e7:5b:93:5d:60:f9:8f:cc: 4a:ab:bd:e3:13:33:3d:85:e1:15:0a:26:d0:98:3a: d2:6a:68:d7:b3:e4:3e:e1:ac:6f:cc:84:46:37:e5: 79:f6:61:c8:72:79:4a:04:8a:07:84:c6:d1:21:fa: fc:ae:30:5b:2b:4e:28:ad:56:f3:58:1d:b9:b9:02: f5:de:e1:89:91:85:0f:35:11:59:15:f6:d8:18:e3: f6:7d:f5:a3:61:66:8d:42:06:e5:b0:bc:02:11:d9: 0f:6d:40:0a:70:ce:03:70:0a:84:09:ca:76:7c:80: 28:e7:c2:fd:7d:1e:86:dc:68:e1:5f:b3:5d:bd:92: 9b:99:62:f8:bb:3c:c2:8f:f0:bd:b5:c2:9a:4c:d2: d9:e2:1b:e9:e5:94:e5:dd:e1:09:5e:3b:46:ab:37: a2:00:e2:86:78:e9:37:42:95:d7:60:52:da:e9:75: 7d:3a:79:84:50:f9:3c:20:51:68:76:44:c4:9c:19: d5:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:90:84:C0:F6:8C:01:1F:EE:CE:31:2D:27:81:B1:94:C5:0E:DC:E4 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/O5CEwPaMAR_uzjEtJ4GxlMUO3OQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.14.0/23 Signature Algorithm: sha256WithRSAEncryption 35:be:de:99:be:f4:ab:e6:82:5e:4e:dd:25:cf:a3:15:58:30: a3:0f:3a:0a:af:4e:cc:61:58:cf:95:9c:68:52:f7:88:b6:71: 2e:ff:e1:ef:69:14:f4:1d:41:74:e5:5b:c2:3d:c4:a2:cb:56: 78:ae:2c:c0:6a:c5:b8:b0:0e:5f:0e:cf:b1:b8:6e:76:46:86: 23:ee:d7:6d:05:fb:58:3d:f6:e7:03:88:6f:d4:4a:fc:4a:46: fb:aa:cf:c2:39:5f:27:e7:52:27:b2:27:55:03:ae:ca:cc:5a: 51:15:40:74:14:83:48:f2:d3:a3:1c:68:30:63:f0:32:50:64: ad:57:1c:b2:f5:31:82:30:28:b6:e9:0b:c8:3b:92:74:da:af: 94:2d:62:2f:4a:41:cf:ee:ee:01:cb:b5:33:03:d8:27:8e:a3: c3:e5:d7:c5:94:5b:c7:a4:4a:55:f1:cf:b3:53:58:e2:2c:1a: 0d:b8:87:e1:56:b5:47:d3:d3:1b:68:53:94:23:bd:9a:33:e4: a3:cd:27:08:e8:03:ce:cc:c9:41:d7:c8:bb:36:0f:96:97:63: a4:3a:e5:b0:a3:32:7c:d5:d9:d5:06:9c:f6:87:8a:7d:d0:45: c1:b2:80:68:a1:8b:65:46:98:c2:e3:23:c8:b8:5f:da:50:cf: d7:eb:b4:cc -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE1MTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNCOTA4NEMwRjY4QzAx MUZFRUNFMzEyRDI3ODFCMTk0QzUwRURDRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMQ13jP0b1/KtGELmTD8HpzlLBIX9Zx7Dd3YDIvKvrVXWv5yHV fW0Uf22u8PkB/SqBjpa7bkOd7dbcfnHxmU2J8WbnW5NdYPmPzEqrveMTMz2F4RUK JtCYOtJqaNez5D7hrG/MhEY35Xn2YchyeUoEigeExtEh+vyuMFsrTiitVvNYHbm5 AvXe4YmRhQ81EVkV9tgY4/Z99aNhZo1CBuWwvAIR2Q9tQApwzgNwCoQJynZ8gCjn wv19HobcaOFfs129kpuZYvi7PMKP8L21wppM0tniG+nllOXd4QleO0arN6IA4oZ4 6TdClddgUtrpdX06eYRQ+TwgUWh2RMScGdUFAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUO5CEwPaMAR/uzjEtJ4GxlMUO3OQwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9PNUNFd1BhTUFSX3V6 akV0SjRHeGxNVU8zT1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBlnQOMA0GCSqGSIb3DQEBCwUAA4IBAQA1vt6ZvvSr5oJeTt0lz6MVWDCjDzoK r07MYVjPlZxoUveItnEu/+HvaRT0HUF05VvCPcSiy1Z4rizAasW4sA5fDs+xuG52 RoYj7tdtBftYPfbnA4hv1Er8Skb7qs/COV8n51InsidVA67KzFpRFUB0FINI8tOj HGgwY/AyUGStVxyy9TGCMCi26QvIO5J02q+ULWIvSkHP7u4By7UzA9gnjqPD5dfF lFvHpEpV8c+zU1jiLBoNuIfhVrVH09MbaFOUI72aM+SjzScI6APOzMlB18i7Ng+W l2OkOuWwozJ81dnVBpz2h4p90EXBsoBooYtlRpjC4yPIuF/aUM/X67TM -----END CERTIFICATE-----Generated at Sun Apr 6 19:59:27 2025 by rpki-client