$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Rcs4T9NxvCUfZBkXGjv_i6zoHlg.roa File: Rcs4T9NxvCUfZBkXGjv_i6zoHlg.roa (raw, json) Hash identifier: riVubLJnH1lucXueRchUAMVxswok4FlB3Sk+0Vfb9zs= Subject key identifier: 45:CB:38:4F:D3:71:BC:25:1F:64:19:17:1A:3B:FF:8B:AC:E8:1E:58 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1253 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Rcs4T9NxvCUfZBkXGjv_i6zoHlg.roa Signing time: Mon 10 Feb 2025 14:14:43 +0000 ROA not before: Mon 10 Feb 2025 14:14:43 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17651 IP address blocks: 150.116.52.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 21:36:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4691 (0x1253) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:43 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=45CB384FD371BC251F6419171A3BFF8BACE81E58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:aa:b9:3e:20:d9:43:f0:ed:00:ea:39:c2:24: 68:7d:14:09:59:fd:83:7b:3b:a2:61:28:f1:40:88: be:9a:f0:af:85:bf:75:2c:14:44:a3:c3:65:80:bb: 63:6a:66:fd:90:21:c3:7d:5e:14:0c:6c:de:69:f5: ff:61:ae:22:90:51:f1:81:b5:3b:6b:69:59:78:5f: bf:65:66:61:a5:34:6b:e8:ad:b1:07:e3:77:86:0d: be:57:c8:4d:10:3d:1a:39:23:9a:3a:62:42:e5:84: 54:60:6f:b7:a5:7c:0b:c5:18:5c:8c:2d:17:f6:89: 45:e9:db:4a:77:04:36:f7:17:38:8f:ec:55:f1:3a: c8:55:a8:96:70:e9:2b:19:40:5b:d3:a1:35:c6:f9: 78:45:ca:74:c9:ed:41:55:38:27:86:3e:6a:75:b6: 97:bf:57:68:a0:a2:d6:a9:d2:d0:4c:fb:9d:73:a8: a5:af:e7:00:06:bf:15:0e:76:f5:14:05:9a:b4:33: e9:9e:df:88:b8:4c:70:97:0f:47:e6:de:b9:cf:0a: f7:04:f5:7b:18:da:3c:31:9e:53:c1:79:60:ef:16: b5:7a:bf:91:73:41:9a:9b:11:2d:b5:0d:21:0d:e0: ba:21:04:3c:80:df:e0:7f:11:06:f8:b9:fa:1f:e6: 1f:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:CB:38:4F:D3:71:BC:25:1F:64:19:17:1A:3B:FF:8B:AC:E8:1E:58 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Rcs4T9NxvCUfZBkXGjv_i6zoHlg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.52.0/24 Signature Algorithm: sha256WithRSAEncryption 88:cc:1c:3f:de:fb:63:82:90:5b:9d:95:44:cc:54:79:55:c6: dd:d1:2b:30:db:5b:c8:3c:6f:5c:f7:c2:25:42:31:35:f4:0d: db:74:bb:44:ac:01:1e:d3:ec:b4:d9:77:38:59:4f:3b:52:17: 98:49:df:cf:f6:2f:27:41:64:db:52:b6:5e:df:43:3c:80:84: 13:2c:56:cf:5f:b4:04:be:2b:fa:aa:5b:0a:08:9f:b4:e3:bf: 71:48:17:39:a6:8c:71:c1:0f:fa:0b:47:26:69:e3:c0:60:a6: 4f:24:e8:30:32:b2:4a:4b:74:83:71:93:75:45:59:34:19:8a: 61:79:9d:a7:4a:ca:de:f8:49:19:16:27:45:9b:b1:aa:90:aa: d2:05:93:c2:ae:b7:33:37:72:d0:5d:13:e6:e4:47:c7:0a:d8: d0:a4:dd:71:ff:dc:09:ff:bd:d9:a4:84:f3:4d:20:11:6f:1d: af:8e:4c:69:55:5a:d8:1a:e1:a4:e8:4d:ac:a2:b3:91:4e:c0: f0:fe:f1:aa:18:d5:5b:23:c2:ba:b2:91:1f:5c:4f:3c:04:19: f8:35:ae:4d:e6:aa:b9:53:76:88:8c:c3:5f:b1:33:7c:5c:a1: 13:1c:65:c2:32:98:bc:f7:f9:74:09:00:a6:89:17:77:99:60: 6c:39:a4:71 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICElMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ1Q0IzODRGRDM3MUJD MjUxRjY0MTkxNzFBM0JGRjhCQUNFODFFNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4qrk+INlD8O0A6jnCJGh9FAlZ/YN7O6JhKPFAiL6a8K+Fv3Us FESjw2WAu2NqZv2QIcN9XhQMbN5p9f9hriKQUfGBtTtraVl4X79lZmGlNGvorbEH 43eGDb5XyE0QPRo5I5o6YkLlhFRgb7elfAvFGFyMLRf2iUXp20p3BDb3FziP7FXx OshVqJZw6SsZQFvToTXG+XhFynTJ7UFVOCeGPmp1tpe/V2igotap0tBM+51zqKWv 5wAGvxUOdvUUBZq0M+me34i4THCXD0fm3rnPCvcE9XsY2jwxnlPBeWDvFrV6v5Fz QZqbES21DSEN4LohBDyA3+B/EQb4ufof5h9hAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQURcs4T9NxvCUfZBkXGjv/i6zoHlgwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9SY3M0VDlOeHZDVWZa QmtYR2p2X2k2em9IbGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAlnQ0MA0GCSqGSIb3DQEBCwUAA4IBAQCIzBw/3vtjgpBbnZVEzFR5Vcbd0Ssw 21vIPG9c98IlQjE19A3bdLtErAEe0+y02Xc4WU87UheYSd/P9i8nQWTbUrZe30M8 gIQTLFbPX7QEviv6qlsKCJ+0479xSBc5poxxwQ/6C0cmaePAYKZPJOgwMrJKS3SD cZN1RVk0GYpheZ2nSsre+EkZFidFm7GqkKrSBZPCrrczN3LQXRPm5EfHCtjQpN1x /9wJ/73ZpITzTSARbx2vjkxpVVrYGuGk6E2sorORTsDw/vGqGNVbI8K6spEfXE88 BBn4Na5N5qq5U3aIjMNfsTN8XKETHGXCMpi89/l0CQCmiRd3mWBsOaRx -----END CERTIFICATE-----Generated at Sun Apr 6 19:52:26 2025 by rpki-client