$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XcIhSEmu_2jgZyz7C2ghJnY2MpI.roa File: XcIhSEmu_2jgZyz7C2ghJnY2MpI.roa (raw, json) Hash identifier: TCx27DciaJNGwWZYglznXQ4CMYutiViZJQ2hCYqSx1Y= Subject key identifier: 5D:C2:21:48:49:AE:FF:68:E0:67:2C:FB:0B:68:21:26:76:36:32:92 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1160 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XcIhSEmu_2jgZyz7C2ghJnY2MpI.roa Signing time: Mon 26 Aug 2024 05:10:43 +0000 ROA not before: Mon 26 Aug 2024 05:10:43 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38851 IP address blocks: 150.117.0.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4448 (0x1160) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:43 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5DC2214849AEFF68E0672CFB0B68212676363292 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:9d:b9:1c:cb:46:78:3a:32:70:7c:ef:6e:20: f5:c0:6a:61:19:ea:1e:06:eb:bc:17:de:7b:88:6b: c7:39:83:11:99:9b:6a:f1:68:4a:09:5d:f9:78:41: 98:49:4f:39:e8:75:f4:fb:94:c7:9d:c2:a8:4f:91: 53:8a:01:28:06:63:50:9f:f5:fd:ba:e2:18:76:61: 06:98:fd:1b:7c:93:38:90:34:f0:0e:07:07:27:f1: 52:30:7a:d8:83:d3:54:f3:28:32:a0:78:61:05:4c: 2b:a7:64:bb:e9:08:26:97:49:01:02:82:30:8f:8f: f2:66:40:93:31:59:22:1c:26:21:e3:2c:25:e5:c1: 7e:47:a6:ec:f1:11:c0:d2:90:29:55:d2:2b:91:82: 9d:45:9e:b1:4f:4e:0c:f6:d0:2c:74:3e:2a:e8:1c: d9:b2:ad:84:3d:02:8b:45:d5:ce:ca:2a:8c:77:c4: eb:f7:f8:bb:f1:03:4a:98:77:cb:65:c8:3c:b2:74: b0:35:f3:63:e2:1a:e9:f1:a5:64:9e:5a:c4:4c:b0: d3:80:93:5d:ee:fb:dd:66:cd:c8:69:ea:b6:58:9f: a7:26:3c:ef:03:41:88:6b:bc:28:64:19:67:a0:3f: 4b:cf:ff:e5:aa:66:59:04:a6:5c:2d:94:13:56:e4: cb:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:C2:21:48:49:AE:FF:68:E0:67:2C:FB:0B:68:21:26:76:36:32:92 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XcIhSEmu_2jgZyz7C2ghJnY2MpI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.0.0/20 Signature Algorithm: sha256WithRSAEncryption b2:d1:5b:53:5b:da:23:14:45:54:04:1c:0a:09:7d:4c:0a:4a: a6:a3:d8:08:74:ad:66:bb:a6:92:17:5c:73:77:bc:fe:b4:b3: c7:7e:d4:22:f8:a7:97:9c:ba:c5:d6:d3:dd:0e:a4:f8:54:fb: 31:a8:81:8b:c6:9c:a3:9e:77:98:73:08:b9:25:c5:42:56:af: 62:74:ad:db:15:da:6c:68:c4:f9:b9:d5:bd:01:ed:ee:1e:2a: 11:d6:46:30:73:bf:ab:49:bb:aa:64:ca:f1:a7:44:72:4d:a6: d5:09:ec:a3:b1:12:19:be:7b:ce:ab:fb:19:b3:73:13:a6:43: dc:4e:ad:1d:77:2c:2d:b2:06:6c:44:63:0a:5b:93:ae:fb:3e: 4a:77:04:b3:51:b4:25:83:dc:f5:29:61:13:49:be:04:ce:03: 90:bc:f7:e8:45:c7:95:9b:be:e5:00:36:0b:0d:fd:e1:34:9d: f9:83:1a:74:75:ea:3f:5c:f1:7f:92:6c:24:55:a6:08:53:5b: 57:9e:21:d5:4c:b4:ba:26:04:ad:18:25:cd:61:99:ed:8d:06: e8:9b:86:74:bd:dd:45:8d:13:45:78:82:ea:93:ec:f3:a5:5d: b7:6e:ee:7b:a0:00:d3:fd:d5:e5:67:c6:e2:47:29:ad:70:d3: 00:52:21:c6 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEWAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVEQzIyMTQ4NDlBRUZG NjhFMDY3MkNGQjBCNjgyMTI2NzYzNjMyOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRnbkcy0Z4OjJwfO9uIPXAamEZ6h4G67wX3nuIa8c5gxGZm2rx aEoJXfl4QZhJTznodfT7lMedwqhPkVOKASgGY1Cf9f264hh2YQaY/Rt8kziQNPAO Bwcn8VIwetiD01TzKDKgeGEFTCunZLvpCCaXSQECgjCPj/JmQJMxWSIcJiHjLCXl wX5HpuzxEcDSkClV0iuRgp1FnrFPTgz20Cx0PiroHNmyrYQ9AotF1c7KKox3xOv3 +LvxA0qYd8tlyDyydLA182PiGunxpWSeWsRMsNOAk13u+91mzchp6rZYn6cmPO8D QYhrvChkGWegP0vP/+WqZlkEplwtlBNW5MtnAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUXcIhSEmu/2jgZyz7C2ghJnY2MpIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9YY0loU0VtdV8yamda eXo3QzJnaEpuWTJNcEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQElnUAMA0GCSqGSIb3DQEBCwUAA4IBAQCy0VtTW9ojFEVUBBwKCX1MCkqmo9gI dK1mu6aSF1xzd7z+tLPHftQi+KeXnLrF1tPdDqT4VPsxqIGLxpyjnneYcwi5JcVC Vq9idK3bFdpsaMT5udW9Ae3uHioR1kYwc7+rSbuqZMrxp0RyTabVCeyjsRIZvnvO q/sZs3MTpkPcTq0ddywtsgZsRGMKW5Ou+z5KdwSzUbQlg9z1KWETSb4EzgOQvPfo RceVm77lADYLDf3hNJ35gxp0deo/XPF/kmwkVaYIU1tXniHVTLS6JgStGCXNYZnt jQbom4Z0vd1FjRNFeILqk+zzpV23bu57oADT/dXlZ8biRymtcNMAUiHG -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:35 2024 by rpki-client on console-fra.rpki-client.org