$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XzSUJ2v_oo3P4ETJmjvjMChbYQI.roa File: XzSUJ2v_oo3P4ETJmjvjMChbYQI.roa (raw, json) Hash identifier: 1baz6NtcDpQsmNeFne0J60FsddCGTAaA/dJeT9TP/1c= Subject key identifier: 5F:34:94:27:6B:FF:A2:8D:CF:E0:44:C9:9A:3B:E3:30:28:5B:61:02 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1196 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XzSUJ2v_oo3P4ETJmjvjMChbYQI.roa Signing time: Mon 26 Aug 2024 05:10:56 +0000 ROA not before: Mon 26 Aug 2024 05:10:56 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 150.116.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4502 (0x1196) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:56 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=5F3494276BFFA28DCFE044C99A3BE330285B6102 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:aa:b1:48:76:b5:b8:7a:62:85:c3:45:4b:63: a6:48:9f:3a:6d:28:33:6e:99:49:8c:81:15:1c:21: 61:8a:ba:16:fc:65:ee:8a:ad:39:cb:6b:2a:7e:27: da:2d:4d:63:9c:39:dc:8c:c5:8a:21:f5:6e:a5:29: 09:95:08:d8:ae:ec:85:18:7a:b6:15:d3:81:ee:4f: 4f:9b:17:49:b8:ee:fd:71:c3:26:5b:50:9f:9c:3b: ac:92:69:73:e8:24:dc:fd:eb:56:f2:84:87:be:8e: 5b:73:b5:fe:d9:1e:66:b3:7b:8e:98:4b:26:64:48: 40:a1:86:2b:76:bf:b5:53:ae:3f:4c:4f:70:2b:27: 8c:72:ef:71:c6:e8:2b:4e:80:d9:25:f3:41:46:35: a0:88:43:ac:bc:67:8f:f9:f9:89:18:ac:4d:3d:9e: f0:1b:0d:12:be:a1:80:13:2f:9a:9e:db:60:9e:af: 0c:ba:d1:5b:f9:98:5e:e1:67:85:0f:b7:8d:00:86: f2:8c:23:22:d9:fa:dc:a8:05:6d:b2:a9:81:63:3e: a6:66:aa:cf:fc:4f:03:a2:7d:d5:8a:ef:74:64:2c: 18:1b:fd:38:f2:59:e5:26:7f:84:f6:4f:b7:de:d8: d3:95:1b:c7:78:b5:86:f0:68:b6:7e:bf:9f:79:4b: 0d:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:34:94:27:6B:FF:A2:8D:CF:E0:44:C9:9A:3B:E3:30:28:5B:61:02 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XzSUJ2v_oo3P4ETJmjvjMChbYQI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.172.0/22 Signature Algorithm: sha256WithRSAEncryption 83:ad:2b:52:92:c1:3c:ac:57:21:60:ed:fb:b3:66:c9:d8:e1: fb:18:cd:52:46:03:eb:39:d3:03:6c:7f:bd:32:79:5a:af:66: 4e:66:81:25:4e:f4:08:93:6f:f7:11:1a:b4:e1:50:5a:06:0f: 94:60:53:0a:d8:6f:95:73:31:d9:80:d2:00:e1:8d:2d:18:31: a3:fd:a5:30:f6:bc:a1:0a:d2:8a:e0:16:b3:20:fd:a7:4e:db: 88:82:59:c8:fa:8e:e7:1d:a1:d3:7e:dc:e5:b1:7b:81:a4:b1: d5:60:ad:10:78:fa:a9:0d:c5:dc:68:7d:82:12:ad:e9:54:fc: 65:84:06:f2:c2:92:06:e3:0e:9e:11:5c:63:f0:58:ed:07:17: ca:81:ee:f9:d7:94:ab:5b:d1:0e:2c:34:7f:6f:7f:20:e0:e4: 64:98:96:3a:47:74:3d:c0:f8:7c:56:54:f0:61:3a:44:06:aa: 58:60:a6:bb:33:10:43:3a:bd:5e:cf:96:65:39:7b:de:94:fb: 13:35:a9:e8:e0:30:14:93:9f:4c:14:0c:9e:bc:c2:b9:82:81: c8:fb:46:15:b9:2a:bc:00:52:b8:ef:ad:e4:f8:33:bf:cc:2a: da:cd:1b:b4:93:c9:7f:53:1a:8a:96:27:b9:42:ed:be:23:bc: c6:42:5d:9a -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVGMzQ5NDI3NkJGRkEy OERDRkUwNDRDOTlBM0JFMzMwMjg1QjYxMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuqrFIdrW4emKFw0VLY6ZInzptKDNumUmMgRUcIWGKuhb8Ze6K rTnLayp+J9otTWOcOdyMxYoh9W6lKQmVCNiu7IUYerYV04HuT0+bF0m47v1xwyZb UJ+cO6ySaXPoJNz961byhIe+jltztf7ZHmaze46YSyZkSEChhit2v7VTrj9MT3Ar J4xy73HG6CtOgNkl80FGNaCIQ6y8Z4/5+YkYrE09nvAbDRK+oYATL5qe22Cerwy6 0Vv5mF7hZ4UPt40AhvKMIyLZ+tyoBW2yqYFjPqZmqs/8TwOifdWK73RkLBgb/Tjy WeUmf4T2T7fe2NOVG8d4tYbwaLZ+v595Sw3hAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUXzSUJ2v/oo3P4ETJmjvjMChbYQIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9YelNVSjJ2X29vM1A0 RVRKbWp2ak1DaGJZUUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQClnSsMA0GCSqGSIb3DQEBCwUAA4IBAQCDrStSksE8rFchYO37s2bJ2OH7GM1S RgPrOdMDbH+9Mnlar2ZOZoElTvQIk2/3ERq04VBaBg+UYFMK2G+VczHZgNIA4Y0t GDGj/aUw9ryhCtKK4BazIP2nTtuIglnI+o7nHaHTftzlsXuBpLHVYK0QePqpDcXc aH2CEq3pVPxlhAbywpIG4w6eEVxj8FjtBxfKge7515SrW9EOLDR/b38g4ORkmJY6 R3Q9wPh8VlTwYTpEBqpYYKa7MxBDOr1ez5ZlOXvelPsTNano4DAUk59MFAyevMK5 goHI+0YVuSq8AFK4763k+DO/zCrazRu0k8l/UxqKlie5Qu2+I7zGQl2a -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org