$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z4CJrPTzGF7JrEyaiAxGDjYXtVI.roa File: Z4CJrPTzGF7JrEyaiAxGDjYXtVI.roa (raw, json) Hash identifier: ZXQKEebECwDJQQCgtQpq09p1bS/EpvirpxBAoei2/MM= Subject key identifier: 67:80:89:AC:F4:F3:18:5E:C9:AC:4C:9A:88:0C:46:0E:36:17:B5:52 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 128B Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z4CJrPTzGF7JrEyaiAxGDjYXtVI.roa Signing time: Mon 10 Feb 2025 14:14:58 +0000 ROA not before: Mon 10 Feb 2025 14:14:58 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17408 IP address blocks: 150.116.8.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 13:06:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4747 (0x128b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:58 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=678089ACF4F3185EC9AC4C9A880C460E3617B552 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:9a:3b:be:62:64:c0:ce:4b:71:05:f2:97:7a: 61:f7:45:7f:c3:62:f0:3d:97:c1:39:5e:5c:4a:15: 54:6e:f9:2c:1b:8d:92:dd:3e:65:c4:52:55:00:56: 69:20:c8:8a:51:dc:72:90:db:0f:25:47:9b:e2:c2: 85:78:4b:be:6d:b8:65:9c:be:44:85:df:61:1d:89: da:09:87:ff:0d:00:f0:db:fa:54:55:63:2d:12:b8: 88:f9:76:6e:86:fe:85:72:8b:7e:ea:f7:1f:af:e2: be:62:2c:04:62:b1:bf:97:2c:5b:c3:f0:bf:47:ac: f0:4e:a2:04:75:b9:8f:69:27:6c:de:d5:59:3a:e7: a0:c1:95:fc:a5:65:c1:c4:37:dc:3b:2e:7f:2d:3e: 24:f4:a7:c3:db:0f:2f:4d:e9:77:ab:df:32:a3:79: ae:0a:d5:27:bb:73:39:4c:8f:25:e1:47:15:55:df: 5f:5c:25:2c:b6:98:a0:ed:c6:06:95:a2:5a:06:ab: 41:22:08:cc:6a:e3:fe:34:a3:e3:e2:c9:c8:ea:68: d9:3e:03:c4:24:95:48:48:a1:84:1e:88:b1:5c:20: a2:ec:d1:13:31:6d:6b:39:4b:a6:70:b9:4d:da:8d: cd:da:23:0b:53:ad:ae:0b:7d:53:b1:59:4a:78:78: 89:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:80:89:AC:F4:F3:18:5E:C9:AC:4C:9A:88:0C:46:0E:36:17:B5:52 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z4CJrPTzGF7JrEyaiAxGDjYXtVI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.8.0/23 Signature Algorithm: sha256WithRSAEncryption 98:7b:50:cf:51:5f:f5:6f:3d:dc:3a:6f:12:9e:21:b8:a1:0c: e1:58:8b:97:20:ac:d2:90:58:70:4b:ee:54:3e:a1:cc:09:ba: 9f:fb:2e:3d:be:ef:45:ca:17:36:9c:dd:19:22:0f:72:b3:63: 67:57:64:21:09:9f:70:fe:34:32:85:18:4f:5d:7e:98:48:00: df:45:2c:c4:19:3b:b1:a2:53:6b:fd:8a:64:9f:c1:c8:53:ff: e1:ca:ed:ec:6e:44:9c:03:57:d4:2c:f4:2a:0e:ea:15:a0:12: d6:dc:8b:c2:91:43:19:3d:55:32:06:5f:7b:d8:78:80:d5:ee: 39:0c:2a:38:b7:3a:d7:4c:ca:44:4b:9e:d2:95:da:0d:13:74: 76:ef:e6:88:fd:ac:d7:b7:1f:c1:91:b0:61:a9:57:97:b5:6f: 08:3d:35:1d:f9:71:88:f7:db:da:29:3e:6e:58:f6:69:8f:cb: 73:91:ce:78:7a:09:78:f7:c8:ce:92:f4:32:b4:cb:0e:12:ac: 51:8b:f2:0d:26:20:8e:ff:0e:60:8a:99:70:d0:5c:35:c9:de: 4a:77:41:07:cd:a4:77:bf:08:75:19:13:7d:35:6d:62:d4:af: 57:09:32:1d:b4:79:fe:f6:2f:88:98:5d:bc:fc:b6:ea:8e:a7: 35:2c:fe:f1 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEoswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY3ODA4OUFDRjRGMzE4 NUVDOUFDNEM5QTg4MEM0NjBFMzYxN0I1NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkmju+YmTAzktxBfKXemH3RX/DYvA9l8E5XlxKFVRu+SwbjZLd PmXEUlUAVmkgyIpR3HKQ2w8lR5viwoV4S75tuGWcvkSF32EdidoJh/8NAPDb+lRV Yy0SuIj5dm6G/oVyi37q9x+v4r5iLARisb+XLFvD8L9HrPBOogR1uY9pJ2ze1Vk6 56DBlfylZcHEN9w7Ln8tPiT0p8PbDy9N6Xer3zKjea4K1Se7czlMjyXhRxVV319c JSy2mKDtxgaVoloGq0EiCMxq4/40o+PiycjqaNk+A8QklUhIoYQeiLFcIKLs0RMx bWs5S6ZwuU3ajc3aIwtTra4LfVOxWUp4eInHAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUZ4CJrPTzGF7JrEyaiAxGDjYXtVIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9aNENKclBUekdGN0py RXlhaUF4R0RqWVh0Vkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBlnQIMA0GCSqGSIb3DQEBCwUAA4IBAQCYe1DPUV/1bz3cOm8SniG4oQzhWIuX IKzSkFhwS+5UPqHMCbqf+y49vu9Fyhc2nN0ZIg9ys2NnV2QhCZ9w/jQyhRhPXX6Y SADfRSzEGTuxolNr/Ypkn8HIU//hyu3sbkScA1fULPQqDuoVoBLW3IvCkUMZPVUy Bl972HiA1e45DCo4tzrXTMpES57SldoNE3R27+aI/azXtx/BkbBhqVeXtW8IPTUd +XGI99vaKT5uWPZpj8tzkc54egl498jOkvQytMsOEqxRi/INJiCO/w5giplw0Fw1 yd5Kd0EHzaR3vwh1GRN9NW1i1K9XCTIdtHn+9i+ImF28/Lbqjqc1LP7x -----END CERTIFICATE-----Generated at Sat Apr 5 11:22:50 2025 by rpki-client