$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZT4JRTsj5MXsO_2CFCT3yYK4C-Y.roa File: ZT4JRTsj5MXsO_2CFCT3yYK4C-Y.roa (raw, json) Hash identifier: Nhbtr/ypJUUoi3UIzDHlux5Ynla57eDFSTuZlRwM4H8= Subject key identifier: 65:3E:09:45:3B:23:E4:C5:EC:3B:FD:82:14:24:F7:C9:82:B8:0B:E6 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1157 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZT4JRTsj5MXsO_2CFCT3yYK4C-Y.roa Signing time: Mon 26 Aug 2024 05:10:41 +0000 ROA not before: Mon 26 Aug 2024 05:10:41 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131600 IP address blocks: 223.26.68.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4439 (0x1157) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:41 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=653E09453B23E4C5EC3BFD821424F7C982B80BE6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:79:41:78:a6:bd:81:10:5b:1e:0a:5f:df:ed: 94:87:04:d7:8a:a6:7f:81:84:de:04:1b:9a:12:46: 1b:7b:ec:33:b0:3a:a2:af:12:1f:25:dc:b7:55:6c: 91:db:8a:9f:0b:b0:df:76:74:fb:90:2c:b2:6b:d2: e6:94:49:91:d8:d0:74:f9:fd:eb:b9:ff:d6:0b:ad: 89:b9:19:22:53:f9:c4:d0:27:e0:85:46:ec:63:d2: 98:53:90:54:60:ed:d4:30:9a:9f:e9:a0:2c:28:45: a4:ff:f7:68:2c:9c:87:25:bd:cf:1b:01:c2:4e:d6: 50:f4:c4:ec:9b:d6:7b:48:7b:5b:6a:10:a7:1d:3c: ac:58:91:ee:fb:69:4d:82:c4:65:f3:78:ec:42:9c: 1f:98:6a:e9:80:44:76:aa:e4:24:8b:68:6f:12:1d: 4a:df:ce:e1:22:57:cb:81:5f:f7:f6:1a:37:1f:74: c5:8c:ba:f0:a4:ba:23:0b:6b:0f:fa:7e:8e:1a:00: 57:97:6e:03:ad:ab:a2:8e:7e:8a:c6:68:a9:03:65: 8c:17:87:59:98:01:3c:6b:a7:54:aa:68:75:01:11: c9:aa:65:26:62:3b:a3:de:74:23:48:97:d5:05:c3: f4:d1:e6:fc:6a:d2:03:60:2a:3c:cf:0c:39:c1:cc: f2:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:3E:09:45:3B:23:E4:C5:EC:3B:FD:82:14:24:F7:C9:82:B8:0B:E6 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZT4JRTsj5MXsO_2CFCT3yYK4C-Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.26.68.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:ab:f6:1d:44:3b:bf:68:c1:a7:be:90:5a:05:f4:6e:9d:ac: 71:73:13:a8:e4:80:d3:ff:ff:0e:f9:0d:f9:6c:a6:21:a8:60: c6:b0:bc:5b:e7:9d:b7:3a:4e:aa:f2:3f:84:56:57:f8:db:30: 35:c9:ef:41:fd:48:19:76:f7:88:07:48:00:45:f6:4e:a9:6d: d1:5f:3e:f4:3a:66:46:6d:00:ac:27:af:4e:f1:0a:19:a7:79: 4e:fa:0a:70:97:08:ac:80:4e:b7:ae:52:22:17:46:9e:dc:fb: 86:ba:6a:76:da:36:12:d6:58:a5:ef:aa:63:cd:8c:8b:53:3b: fa:8c:73:e0:18:ad:34:62:9f:39:1c:a0:1b:5f:c1:e1:b8:1e: 2e:d5:fb:b1:6c:30:69:6e:24:36:73:49:37:19:5d:eb:05:16: bb:66:3e:52:e9:79:4c:7e:dc:b7:97:44:8e:a5:06:72:e7:a7: ee:a7:2c:56:af:fc:b6:bd:ab:69:c0:2d:02:e9:98:37:82:a1: 7f:4e:cf:63:bf:a6:cb:20:42:86:45:84:49:bd:7a:35:01:13: 2d:81:d5:82:d8:3f:c8:7d:d2:f3:a5:1b:d9:f0:04:15:1c:4f: 98:e9:76:10:b2:b5:9c:16:82:61:39:7a:aa:bd:c3:72:63:44: 23:dc:c2:57 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY1M0UwOTQ1M0IyM0U0 QzVFQzNCRkQ4MjE0MjRGN0M5ODJCODBCRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzeUF4pr2BEFseCl/f7ZSHBNeKpn+BhN4EG5oSRht77DOwOqKv Eh8l3LdVbJHbip8LsN92dPuQLLJr0uaUSZHY0HT5/eu5/9YLrYm5GSJT+cTQJ+CF Ruxj0phTkFRg7dQwmp/poCwoRaT/92gsnIclvc8bAcJO1lD0xOyb1ntIe1tqEKcd PKxYke77aU2CxGXzeOxCnB+YaumARHaq5CSLaG8SHUrfzuEiV8uBX/f2GjcfdMWM uvCkuiMLaw/6fo4aAFeXbgOtq6KOforGaKkDZYwXh1mYATxrp1SqaHUBEcmqZSZi O6PedCNIl9UFw/TR5vxq0gNgKjzPDDnBzPLtAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUZT4JRTsj5MXsO/2CFCT3yYK4C+YwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9aVDRKUlRzajVNWHNP XzJDRkNUM3lZSzRDLVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQA3xpEMA0GCSqGSIb3DQEBCwUAA4IBAQCdq/YdRDu/aMGnvpBaBfRunaxxcxOo 5IDT//8O+Q35bKYhqGDGsLxb5523Ok6q8j+EVlf42zA1ye9B/UgZdveIB0gARfZO qW3RXz70OmZGbQCsJ69O8QoZp3lO+gpwlwisgE63rlIiF0ae3PuGump22jYS1lil 76pjzYyLUzv6jHPgGK00Yp85HKAbX8HhuB4u1fuxbDBpbiQ2c0k3GV3rBRa7Zj5S 6XlMfty3l0SOpQZy56fupyxWr/y2vatpwC0C6Zg3gqF/Ts9jv6bLIEKGRYRJvXo1 ARMtgdWC2D/IfdLzpRvZ8AQVHE+Y6XYQsrWcFoJhOXqqvcNyY0Qj3MJX -----END CERTIFICATE-----Generated at Mon Nov 25 16:43:35 2024 by rpki-client on console-fra.rpki-client.org