$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/d58RklG4knscTqLVvO9-Y9cPiWo.roa File: d58RklG4knscTqLVvO9-Y9cPiWo.roa (raw, json) Hash identifier: 8sTXRPyCNHxTvIQByNCCOyF3YVEI+AhQtbbN82bcS+s= Subject key identifier: 77:9F:11:92:51:B8:92:7B:1C:4E:A2:D5:BC:EF:7E:63:D7:0F:89:6A Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1263 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/d58RklG4knscTqLVvO9-Y9cPiWo.roa Signing time: Mon 10 Feb 2025 14:14:47 +0000 ROA not before: Mon 10 Feb 2025 14:14:47 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 63199 IP address blocks: 150.116.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 21:36:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4707 (0x1263) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:47 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=779F119251B8927B1C4EA2D5BCEF7E63D70F896A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5c:c0:9e:ea:0b:bd:23:13:9d:ef:87:63:d5: 8d:12:d6:da:7a:06:e9:6b:31:eb:59:dc:47:70:a4: 09:4f:5a:12:3c:0a:78:d8:f7:ee:b4:2a:25:b3:ff: ec:8e:bc:46:8f:7b:c8:20:cb:5a:2b:8e:15:b9:fb: b1:1a:bf:12:90:f4:36:f9:2e:41:a5:26:be:82:3f: 9a:b9:af:c5:79:0d:05:e0:d3:bd:51:43:f1:f1:74: 9e:5b:f0:4c:d9:b5:0a:98:a7:0f:e9:37:37:35:b2: 3d:05:a1:ec:9d:dd:26:6c:7c:fd:d3:50:84:cf:3f: bc:73:37:96:9c:d7:46:c0:83:ec:df:8c:f4:b6:03: 50:a7:54:ca:fb:af:14:44:46:ab:50:61:f9:44:5e: bf:f5:04:91:e6:ab:a4:d7:10:f4:84:7a:26:e4:2f: 46:ec:94:c3:0a:b5:62:3d:da:de:c9:04:fe:08:85: 2d:9d:bd:aa:30:86:c7:63:c1:84:8a:67:7d:e2:6a: 64:be:dc:40:8f:3f:0f:5a:aa:85:ce:62:b5:21:14: e7:96:cd:90:46:2e:34:d1:ec:56:6b:60:c1:8d:7a: a7:b7:a8:0e:14:3c:5f:82:09:0b:e3:93:26:6e:73: 18:e3:c1:9e:55:47:de:f4:a5:a7:94:c7:ae:be:1e: f5:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:9F:11:92:51:B8:92:7B:1C:4E:A2:D5:BC:EF:7E:63:D7:0F:89:6A X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/d58RklG4knscTqLVvO9-Y9cPiWo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.92.0/22 Signature Algorithm: sha256WithRSAEncryption 38:e5:9a:28:c2:7b:f7:1b:ff:7d:bd:32:a7:11:35:63:f1:97: 7e:9a:5c:be:37:65:ba:3a:79:99:d1:08:d4:49:fb:58:be:2d: cf:0c:45:58:f9:cb:27:1e:db:03:02:32:09:a5:61:f4:25:cf: fd:6e:0e:33:f7:8a:6e:0d:cc:f6:c9:c1:fe:1e:b1:0c:40:a1: 4f:6f:cb:55:83:45:ef:0e:b0:0f:a7:f9:a4:4a:d2:cc:8f:ba: 48:76:63:f6:9c:e1:d9:21:6d:25:dd:49:92:bc:4f:6f:dd:d3: bd:49:ad:fb:4b:c4:15:18:c9:50:9f:b4:18:2d:93:bd:74:bb: fa:3e:91:bd:c9:ce:d8:cc:aa:95:b1:17:92:ef:20:6b:ef:77: 1e:86:6f:a7:ea:12:74:44:f2:01:da:e1:5a:a3:38:85:76:aa: 83:2e:2e:3a:3b:19:7e:ee:05:59:b4:f5:64:c3:4c:22:f4:b9: 14:52:c9:19:b6:15:ff:ab:c8:55:ea:3c:d7:6b:d8:75:ca:9e: b4:f9:3c:c1:36:31:58:bc:77:82:b8:a5:45:0a:a5:d0:ce:38: c9:31:8a:7d:da:1c:89:44:bf:20:4b:f9:13:b9:cc:d2:7a:41: 5a:80:1e:99:fa:3d:98:f4:76:8b:5e:fa:48:8a:7d:24:12:10: 8b:ea:dc:96 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEmMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc3OUYxMTkyNTFCODky N0IxQzRFQTJENUJDRUY3RTYzRDcwRjg5NkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJXMCe6gu9IxOd74dj1Y0S1tp6BulrMetZ3EdwpAlPWhI8CnjY 9+60KiWz/+yOvEaPe8ggy1orjhW5+7EavxKQ9Db5LkGlJr6CP5q5r8V5DQXg071R Q/HxdJ5b8EzZtQqYpw/pNzc1sj0Foeyd3SZsfP3TUITPP7xzN5ac10bAg+zfjPS2 A1CnVMr7rxRERqtQYflEXr/1BJHmq6TXEPSEeibkL0bslMMKtWI92t7JBP4IhS2d vaowhsdjwYSKZ33iamS+3ECPPw9aqoXOYrUhFOeWzZBGLjTR7FZrYMGNeqe3qA4U PF+CCQvjkyZucxjjwZ5VR970paeUx66+HvVhAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUd58RklG4knscTqLVvO9+Y9cPiWowHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9kNThSa2xHNGtuc2NU cUxWdk85LVk5Y1BpV28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQClnRcMA0GCSqGSIb3DQEBCwUAA4IBAQA45Zoownv3G/99vTKnETVj8Zd+mly+ N2W6OnmZ0QjUSftYvi3PDEVY+csnHtsDAjIJpWH0Jc/9bg4z94puDcz2ycH+HrEM QKFPb8tVg0XvDrAPp/mkStLMj7pIdmP2nOHZIW0l3UmSvE9v3dO9Sa37S8QVGMlQ n7QYLZO9dLv6PpG9yc7YzKqVsReS7yBr73cehm+n6hJ0RPIB2uFaoziFdqqDLi46 Oxl+7gVZtPVkw0wi9LkUUskZthX/q8hV6jzXa9h1yp60+TzBNjFYvHeCuKVFCqXQ zjjJMYp92hyJRL8gS/kTuczSekFagB6Z+j2Y9HaLXvpIin0kEhCL6tyW -----END CERTIFICATE-----Generated at Sun Apr 6 19:54:30 2025 by rpki-client