$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/lRILJA9BZqpg-U6ZX30Msf9gRo8.roa File: lRILJA9BZqpg-U6ZX30Msf9gRo8.roa (raw, json) Hash identifier: lPa59MVrOxzt5XHitPmDsThgumnOPCUkHdEFKE09x98= Subject key identifier: 95:12:0B:24:0F:41:66:AA:60:F9:4E:99:5F:7D:0C:B1:FF:60:46:8F Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1152 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/lRILJA9BZqpg-U6ZX30Msf9gRo8.roa Signing time: Mon 26 Aug 2024 05:10:40 +0000 ROA not before: Mon 26 Aug 2024 05:10:40 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 10085 IP address blocks: 203.163.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4434 (0x1152) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:40 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=95120B240F4166AA60F94E995F7D0CB1FF60468F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:01:cc:0e:72:64:e3:55:8b:44:c9:5e:b9:6a: 0d:60:5b:2e:aa:9c:61:27:4d:af:01:05:a5:ad:42: 36:07:6a:61:26:26:52:d7:66:34:ec:41:90:55:5e: d0:cd:9d:b9:72:c6:97:af:4b:70:94:3a:45:7f:28: 36:30:58:fa:1b:63:d6:7c:51:f8:c2:af:f8:31:27: 68:25:7e:b9:9e:dd:9d:18:3d:a0:e4:b5:b5:7f:87: a8:27:65:78:fe:42:92:44:5a:15:9c:21:f6:0d:b3: d8:28:6e:85:3d:ea:fc:b5:a4:23:9a:6d:b3:c0:c0: dd:a3:96:07:02:97:a4:5b:3e:07:41:65:0b:c4:a7: c8:65:d3:20:f3:46:66:f3:d6:e9:36:ad:a6:d3:29: 20:71:a6:9c:0a:76:00:e6:eb:18:c2:ce:55:ef:ac: 11:55:37:db:5a:21:15:a7:3d:2d:4d:3b:b4:0c:a7: da:71:49:8a:99:18:08:8d:7c:95:94:18:bc:20:5c: 60:75:b3:8b:b2:4b:22:f5:f8:98:9f:45:78:4b:4b: 6b:2b:df:6f:4c:fb:b1:b2:43:f6:df:f5:21:37:2f: b2:ae:c2:b2:01:2c:d5:c0:20:9c:2f:c0:36:1f:88: 3e:6a:0e:3e:f2:8c:94:21:01:b6:99:28:f1:3e:8b: d3:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:12:0B:24:0F:41:66:AA:60:F9:4E:99:5F:7D:0C:B1:FF:60:46:8F X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/lRILJA9BZqpg-U6ZX30Msf9gRo8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.163.196.0/22 Signature Algorithm: sha256WithRSAEncryption 25:cc:dc:32:e0:fa:23:3f:8e:90:5b:c3:50:50:45:5b:21:a1: 08:1e:ca:99:69:d0:ee:03:a5:f0:94:4d:8b:e0:5c:0e:d6:be: 25:17:cf:1e:ab:ac:df:a2:62:7b:d8:fa:c1:15:e9:b7:2f:b8: 12:54:eb:70:90:c2:77:ca:b4:0a:35:68:94:b2:55:4c:34:3f: 7e:e6:a7:4b:b2:08:12:97:f7:8d:5c:5e:14:e5:f5:46:a7:e0: fb:38:14:db:85:ac:97:e6:41:b5:f7:76:ac:4f:28:e2:6f:45: 4d:b2:31:98:1a:0d:ca:27:8b:99:ed:05:b1:5a:21:7c:2e:4c: 16:30:18:2e:64:94:4f:0b:a2:db:1b:cb:4b:f2:20:04:ed:a2: dc:70:2e:c6:8c:3e:8d:31:eb:27:c9:f7:5e:f1:77:33:df:88: 08:29:75:ff:fc:5a:f0:79:3f:1b:ff:28:8f:5f:b5:22:59:e2: 8b:2f:78:47:bd:87:da:10:ea:21:86:84:17:2b:19:ea:b5:b7: d5:3b:fa:ad:7d:c4:59:f0:53:6b:fc:9f:b9:55:e5:09:c3:e0: e3:fe:29:72:61:bd:7c:7c:16:19:e2:e4:75:12:18:55:ad:36: 45:1c:79:5e:3d:43:dd:e9:50:a7:0a:6d:65:dd:d8:0a:32:26: b8:ee:df:3c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk1MTIwQjI0MEY0MTY2 QUE2MEY5NEU5OTVGN0QwQ0IxRkY2MDQ2OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsAcwOcmTjVYtEyV65ag1gWy6qnGEnTa8BBaWtQjYHamEmJlLX ZjTsQZBVXtDNnblyxpevS3CUOkV/KDYwWPobY9Z8UfjCr/gxJ2glfrme3Z0YPaDk tbV/h6gnZXj+QpJEWhWcIfYNs9goboU96vy1pCOabbPAwN2jlgcCl6RbPgdBZQvE p8hl0yDzRmbz1uk2rabTKSBxppwKdgDm6xjCzlXvrBFVN9taIRWnPS1NO7QMp9px SYqZGAiNfJWUGLwgXGB1s4uySyL1+JifRXhLS2sr329M+7GyQ/bf9SE3L7KuwrIB LNXAIJwvwDYfiD5qDj7yjJQhAbaZKPE+i9NHAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUlRILJA9BZqpg+U6ZX30Msf9gRo8wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9sUklMSkE5QlpxcGct VTZaWDMwTXNmOWdSbzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCy6PEMA0GCSqGSIb3DQEBCwUAA4IBAQAlzNwy4PojP46QW8NQUEVbIaEIHsqZ adDuA6XwlE2L4FwO1r4lF88eq6zfomJ72PrBFem3L7gSVOtwkMJ3yrQKNWiUslVM ND9+5qdLsggSl/eNXF4U5fVGp+D7OBTbhayX5kG193asTyjib0VNsjGYGg3KJ4uZ 7QWxWiF8LkwWMBguZJRPC6LbG8tL8iAE7aLccC7GjD6NMesnyfde8Xcz34gIKXX/ /FrweT8b/yiPX7UiWeKLL3hHvYfaEOohhoQXKxnqtbfVO/qtfcRZ8FNr/J+5VeUJ w+Dj/ilyYb18fBYZ4uR1EhhVrTZFHHlePUPd6VCnCm1l3dgKMia47t88 -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org