$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/rZhuMW9yyBF1Oq1cprAxIoLFRps.roa File: rZhuMW9yyBF1Oq1cprAxIoLFRps.roa (raw, json) Hash identifier: SzYa9gmHsXCeRoGKyFXUCooWnhxijtbGNJsJaXVJsjY= Subject key identifier: AD:98:6E:31:6F:72:C8:11:75:3A:AD:5C:A6:B0:31:22:82:C5:46:9B Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1175 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/rZhuMW9yyBF1Oq1cprAxIoLFRps.roa Signing time: Mon 26 Aug 2024 05:10:48 +0000 ROA not before: Mon 26 Aug 2024 05:10:48 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 10085 IP address blocks: 150.117.96.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4469 (0x1175) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:48 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=AD986E316F72C811753AAD5CA6B0312282C5469B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:47:43:30:45:13:fb:d4:63:8c:2d:f3:77:6a: 9e:b0:b6:57:78:f1:61:f6:2f:a5:ea:7c:30:db:d4: 9f:4f:d2:f6:ac:45:1c:11:01:1d:27:69:5f:a9:c5: ab:c1:39:9a:c2:d5:35:d4:49:5c:ce:88:e6:1a:92: 29:72:8b:a6:93:73:f4:3c:90:24:07:ee:61:81:1f: f4:1f:75:be:fc:9e:b6:9a:40:dd:6f:ab:ce:04:fd: 99:b4:cd:01:99:b9:1c:73:7d:e4:5c:db:f9:db:34: 78:17:1a:7d:5b:fe:66:d1:18:96:32:61:c1:82:67: 08:a0:47:1a:be:89:e2:64:a8:9a:89:4b:5a:3e:43: e7:cf:c3:b0:5d:ec:79:32:09:1c:89:85:7d:f2:75: ab:d9:51:7f:01:19:4e:ef:f3:f7:7a:5c:cd:5d:22: 3b:2b:ab:da:b6:01:1a:d4:ee:24:03:85:de:c6:00: 5e:14:cb:b3:c8:dd:81:42:46:53:3f:60:a5:49:a6: e0:f8:ee:8f:07:47:25:59:06:db:40:78:e7:23:33: 31:67:76:7b:6c:21:46:46:cc:f5:3e:71:9e:71:a0: c7:a0:ed:f3:f9:fb:fd:bd:96:67:a0:ad:e8:eb:3c: a6:de:57:b4:ab:4f:98:5e:e0:76:f1:75:ae:73:21: b8:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:98:6E:31:6F:72:C8:11:75:3A:AD:5C:A6:B0:31:22:82:C5:46:9B X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/rZhuMW9yyBF1Oq1cprAxIoLFRps.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.96.0/21 Signature Algorithm: sha256WithRSAEncryption 80:8f:46:48:ab:64:2e:00:ed:0a:09:30:02:7f:3e:04:0a:00: ac:16:d1:d3:92:ca:44:4e:6e:07:53:34:fc:be:3e:18:26:6c: 55:70:5c:e4:d6:2c:46:bf:ba:c1:42:54:18:25:38:8a:e2:ff: 77:2e:3b:c7:e0:81:01:6d:44:80:80:d9:21:e5:54:fb:04:58: 8e:f2:9f:06:ee:7f:c4:fa:b5:48:2b:02:02:2e:05:c4:f2:13: c7:38:3e:f5:fe:af:72:6b:38:22:c1:7f:b4:6e:1b:d3:b5:21: 1d:ea:51:ba:04:62:d7:a8:13:5a:5e:e7:8e:f3:74:76:08:80: 79:94:da:58:bb:a5:6a:3c:8f:8a:59:70:bf:ef:35:11:3b:68: df:18:e0:29:49:1c:80:3a:f2:8d:7c:67:ea:a4:91:e7:ed:ff: 16:5e:53:e0:0a:f8:be:45:90:da:a2:86:30:be:dc:0a:1d:6a: 0c:37:e5:d1:81:11:9c:ae:7e:f8:15:a7:08:b0:b1:93:9a:ee: 60:8c:78:6c:55:45:8c:cf:98:3b:c8:4e:e2:11:1c:17:7e:c7: 44:57:75:10:13:b5:65:d7:15:2c:61:2c:05:a5:3a:8e:53:96: 81:90:41:77:89:b7:0c:2e:07:fa:1f:d5:ea:6a:71:00:3e:4b: 39:9b:b7:87 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFEOTg2RTMxNkY3MkM4 MTE3NTNBQUQ1Q0E2QjAzMTIyODJDNTQ2OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHR0MwRRP71GOMLfN3ap6wtld48WH2L6XqfDDb1J9P0vasRRwR AR0naV+pxavBOZrC1TXUSVzOiOYakilyi6aTc/Q8kCQH7mGBH/Qfdb78nraaQN1v q84E/Zm0zQGZuRxzfeRc2/nbNHgXGn1b/mbRGJYyYcGCZwigRxq+ieJkqJqJS1o+ Q+fPw7Bd7HkyCRyJhX3ydavZUX8BGU7v8/d6XM1dIjsrq9q2ARrU7iQDhd7GAF4U y7PI3YFCRlM/YKVJpuD47o8HRyVZBttAeOcjMzFndntsIUZGzPU+cZ5xoMeg7fP5 +/29lmegrejrPKbeV7SrT5he4Hbxda5zIbijAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUrZhuMW9yyBF1Oq1cprAxIoLFRpswHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9yWmh1TVc5eXlCRjFP cTFjcHJBeElvTEZScHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnVgMA0GCSqGSIb3DQEBCwUAA4IBAQCAj0ZIq2QuAO0KCTACfz4ECgCsFtHT kspETm4HUzT8vj4YJmxVcFzk1ixGv7rBQlQYJTiK4v93LjvH4IEBbUSAgNkh5VT7 BFiO8p8G7n/E+rVIKwICLgXE8hPHOD71/q9yazgiwX+0bhvTtSEd6lG6BGLXqBNa XueO83R2CIB5lNpYu6VqPI+KWXC/7zURO2jfGOApSRyAOvKNfGfqpJHn7f8WXlPg Cvi+RZDaooYwvtwKHWoMN+XRgRGcrn74FacIsLGTmu5gjHhsVUWMz5g7yE7iERwX fsdEV3UQE7Vl1xUsYSwFpTqOU5aBkEF3ibcMLgf6H9XqanEAPks5m7eH -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:30 2024 by rpki-client on console-ams.rpki-client.org