$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/shXsF60HYN3m_41XELc5Ylz3ZuI.roa File: shXsF60HYN3m_41XELc5Ylz3ZuI.roa (raw, json) Hash identifier: f8RY9+NE6OeO8gIIHFBFRTZx3cN01rRRGGNbC42ssSE= Subject key identifier: B2:15:EC:17:AD:07:60:DD:E6:FF:8D:57:10:B7:39:62:5C:F7:66:E2 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1168 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/shXsF60HYN3m_41XELc5Ylz3ZuI.roa Signing time: Mon 26 Aug 2024 05:10:45 +0000 ROA not before: Mon 26 Aug 2024 05:10:45 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 150.116.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4456 (0x1168) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:45 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B215EC17AD0760DDE6FF8D5710B739625CF766E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:84:2b:f2:d7:44:a6:8d:5f:98:8f:a6:71:2e: 92:25:f9:f2:d0:c1:29:f6:ae:f0:3c:09:10:ad:0c: 7c:f3:48:e4:49:6e:ec:d0:93:6e:0f:e3:b9:50:cc: 46:22:26:ab:b4:36:ef:fc:d4:fb:58:94:da:9f:f2: f7:70:a3:e0:30:35:33:3d:2f:04:f4:84:54:02:e7: 0c:39:ea:6d:9c:88:fd:40:58:54:4e:fc:9f:46:5c: 54:a7:87:b6:a8:25:6d:08:90:57:e1:7d:0e:b2:89: 18:fa:a0:d8:65:40:23:fa:ad:06:12:8a:fc:fd:7b: 05:32:a6:78:a8:e2:6b:f4:e9:93:8b:ff:69:cc:26: fd:6d:85:6c:55:f9:2d:23:d0:34:43:19:09:1a:65: ca:60:0f:58:c3:70:c0:3c:7d:8b:be:f4:ff:ad:45: 24:29:65:8d:a9:e2:d7:27:e4:ea:49:80:13:0b:11: 2e:01:82:f2:88:73:d1:10:9a:02:26:42:21:27:1d: 90:f5:89:be:ad:e9:4e:e4:cb:1e:b5:a2:0d:59:99: 09:10:08:29:e0:29:0e:4b:a8:a6:30:49:f2:63:c2: 21:00:11:24:fe:a2:ec:1d:67:6f:30:d6:a0:9c:df: aa:8c:f7:79:6c:4c:ab:57:bb:22:5f:d1:e5:e1:ce: 53:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:15:EC:17:AD:07:60:DD:E6:FF:8D:57:10:B7:39:62:5C:F7:66:E2 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/shXsF60HYN3m_41XELc5Ylz3ZuI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.239.0/24 Signature Algorithm: sha256WithRSAEncryption b6:dc:27:2b:b9:ca:c2:f5:c9:69:00:13:ab:ab:35:44:95:d5: 65:6a:f2:4e:c4:cf:d2:1e:ad:10:e3:93:39:9f:19:5a:4d:27: 13:70:56:1b:6f:bf:63:7e:74:c1:46:af:40:c5:98:a7:25:39: 12:78:8f:2c:48:06:33:6f:07:44:9d:ed:2f:a8:ff:e6:ff:70: 6e:d5:ba:cf:89:e2:fa:91:60:67:f6:96:80:40:8e:2b:1e:35: 45:12:6f:20:f9:4d:e4:31:f3:cf:ce:8a:47:5b:35:60:5a:13: af:dd:52:d3:f5:ba:8b:bd:58:77:41:93:82:12:2a:97:9a:f1: 42:d7:55:6c:a8:fe:cb:7f:1d:62:90:4f:2a:ca:14:a9:7f:6a: 98:9c:9f:09:0d:29:d9:df:e6:9d:17:81:2e:3c:b3:4b:4c:bb: 0b:d7:51:66:f0:23:33:80:4f:58:a4:bc:e1:73:72:51:5f:44: 8c:57:f0:9e:92:e3:98:8f:ca:34:79:39:0c:2a:7a:7a:1b:c0: 76:17:12:86:28:41:42:fd:b0:a4:62:ae:83:88:ee:a5:eb:fe: 56:db:83:98:cb:45:09:8e:0e:fd:bf:93:5d:07:67:fc:ac:ad: 5b:be:f2:5a:23:05:38:86:c9:52:be:e4:fd:f6:18:27:bb:43: 63:ae:04:02 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIyMTVFQzE3QUQwNzYw RERFNkZGOEQ1NzEwQjczOTYyNUNGNzY2RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDZhCvy10SmjV+Yj6ZxLpIl+fLQwSn2rvA8CRCtDHzzSORJbuzQ k24P47lQzEYiJqu0Nu/81PtYlNqf8vdwo+AwNTM9LwT0hFQC5ww56m2ciP1AWFRO /J9GXFSnh7aoJW0IkFfhfQ6yiRj6oNhlQCP6rQYSivz9ewUypnio4mv06ZOL/2nM Jv1thWxV+S0j0DRDGQkaZcpgD1jDcMA8fYu+9P+tRSQpZY2p4tcn5OpJgBMLES4B gvKIc9EQmgImQiEnHZD1ib6t6U7kyx61og1ZmQkQCCngKQ5LqKYwSfJjwiEAEST+ ouwdZ28w1qCc36qM93lsTKtXuyJf0eXhzlNVAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUshXsF60HYN3m/41XELc5Ylz3ZuIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9zaFhzRjYwSFlOM21f NDFYRUxjNVlsejNadUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAlnTvMA0GCSqGSIb3DQEBCwUAA4IBAQC23CcrucrC9clpABOrqzVEldVlavJO xM/SHq0Q45M5nxlaTScTcFYbb79jfnTBRq9AxZinJTkSeI8sSAYzbwdEne0vqP/m /3Bu1brPieL6kWBn9paAQI4rHjVFEm8g+U3kMfPPzopHWzVgWhOv3VLT9bqLvVh3 QZOCEiqXmvFC11VsqP7Lfx1ikE8qyhSpf2qYnJ8JDSnZ3+adF4EuPLNLTLsL11Fm 8CMzgE9YpLzhc3JRX0SMV/CekuOYj8o0eTkMKnp6G8B2FxKGKEFC/bCkYq6DiO6l 6/5W24OYy0UJjg79v5NdB2f8rK1bvvJaIwU4hslSvuT99hgnu0NjrgQC -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org