$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/tSZGtdlWV2oLdJBHX5c_Zg8AefI.roa File: tSZGtdlWV2oLdJBHX5c_Zg8AefI.roa (raw, json) Hash identifier: 8KjGqdxSpPHp/EGoiill9GgBRR+9SDYyPFPhpG7eIJM= Subject key identifier: B5:26:46:B5:D9:56:57:6A:0B:74:90:47:5F:97:3F:66:0F:00:79:F2 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 115B Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/tSZGtdlWV2oLdJBHX5c_Zg8AefI.roa Signing time: Mon 26 Aug 2024 05:10:42 +0000 ROA not before: Mon 26 Aug 2024 05:10:42 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38851 IP address blocks: 223.26.80.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4443 (0x115b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:42 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=B52646B5D956576A0B7490475F973F660F0079F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c3:c4:23:90:b6:60:b9:04:50:51:e3:14:f3: de:45:5c:a8:5a:d1:17:41:02:02:af:cb:b5:91:74: 6a:b7:10:a7:c5:40:a1:90:4a:0f:2e:5f:bd:35:5a: ab:be:6a:2b:f5:ff:40:fe:a3:21:c0:e7:d7:48:6d: 1f:0e:a4:d1:a6:3d:3b:b7:04:50:90:be:69:b5:88: 98:0b:89:4a:0c:13:27:d2:61:29:8f:58:2e:87:31: 6e:10:02:32:26:68:43:5a:3a:e3:cb:9e:81:0d:28: 94:8f:fb:48:a8:87:4f:a3:06:f2:a3:10:99:ae:f1: 8c:14:05:4c:bd:42:6a:f0:5a:fb:64:4b:fa:6d:54: 52:b4:7e:fa:d1:61:d3:27:a7:f0:50:1b:3b:1d:c1: f6:18:f4:f1:8e:5e:9d:df:22:d9:fd:ec:0b:b1:7f: c9:e4:3f:38:1d:26:90:8c:13:c6:63:79:62:21:5e: 15:13:ee:04:81:93:a3:9b:ae:c0:ee:c9:40:6b:f5: 8a:c3:19:fd:b4:64:c6:47:18:b3:4d:5f:75:d7:d1: 6f:e5:b2:2a:ed:b4:61:04:e1:e7:8b:4d:fe:19:bd: 86:05:92:5b:7f:90:32:4b:7e:e9:e3:73:9b:28:5e: 4c:98:98:de:bb:26:0d:9d:28:a0:a1:d8:d1:fc:72: 39:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:26:46:B5:D9:56:57:6A:0B:74:90:47:5F:97:3F:66:0F:00:79:F2 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/tSZGtdlWV2oLdJBHX5c_Zg8AefI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.26.80.0/22 Signature Algorithm: sha256WithRSAEncryption 03:20:ba:ca:49:84:67:91:48:a5:82:13:27:e9:4c:52:80:4e: 99:40:77:bb:5f:b1:71:ae:d9:9e:81:23:52:df:d0:14:25:ef: 2a:62:3d:f6:e3:a3:73:20:ec:32:36:f8:93:23:f5:39:2e:0b: a7:97:d0:50:b1:b7:25:e9:f4:98:c3:04:e2:02:f8:81:f0:b7: 94:63:9c:7f:5a:c6:bd:40:c4:ae:1c:e8:bb:c6:96:4b:b9:ff: e9:7c:f4:0d:33:25:f7:c0:eb:8a:bc:a2:e2:7f:0a:ec:09:66: 26:4b:cb:dd:e6:56:33:de:89:52:ff:93:90:48:e7:1f:5b:c2: 91:f8:7f:d4:0a:e3:82:26:fa:e0:ca:9b:88:1a:60:8f:96:f7: 43:9e:2e:eb:b1:0b:61:55:6a:b8:d3:d4:43:d3:80:be:54:11: 2b:9f:b5:58:de:89:4e:95:b1:3c:f7:e6:4d:74:dc:7d:b2:dd: 49:c4:6e:f1:67:f4:43:97:69:1d:bb:94:5b:a9:d8:4f:3b:83: 25:f1:44:ff:04:a2:10:48:8b:5c:e0:7f:03:80:e2:f7:f5:55: 82:95:ca:e3:23:d3:ac:34:ac:d8:08:87:97:d3:2f:6f:74:85: c3:64:2c:72:54:b4:63:76:a2:ce:72:6f:32:47:86:e5:94:ba: 56:d9:5d:6b -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEVswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI1MjY0NkI1RDk1NjU3 NkEwQjc0OTA0NzVGOTczRjY2MEYwMDc5RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCww8QjkLZguQRQUeMU895FXKha0RdBAgKvy7WRdGq3EKfFQKGQ Sg8uX701Wqu+aiv1/0D+oyHA59dIbR8OpNGmPTu3BFCQvmm1iJgLiUoMEyfSYSmP WC6HMW4QAjImaENaOuPLnoENKJSP+0ioh0+jBvKjEJmu8YwUBUy9QmrwWvtkS/pt VFK0fvrRYdMnp/BQGzsdwfYY9PGOXp3fItn97Auxf8nkPzgdJpCME8ZjeWIhXhUT 7gSBk6ObrsDuyUBr9YrDGf20ZMZHGLNNX3XX0W/lsirttGEE4eeLTf4ZvYYFklt/ kDJLfunjc5soXkyYmN67Jg2dKKCh2NH8cjnvAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUtSZGtdlWV2oLdJBHX5c/Zg8AefIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy90U1pHdGRsV1Yyb0xk SkJIWDVjX1pnOEFlZkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQC3xpQMA0GCSqGSIb3DQEBCwUAA4IBAQADILrKSYRnkUilghMn6UxSgE6ZQHe7 X7FxrtmegSNS39AUJe8qYj3246NzIOwyNviTI/U5Lgunl9BQsbcl6fSYwwTiAviB 8LeUY5x/Wsa9QMSuHOi7xpZLuf/pfPQNMyX3wOuKvKLifwrsCWYmS8vd5lYz3olS /5OQSOcfW8KR+H/UCuOCJvrgypuIGmCPlvdDni7rsQthVWq409RD04C+VBErn7VY 3olOlbE89+ZNdNx9st1JxG7xZ/RDl2kdu5RbqdhPO4Ml8UT/BKIQSItc4H8DgOL3 9VWClcrjI9OsNKzYCIeX0y9vdIXDZCxyVLRjdqLOcm8yR4bllLpW2V1r -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:49 2024 by rpki-client on console-fra.rpki-client.org