$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/vTQx9KtPxfE5CyvTOl4zJRJzOBI.roa File: vTQx9KtPxfE5CyvTOl4zJRJzOBI.roa (raw, json) Hash identifier: y+aE0kwZsKiPyt9BRKNmGil2l8QzcGeC/hDzYuzlcY4= Subject key identifier: BD:34:31:F4:AB:4F:C5:F1:39:0B:2B:D3:3A:5E:33:25:12:73:38:12 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 11AD Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/vTQx9KtPxfE5CyvTOl4zJRJzOBI.roa Signing time: Mon 26 Aug 2024 05:11:02 +0000 ROA not before: Mon 26 Aug 2024 05:11:02 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131607 IP address blocks: 150.117.192.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4525 (0x11ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:11:02 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=BD3431F4AB4FC5F1390B2BD33A5E332512733812 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:08:f8:73:e5:af:c8:87:69:1d:4d:2f:b4:e3: 61:74:37:bc:f8:6b:02:f6:58:f5:dd:55:bd:12:de: a6:d8:d8:be:16:7d:3b:9a:da:31:18:26:a9:e8:f1: bd:b9:4a:a1:a1:96:f7:18:40:19:34:79:09:02:8d: 41:fe:7a:d9:46:dd:ec:fe:8d:18:93:80:66:42:24: b3:27:56:45:d6:69:fa:03:86:d7:f7:3c:16:54:61: a5:a4:fb:ba:da:b7:0e:9f:5e:15:dc:de:45:1c:bb: 52:ca:b5:61:e4:5a:fd:75:12:f8:8f:08:e9:cd:86: 5e:63:76:64:ea:54:89:7f:89:00:e4:90:37:64:80: 0b:03:2d:2d:60:ab:a7:73:d2:5e:75:90:6d:dd:c1: ea:a6:05:2c:a2:dc:31:e8:77:25:f7:81:4e:61:0a: be:b6:44:6e:c9:88:73:2f:47:18:27:ee:b8:e7:f0: 31:e4:74:50:29:92:30:ac:82:c5:b6:44:7f:39:54: d2:3b:16:29:9b:f2:e3:87:c4:fb:fb:07:6f:8e:81: a9:4e:3a:b7:a2:37:a0:70:f8:2b:8a:ac:ba:a3:da: bc:c9:1f:1d:fe:91:24:fc:fc:80:22:93:72:fd:69: 56:68:6e:70:21:cf:cd:f1:60:14:f0:1a:63:1f:ad: 0f:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:34:31:F4:AB:4F:C5:F1:39:0B:2B:D3:3A:5E:33:25:12:73:38:12 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/vTQx9KtPxfE5CyvTOl4zJRJzOBI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.192.0/20 Signature Algorithm: sha256WithRSAEncryption 80:f0:5f:c7:5c:aa:08:6d:00:db:ad:b4:1d:78:b7:99:a6:e9: b6:45:d2:9f:d9:f8:f6:5e:d4:9e:16:ec:1b:a5:fb:11:d9:ec: 6f:8c:48:88:f8:91:37:72:59:87:cb:c1:42:72:02:f3:bb:1d: 1b:af:f7:0f:72:35:37:3f:52:cf:89:86:23:9a:7e:93:0f:51: d5:13:a7:70:09:f8:57:d4:de:5a:08:22:80:08:38:a1:9d:83: e3:6f:25:12:4e:e9:26:bb:27:b1:dc:b2:c8:04:25:3f:79:1e: 10:51:df:58:65:bc:81:3f:22:c1:4f:b7:d6:35:bd:ec:f3:96: be:f2:c2:cb:5a:9e:a9:5d:c4:be:18:2e:3a:83:3a:26:76:77: 3c:11:93:23:69:58:b1:40:a5:28:bb:ff:41:e4:90:35:82:f0: 8c:05:81:6a:bb:4f:6f:f5:3b:8c:f3:64:43:d2:c0:98:cc:88: 62:6f:72:de:07:ff:d0:11:69:3d:6e:ab:cb:70:c8:5b:60:ff: 98:0f:df:18:30:2c:f4:3f:17:ed:bd:76:64:26:93:c4:36:e6: 5b:49:bd:00:88:96:f7:44:98:19:1a:e3:a9:cc:7b:21:ec:17: f1:83:5c:4d:8b:6c:a8:15:69:03:6a:d9:24:95:23:89:c7:2e: 4a:de:ca:34 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTExMDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJEMzQzMUY0QUI0RkM1 RjEzOTBCMkJEMzNBNUUzMzI1MTI3MzM4MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpCPhz5a/Ih2kdTS+042F0N7z4awL2WPXdVb0S3qbY2L4WfTua 2jEYJqno8b25SqGhlvcYQBk0eQkCjUH+etlG3ez+jRiTgGZCJLMnVkXWafoDhtf3 PBZUYaWk+7ratw6fXhXc3kUcu1LKtWHkWv11EviPCOnNhl5jdmTqVIl/iQDkkDdk gAsDLS1gq6dz0l51kG3dweqmBSyi3DHodyX3gU5hCr62RG7JiHMvRxgn7rjn8DHk dFApkjCsgsW2RH85VNI7Fimb8uOHxPv7B2+OgalOOreiN6Bw+CuKrLqj2rzJHx3+ kST8/IAik3L9aVZobnAhz83xYBTwGmMfrQ8LAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUvTQx9KtPxfE5CyvTOl4zJRJzOBIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy92VFF4OUt0UHhmRTVD eXZUT2w0ekpSSnpPQkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQElnXAMA0GCSqGSIb3DQEBCwUAA4IBAQCA8F/HXKoIbQDbrbQdeLeZpum2RdKf 2fj2XtSeFuwbpfsR2exvjEiI+JE3clmHy8FCcgLzux0br/cPcjU3P1LPiYYjmn6T D1HVE6dwCfhX1N5aCCKACDihnYPjbyUSTukmuyex3LLIBCU/eR4QUd9YZbyBPyLB T7fWNb3s85a+8sLLWp6pXcS+GC46gzomdnc8EZMjaVixQKUou/9B5JA1gvCMBYFq u09v9TuM82RD0sCYzIhib3LeB//QEWk9bqvLcMhbYP+YD98YMCz0PxftvXZkJpPE NuZbSb0AiJb3RJgZGuOpzHsh7Bfxg1xNi2yoFWkDatkklSOJxy5K3so0 -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:30 2024 by rpki-client on console-ams.rpki-client.org