$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zDcdIO5uoTuJSc4Pcrk_chb2kVM.roa File: zDcdIO5uoTuJSc4Pcrk_chb2kVM.roa (raw, json) Hash identifier: XGSxsojf9xyclndQPgI/XFnJzR89cQOn33mnj1ZhDiE= Subject key identifier: CC:37:1D:20:EE:6E:A1:3B:89:49:CE:0F:72:B9:3F:72:16:F6:91:53 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 12A0 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zDcdIO5uoTuJSc4Pcrk_chb2kVM.roa Signing time: Mon 10 Feb 2025 14:15:04 +0000 ROA not before: Mon 10 Feb 2025 14:15:04 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17408 IP address blocks: 150.117.160.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 13:06:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4768 (0x12a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:15:04 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=CC371D20EE6EA13B8949CE0F72B93F7216F69153 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:c1:6c:0a:91:e7:2a:d4:f5:3f:60:76:40:bb: f4:87:ad:ff:1d:a6:96:09:4d:96:ca:8f:8d:bb:1c: 1e:f2:a9:97:23:0b:db:13:e3:d0:83:4b:b6:5c:a8: 7c:c7:cd:6f:c7:08:53:fa:b8:fc:25:d6:e7:1d:d3: 06:06:bd:8a:86:82:b8:1c:f5:c6:0d:2f:1f:45:a0: c6:62:49:cf:2c:86:f8:8f:4a:87:3b:cf:9d:72:5e: 30:cb:87:65:4f:da:e5:46:22:b8:df:55:4d:54:03: 87:63:57:90:69:37:9c:32:b1:a0:35:60:4d:bf:0a: 12:b9:f3:0f:9c:f2:6d:79:61:6f:2d:f3:ef:46:de: 17:76:0e:ae:81:49:18:ae:4e:58:d2:77:58:9a:37: d0:16:89:d5:24:33:42:49:35:00:9f:5a:dc:61:12: 65:f4:f0:16:d4:34:8f:9a:a1:a3:4d:09:64:04:f9: 63:b7:22:7b:f5:2b:1a:dd:a3:fe:57:45:83:70:05: 00:84:18:64:a6:70:b5:cf:9d:59:e6:85:7e:5d:d4: de:0a:28:29:5f:bb:13:b5:a3:44:16:43:75:a5:0d: 5d:98:c0:bb:b1:bf:be:e1:c7:d1:eb:33:20:5e:4d: 2a:ed:15:4a:f9:26:34:e0:38:06:e0:1e:25:1c:8f: c9:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:37:1D:20:EE:6E:A1:3B:89:49:CE:0F:72:B9:3F:72:16:F6:91:53 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zDcdIO5uoTuJSc4Pcrk_chb2kVM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.160.0/21 Signature Algorithm: sha256WithRSAEncryption 5e:a7:c1:5c:1d:da:1e:49:92:10:30:1c:66:45:c3:a1:75:04: 6f:3d:ec:e4:57:ae:00:62:2d:53:53:66:fb:f6:b0:cd:7c:ad: 89:b8:40:01:af:f1:58:0a:83:ff:7d:45:b7:f4:47:41:40:f3: 72:22:db:2e:49:c5:1d:ad:37:4a:04:3f:d1:77:9c:c7:79:31: 3f:1d:8a:e4:e4:6a:4e:16:e5:48:81:58:f9:12:b1:4e:59:58: b1:c3:de:03:d1:dd:8e:f4:6c:77:ce:ac:cc:8f:98:1a:83:c2: 26:3f:e2:a6:c1:f1:98:9c:cb:de:fc:1e:17:db:d7:ea:64:36: 2b:18:ec:0c:34:24:3a:47:aa:98:78:ef:cf:b7:0e:67:14:75: 7e:f5:18:46:26:c4:2c:3e:72:81:79:b3:0c:ff:ed:ca:81:2b: 12:34:ec:62:b0:b5:ba:94:66:35:57:b3:37:13:42:a4:03:57: 7f:fb:99:87:0c:14:6f:5e:de:44:98:1b:14:b4:5d:ea:d9:98: 32:4d:27:07:7d:b1:e4:46:41:1c:bd:43:b9:a3:92:28:f5:e8: 8d:bd:e8:5b:25:4f:64:66:4c:b3:50:e9:d2:53:46:0f:a6:25: 47:93:48:5a:e7:1d:08:6e:75:d7:51:2f:79:fc:d9:7e:21:86: 42:98:af:12 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEqAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE1MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENDMzcxRDIwRUU2RUEx M0I4OTQ5Q0UwRjcyQjkzRjcyMTZGNjkxNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVwWwKkecq1PU/YHZAu/SHrf8dppYJTZbKj427HB7yqZcjC9sT 49CDS7ZcqHzHzW/HCFP6uPwl1ucd0wYGvYqGgrgc9cYNLx9FoMZiSc8shviPSoc7 z51yXjDLh2VP2uVGIrjfVU1UA4djV5BpN5wysaA1YE2/ChK58w+c8m15YW8t8+9G 3hd2Dq6BSRiuTljSd1iaN9AWidUkM0JJNQCfWtxhEmX08BbUNI+aoaNNCWQE+WO3 Inv1Kxrdo/5XRYNwBQCEGGSmcLXPnVnmhX5d1N4KKClfuxO1o0QWQ3WlDV2YwLux v77hx9HrMyBeTSrtFUr5JjTgOAbgHiUcj8lRAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUzDcdIO5uoTuJSc4Pcrk/chb2kVMwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy96RGNkSU81dW9UdUpT YzRQY3JrX2NoYjJrVk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDlnWgMA0GCSqGSIb3DQEBCwUAA4IBAQBep8FcHdoeSZIQMBxmRcOhdQRvPezk V64AYi1TU2b79rDNfK2JuEABr/FYCoP/fUW39EdBQPNyItsuScUdrTdKBD/Rd5zH eTE/HYrk5GpOFuVIgVj5ErFOWVixw94D0d2O9Gx3zqzMj5gag8ImP+KmwfGYnMve /B4X29fqZDYrGOwMNCQ6R6qYeO/Ptw5nFHV+9RhGJsQsPnKBebMM/+3KgSsSNOxi sLW6lGY1V7M3E0KkA1d/+5mHDBRvXt5EmBsUtF3q2ZgyTScHfbHkRkEcvUO5o5Io 9eiNvehbJU9kZkyzUOnSU0YPpiVHk0ha5x0IbnXXUS95/Nl+IYZCmK8S -----END CERTIFICATE-----Generated at Sat Apr 5 11:18:25 2025 by rpki-client