$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iaZgvtr-n7dHsbxodv-72B3YTDk.roa File: iaZgvtr-n7dHsbxodv-72B3YTDk.roa (raw, json) Hash identifier: Xq0jicsVRnh0EqEbxeaku9Bb9/aNij0mo4QFrkz+CLI= Subject key identifier: 89:A6:60:BE:DA:FE:9F:B7:47:B1:BC:68:76:FF:BB:D8:1D:D8:4C:39 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 126E Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iaZgvtr-n7dHsbxodv-72B3YTDk.roa Signing time: Mon 10 Feb 2025 14:14:50 +0000 ROA not before: Mon 10 Feb 2025 14:14:50 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 17408 IP address blocks: 223.26.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4718 (0x126e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Feb 10 14:14:50 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=89A660BEDAFE9FB747B1BC6876FFBBD81DD84C39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a1:27:9e:03:af:81:65:09:9f:f4:0e:65:41: 53:93:af:13:47:30:5e:68:e6:bf:cb:61:5e:24:84: 29:41:73:21:8d:e2:d7:4b:ac:ea:63:28:e5:92:4c: d6:40:af:e3:9d:5d:16:2c:97:96:f6:16:cb:f7:4c: 99:83:09:fa:71:4e:23:9e:78:19:41:84:d3:a8:96: ee:b2:04:d1:f1:bb:67:00:a0:9c:cf:ff:ef:06:d7: bd:9c:d3:5f:d0:06:df:55:80:41:42:1a:fb:b8:99: 68:e5:1d:15:de:87:cc:86:2f:59:01:a7:4a:5b:78: 67:bb:1a:68:16:01:20:8e:88:31:d4:be:62:23:73: e9:3a:db:ca:40:ff:3d:aa:db:e4:64:a8:a8:f6:df: f7:db:63:98:38:db:b3:4b:c3:d4:43:06:ce:48:21: fa:52:22:e9:c9:97:06:e2:d2:60:c6:f6:6f:6c:ee: 11:07:c0:26:dc:40:66:25:dc:70:b9:81:60:8e:f2: 12:f5:b7:4e:dd:cc:de:32:3f:48:d4:45:07:2b:67: 06:4b:71:10:5b:87:11:c3:d9:a7:32:0b:57:35:ae: 4a:ea:53:40:bd:38:44:a7:ad:cf:76:bc:91:c1:07: 6b:e8:ce:58:d6:e9:ea:41:6c:55:d2:0d:a3:d6:db: 46:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:A6:60:BE:DA:FE:9F:B7:47:B1:BC:68:76:FF:BB:D8:1D:D8:4C:39 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iaZgvtr-n7dHsbxodv-72B3YTDk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.26.70.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:62:fd:76:c4:3c:72:3a:f7:44:c6:03:a8:f0:6d:e2:29:85: 7d:5c:8c:4f:e4:8b:0c:33:04:d9:86:11:12:6d:2e:24:09:40: f4:5e:b7:fc:99:11:ca:61:88:b9:d3:d5:31:ab:e3:ab:8d:b3: ba:79:73:ca:84:ac:e9:47:96:02:eb:d2:59:3f:79:d4:7a:c9: 92:8f:b7:75:37:dc:46:97:9f:6a:1e:49:3e:77:e0:c1:f5:57: 17:c0:bd:89:81:15:1e:4d:1a:df:41:92:c7:1b:5e:c3:26:f4: c8:1c:f0:79:e7:b6:ca:d6:9a:7a:c0:3c:a6:69:b8:0c:ee:6f: de:42:7c:84:7b:94:f9:1e:54:c5:2d:0a:f0:6d:2e:13:6a:e0: cb:ec:97:47:20:0b:ce:74:f2:3e:93:55:e3:75:6e:52:43:3f: 6f:f6:b2:c1:7e:42:76:d3:25:cb:83:73:4f:12:30:4b:c2:6c: 88:73:07:12:b3:8b:87:73:d3:b9:e4:3b:6f:84:4a:83:10:db: 51:09:c2:dd:a1:2b:fb:e5:94:85:d1:2b:67:d7:19:c0:88:ab: f5:6e:f8:8c:9a:c3:47:4f:a7:00:71:69:c9:47:a8:af:a3:ec: 61:9a:27:30:fb:8d:c9:16:0b:38:98:61:5a:51:b8:14:0f:41: ce:18:d1:b5 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx NDE0NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5QTY2MEJFREFGRTlG Qjc0N0IxQkM2ODc2RkZCQkQ4MUREODRDMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDoSeeA6+BZQmf9A5lQVOTrxNHMF5o5r/LYV4khClBcyGN4tdL rOpjKOWSTNZAr+OdXRYsl5b2Fsv3TJmDCfpxTiOeeBlBhNOolu6yBNHxu2cAoJzP /+8G172c01/QBt9VgEFCGvu4mWjlHRXeh8yGL1kBp0pbeGe7GmgWASCOiDHUvmIj c+k628pA/z2q2+RkqKj23/fbY5g427NLw9RDBs5IIfpSIunJlwbi0mDG9m9s7hEH wCbcQGYl3HC5gWCO8hL1t07dzN4yP0jURQcrZwZLcRBbhxHD2acyC1c1rkrqU0C9 OESnrc92vJHBB2vozljW6epBbFXSDaPW20YvAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUiaZgvtr+n7dHsbxodv+72B3YTDkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9pYVpndnRyLW43ZEhz YnhvZHYtNzJCM1lURGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQA3xpGMA0GCSqGSIb3DQEBCwUAA4IBAQBdYv12xDxyOvdExgOo8G3iKYV9XIxP 5IsMMwTZhhESbS4kCUD0Xrf8mRHKYYi509Uxq+OrjbO6eXPKhKzpR5YC69JZP3nU esmSj7d1N9xGl59qHkk+d+DB9VcXwL2JgRUeTRrfQZLHG17DJvTIHPB557bK1pp6 wDymabgM7m/eQnyEe5T5HlTFLQrwbS4TauDL7JdHIAvOdPI+k1XjdW5SQz9v9rLB fkJ20yXLg3NPEjBLwmyIcwcSs4uHc9O55DtvhEqDENtRCcLdoSv75ZSF0Stn1xnA iKv1bviMmsNHT6cAcWnJR6ivo+xhmicw+43JFgs4mGFaUbgUD0HOGNG1 -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:34 2025 by rpki-client on console.sobornost.net