$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ERpzQNFdEHLdQcv1YRaiJ8vH81Y.roa File: ERpzQNFdEHLdQcv1YRaiJ8vH81Y.roa (raw, json) Hash identifier: Le+AjkyirPZvENAyhgJ4kzF4k6dLLG/nc7Z72puBJdo= Subject key identifier: 11:1A:73:40:D1:5D:10:72:DD:41:CB:F5:61:16:A2:27:CB:C7:F3:56 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 119B Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ERpzQNFdEHLdQcv1YRaiJ8vH81Y.roa Signing time: Mon 26 Aug 2024 05:10:57 +0000 ROA not before: Mon 26 Aug 2024 05:10:57 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131627 IP address blocks: 150.116.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4507 (0x119b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 26 05:10:57 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=111A7340D15D1072DD41CBF56116A227CBC7F356 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d7:f1:b1:bb:45:03:3b:8d:6d:b1:a1:08:a8: 88:81:60:b0:c3:09:24:0e:e1:98:12:93:e4:f5:9f: a7:0c:a4:86:e0:ea:4b:74:20:58:db:8b:3d:2e:7f: e0:52:ef:29:ce:83:94:c5:89:1a:d8:7b:2e:38:01: 1c:31:6b:5c:0d:43:67:30:2d:b7:72:d3:b4:83:5b: 4a:7a:69:0f:6e:1c:58:07:08:34:95:61:c9:e0:2d: b6:04:24:67:f7:2d:e1:a2:44:96:f4:8e:67:c0:b7: 9b:3c:cd:46:d3:d2:98:fc:54:51:a4:0a:cf:36:f4: 0f:2b:ef:8f:20:a8:16:ee:41:b4:35:19:1e:75:91: 5d:48:02:88:40:02:e3:10:b4:03:5e:68:f5:65:d5: 5b:99:31:1c:86:db:30:94:e0:65:76:bc:11:b4:46: 46:4d:00:36:b9:66:45:e2:a6:14:87:50:7c:f4:31: 3c:fe:bf:44:e1:cb:1c:30:36:d1:3f:85:9e:15:55: c0:aa:88:03:65:01:a4:32:c3:fb:6e:2b:a3:f8:ba: 8c:d6:30:d5:45:a2:25:35:7c:fe:f2:af:7e:3f:a0: 8d:ba:c9:6e:9c:60:d4:11:35:44:d6:be:27:bb:db: a8:88:02:e3:83:3f:2b:b7:79:6d:1d:33:f6:eb:0f: 24:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:1A:73:40:D1:5D:10:72:DD:41:CB:F5:61:16:A2:27:CB:C7:F3:56 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ERpzQNFdEHLdQcv1YRaiJ8vH81Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.176.0/20 Signature Algorithm: sha256WithRSAEncryption 3b:fb:d9:d1:6c:14:2e:b2:e8:94:d9:27:65:5d:a8:9f:b3:f3: c1:9b:24:8d:23:3f:d8:04:ea:f2:e4:6e:38:c7:11:63:89:5c: a3:30:49:fc:ad:4a:9a:d0:7b:74:22:6b:ec:06:c8:f9:18:72: a8:41:d3:46:93:11:6f:1f:ed:a2:51:db:4e:c8:f4:af:97:97: fb:e3:df:fe:e2:08:99:a1:07:b0:6f:52:fb:f2:98:88:bf:91: 3a:13:ba:49:8e:79:1b:e7:88:0a:77:50:e0:3c:63:f3:8b:80: 6e:03:52:a8:17:41:7c:16:45:2b:c9:c2:52:5b:29:68:04:25: 5f:6a:95:67:44:42:ac:8b:e0:46:70:0b:2d:42:80:93:b6:ab: 10:c7:76:8c:60:8e:31:76:32:46:72:04:be:cf:44:6a:4d:b7: 93:c6:e4:67:89:af:05:c7:37:e4:cd:00:f4:1e:1d:3e:45:3a: 89:4f:71:3f:fd:e3:6c:f0:cb:27:c9:35:de:35:57:1b:87:ef: 9f:c8:ef:1d:8c:a0:ee:47:b6:7b:bd:de:59:a1:6a:58:58:76: 57:50:b1:de:98:8f:d7:ce:0b:53:60:21:75:ee:21:2b:49:8b: 23:ec:4e:3a:0d:d2:51:33:2e:1b:67:7a:cc:b2:07:be:f1:a7: 9c:83:73:6b -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEZswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw NTEwNTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDExMUE3MzQwRDE1RDEw NzJERDQxQ0JGNTYxMTZBMjI3Q0JDN0YzNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF1/Gxu0UDO41tsaEIqIiBYLDDCSQO4ZgSk+T1n6cMpIbg6kt0 IFjbiz0uf+BS7ynOg5TFiRrYey44ARwxa1wNQ2cwLbdy07SDW0p6aQ9uHFgHCDSV YcngLbYEJGf3LeGiRJb0jmfAt5s8zUbT0pj8VFGkCs829A8r748gqBbuQbQ1GR51 kV1IAohAAuMQtANeaPVl1VuZMRyG2zCU4GV2vBG0RkZNADa5ZkXiphSHUHz0MTz+ v0ThyxwwNtE/hZ4VVcCqiANlAaQyw/tuK6P4uozWMNVFoiU1fP7yr34/oI26yW6c YNQRNUTWvie726iIAuODPyu3eW0dM/brDyT7AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUERpzQNFdEHLdQcv1YRaiJ8vH81YwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9FUnB6UU5GZEVITGRR Y3YxWVJhaUo4dkg4MVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQElnSwMA0GCSqGSIb3DQEBCwUAA4IBAQA7+9nRbBQusuiU2SdlXaifs/PBmySN Iz/YBOry5G44xxFjiVyjMEn8rUqa0Ht0ImvsBsj5GHKoQdNGkxFvH+2iUdtOyPSv l5f749/+4giZoQewb1L78piIv5E6E7pJjnkb54gKd1DgPGPzi4BuA1KoF0F8FkUr ycJSWyloBCVfapVnREKsi+BGcAstQoCTtqsQx3aMYI4xdjJGcgS+z0RqTbeTxuRn ia8FxzfkzQD0Hh0+RTqJT3E//eNs8MsnyTXeNVcbh++fyO8djKDuR7Z7vd5ZoWpY WHZXULHemI/XzgtTYCF17iErSYsj7E46DdJRMy4bZ3rMsge+8aecg3Nr -----END CERTIFICATE-----Generated at Mon Nov 25 17:14:02 2024 by rpki-client on console-ams.rpki-client.org