$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/Z3PwDjJ7SIFytVoZxV3ui7mcuLs.roa File: Z3PwDjJ7SIFytVoZxV3ui7mcuLs.roa (raw, json) Hash identifier: bj4SFyZJhZyfpcHdx4h1na3spXSWuJBO2YSgCHnGatQ= Subject key identifier: 67:73:F0:0E:32:7B:48:81:72:B5:5A:19:C5:5D:EE:8B:B9:9C:B8:BB Certificate issuer: /CN=B2C11A2BBD411878ED1B44D79F137D9689C86840 Certificate serial: 014A Authority key identifier: B2:C1:1A:2B:BD:41:18:78:ED:1B:44:D7:9F:13:7D:96:89:C8:68:40 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ssEaK71BGHjtG0TXnxN9lonIaEA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/Z3PwDjJ7SIFytVoZxV3ui7mcuLs.roa Signing time: Mon 26 Aug 2024 05:23:03 +0000 ROA not before: Mon 26 Aug 2024 05:23:03 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 131659 IP address blocks: 103.160.224.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/ssEaK71BGHjtG0TXnxN9lonIaEA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/ssEaK71BGHjtG0TXnxN9lonIaEA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ssEaK71BGHjtG0TXnxN9lonIaEA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 330 (0x14a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B2C11A2BBD411878ED1B44D79F137D9689C86840 Validity Not Before: Aug 26 05:23:03 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=6773F00E327B488172B55A19C55DEE8BB99CB8BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:36:fb:de:3e:1e:25:0a:a6:c5:aa:23:7f:bd: a5:dd:6e:e0:bf:c9:03:3a:26:4a:e0:2a:9e:a7:72: cd:a4:2b:20:83:1e:c0:df:87:74:88:dc:83:50:8c: 3c:ec:c9:f3:7a:71:60:92:93:f4:49:94:1a:d6:81: a3:61:e0:15:72:27:f7:d9:ea:ba:6d:88:70:8a:02: ca:f0:3e:14:fa:f3:6b:e8:14:05:34:04:82:21:ba: 03:05:30:fe:ab:ae:f1:cc:c5:c6:91:82:da:2a:f9: 5d:26:b2:ee:fc:72:76:ac:67:11:9f:7c:b8:cb:71: 2a:55:ed:54:11:87:25:3e:5f:cd:b7:34:50:a8:75: 5b:29:62:a7:d6:99:eb:85:a0:54:6a:56:0f:d4:d0: ea:bc:b2:fa:21:fb:bf:1b:22:a1:2e:cb:da:87:f0: ad:de:d5:54:31:6e:f5:71:71:d8:a4:db:e2:e2:ea: e9:cf:f0:d6:8a:07:6c:d9:23:42:d9:19:e6:43:27: 09:50:89:78:2b:c4:ab:07:35:31:9e:a2:2f:f9:d2: 18:f4:e6:5a:80:8d:27:d6:72:31:56:85:3d:9c:0b: 87:b4:16:3e:e7:e2:3e:84:3d:ca:5c:1e:9c:c7:a4: ee:55:a3:a4:d7:05:83:9e:95:43:8e:8b:82:3d:e2: 57:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:73:F0:0E:32:7B:48:81:72:B5:5A:19:C5:5D:EE:8B:B9:9C:B8:BB X509v3 Authority Key Identifier: keyid:B2:C1:1A:2B:BD:41:18:78:ED:1B:44:D7:9F:13:7D:96:89:C8:68:40 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/ssEaK71BGHjtG0TXnxN9lonIaEA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ssEaK71BGHjtG0TXnxN9lonIaEA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NETGUARD/Z3PwDjJ7SIFytVoZxV3ui7mcuLs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.160.224.0/23 Signature Algorithm: sha256WithRSAEncryption 73:20:73:a0:2d:3a:8d:a8:be:10:01:e0:64:45:32:5e:d9:a6: 58:a5:42:2d:d5:89:eb:d4:ce:32:30:d2:03:77:77:ae:c7:f4: e5:30:c9:da:c1:c1:18:91:b6:b2:a4:b8:ea:6a:cc:84:8e:7e: 1b:a8:34:55:1a:c9:95:89:82:4f:90:4b:f1:2e:1d:4a:0d:1f: 21:2f:34:35:75:a5:d6:2b:33:ab:70:f0:f8:36:8f:b5:d8:59: ba:55:11:5a:0f:26:cc:e9:08:81:29:a7:fb:21:2d:59:7a:bd: 7a:87:28:6e:50:c2:cf:30:a9:82:c7:fb:90:bf:3b:6a:f4:63: 4e:0b:eb:74:0e:df:58:8f:1d:4e:20:f2:73:4d:2b:a4:58:ef: df:8a:f1:43:20:b6:30:f8:69:41:a4:96:b7:05:e8:e4:cf:c4: e2:7a:4c:fb:0e:31:e4:1b:b9:36:fe:7f:ea:b9:df:44:2a:47: 3c:2d:49:7d:73:6c:6a:9f:89:a8:80:bf:2a:c5:82:59:52:fe: 24:27:59:d5:de:a7:7e:7f:7c:89:68:24:ab:ef:6a:1d:af:a3: 73:2e:25:14:d0:10:78:e8:b0:62:14:5d:17:b1:58:20:5d:1e: 2d:6f:bf:3f:03:ec:27:5b:77:c8:54:f0:a5:f2:9a:88:84:00: d5:cf:c2:b8 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICAUowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjJD MTFBMkJCRDQxMTg3OEVEMUI0NEQ3OUYxMzdEOTY4OUM4Njg0MDAeFw0yNDA4MjYw NTIzMDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY3NzNGMDBFMzI3QjQ4 ODE3MkI1NUExOUM1NURFRThCQjk5Q0I4QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjNvvePh4lCqbFqiN/vaXdbuC/yQM6JkrgKp6ncs2kKyCDHsDf h3SI3INQjDzsyfN6cWCSk/RJlBrWgaNh4BVyJ/fZ6rptiHCKAsrwPhT682voFAU0 BIIhugMFMP6rrvHMxcaRgtoq+V0msu78cnasZxGffLjLcSpV7VQRhyU+X823NFCo dVspYqfWmeuFoFRqVg/U0Oq8svoh+78bIqEuy9qH8K3e1VQxbvVxcdik2+Li6unP 8NaKB2zZI0LZGeZDJwlQiXgrxKsHNTGeoi/50hj05lqAjSfWcjFWhT2cC4e0Fj7n 4j6EPcpcHpzHpO5Vo6TXBYOelUOOi4I94lefAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUZ3PwDjJ7SIFytVoZxV3ui7mcuLswHwYDVR0jBBgwFoAUssEaK71BGHjtG0TX nxN9lonIaEAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkVUR1VB UkQvc3NFYUs3MUJHSGp0RzBUWG54Tjlsb25JYUVBLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9zc0VhSzcxQkdIanRHMFRYbnhOOWxvbklhRUEuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ORVRHVUFSRC9aM1B3RGpKN1NJRnl0 Vm9aeFYzdWk3bWN1THMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6DgMA0GCSqGSIb3DQEBCwUAA4IBAQBzIHOgLTqNqL4QAeBkRTJe2aZYpUIt 1Ynr1M4yMNIDd3eux/TlMMnawcEYkbaypLjqasyEjn4bqDRVGsmViYJPkEvxLh1K DR8hLzQ1daXWKzOrcPD4No+12Fm6VRFaDybM6QiBKaf7IS1Zer16hyhuUMLPMKmC x/uQvztq9GNOC+t0Dt9Yjx1OIPJzTSukWO/fivFDILYw+GlBpJa3Bejkz8Tiekz7 DjHkG7k2/n/qud9EKkc8LUl9c2xqn4mogL8qxYJZUv4kJ1nV3qd+f3yJaCSr72od r6NzLiUU0BB46LBiFF0XsVggXR4tb78/A+wnW3fIVPCl8pqIhADVz8K4 -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:34 2024 by rpki-client on console-ams.rpki-client.org