$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Yh0rmb7z4RTg7DvkbnNNpAZ9rEI.roa File: Yh0rmb7z4RTg7DvkbnNNpAZ9rEI.roa (raw, json) Hash identifier: 185wrDNKKW7ztXD3C8n/lJSLKp0QFH89Beh2i60IgzU= Subject key identifier: 62:1D:2B:99:BE:F3:E1:14:E0:EC:3B:E4:6E:73:4D:A4:06:7D:AC:42 Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3180 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Yh0rmb7z4RTg7DvkbnNNpAZ9rEI.roa Signing time: Mon 26 Aug 2024 05:30:31 +0000 ROA not before: Mon 26 Aug 2024 05:30:31 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 38841 IP address blocks: 106.1.152.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12672 (0x3180) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Aug 26 05:30:31 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=621D2B99BEF3E114E0EC3BE46E734DA4067DAC42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:fc:30:e7:40:dd:d6:10:bc:2b:10:8f:ad:4d: 84:96:6e:97:f4:b9:f9:47:96:46:dd:6b:03:74:71: 70:0f:36:08:53:98:cf:48:b6:ea:01:76:f5:dc:1c: bd:51:ba:6a:e2:64:0e:21:45:c3:61:3f:ec:ab:be: e4:fe:3e:30:21:1a:c4:ef:57:bb:82:66:6c:f3:49: fd:40:b7:f6:32:5f:bd:23:d9:16:a9:ea:3b:8f:81: 8b:43:15:1b:75:dd:dc:16:d2:58:8d:87:9b:4f:b3: 14:01:ba:30:b0:27:4f:63:aa:1c:a3:4c:74:c0:fa: ca:56:d1:87:03:e2:ba:74:50:df:eb:fa:b5:c3:ad: 84:46:4e:8c:d6:65:d8:a3:03:f0:6a:e2:2f:71:4f: f1:f3:77:ee:44:fa:1b:3a:46:5c:03:b8:f7:a7:4e: 50:a1:74:c6:84:29:79:d1:84:fa:28:56:c9:5c:3d: 18:3c:47:16:57:7d:1d:fc:2d:4d:bc:17:f6:83:9e: 1e:d1:4f:a6:c6:5b:11:cc:7e:a1:be:59:15:9b:a0: 14:9c:01:62:ca:ef:bf:7c:d5:06:3d:c9:35:2f:1c: c1:2e:ed:4c:3e:0f:a4:b0:ec:55:73:62:57:71:1c: 9e:49:69:2b:2c:f5:47:f8:b0:6b:05:ae:9c:65:04: cc:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:1D:2B:99:BE:F3:E1:14:E0:EC:3B:E4:6E:73:4D:A4:06:7D:AC:42 X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Yh0rmb7z4RTg7DvkbnNNpAZ9rEI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.1.152.0/22 Signature Algorithm: sha256WithRSAEncryption 37:53:68:8e:d1:45:81:59:b4:13:b7:97:0a:80:3d:ad:f7:8d: 6c:8b:6e:8a:a2:9c:d1:91:74:a8:43:c5:61:79:20:9b:99:99: 32:91:32:b1:8c:66:6b:33:9c:50:0a:f4:5e:0c:d9:77:4c:1b: dc:cd:b8:c7:82:3c:2a:74:14:f1:be:bb:07:93:be:8c:56:7f: a9:b7:f4:77:f9:09:a2:64:9d:48:06:cb:46:27:7b:2b:15:a2: 00:30:71:bf:71:cc:25:02:8f:4e:14:53:3a:04:3c:39:d8:80: 87:9d:18:31:b7:73:63:d3:4e:b4:26:b2:a5:7d:89:d6:ca:04: e2:e3:2b:83:9b:77:1d:e2:ba:f8:57:36:00:09:56:7b:ee:5f: 5e:47:b3:6b:fd:fa:41:11:6e:48:20:31:2f:bd:df:ac:cf:46: 80:3d:9e:75:4d:ff:c5:30:0a:c8:8c:c3:cc:f9:0e:09:ae:07: 5b:e8:a0:75:b6:f4:60:89:c2:ea:99:44:50:fa:05:fd:b3:90: 06:f2:05:bd:fc:59:f7:ba:ea:19:83:1a:8f:29:8a:dc:87:67: ff:f6:8a:6a:e7:fe:aa:b7:db:0d:ca:25:b5:17:78:c1:35:9a: ae:08:bd:89:2b:82:2d:d1:a6:69:8c:7a:95:f9:8e:ad:ac:a8: 75:d3:02:67 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICMYAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw NTMwMzFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYyMUQyQjk5QkVGM0Ux MTRFMEVDM0JFNDZFNzM0REE0MDY3REFDNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDR/DDnQN3WELwrEI+tTYSWbpf0uflHlkbdawN0cXAPNghTmM9I tuoBdvXcHL1RumriZA4hRcNhP+yrvuT+PjAhGsTvV7uCZmzzSf1At/YyX70j2Rap 6juPgYtDFRt13dwW0liNh5tPsxQBujCwJ09jqhyjTHTA+spW0YcD4rp0UN/r+rXD rYRGTozWZdijA/Bq4i9xT/Hzd+5E+hs6RlwDuPenTlChdMaEKXnRhPooVslcPRg8 RxZXfR38LU28F/aDnh7RT6bGWxHMfqG+WRWboBScAWLK77981QY9yTUvHMEu7Uw+ D6Sw7FVzYldxHJ5JaSss9Uf4sGsFrpxlBMwbAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUYh0rmb7z4RTg7DvkbnNNpAZ9rEIwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1loMHJtYjd6NFJUZzdEdmti bk5OcEFaOXJFSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJq AZgwDQYJKoZIhvcNAQELBQADggEBADdTaI7RRYFZtBO3lwqAPa33jWyLboqinNGR dKhDxWF5IJuZmTKRMrGMZmsznFAK9F4M2XdMG9zNuMeCPCp0FPG+uweTvoxWf6m3 9Hf5CaJknUgGy0YneysVogAwcb9xzCUCj04UUzoEPDnYgIedGDG3c2PTTrQmsqV9 idbKBOLjK4Obdx3iuvhXNgAJVnvuX15Hs2v9+kERbkggMS+936zPRoA9nnVN/8Uw CsiMw8z5DgmuB1vooHW29GCJwuqZRFD6Bf2zkAbyBb38Wfe66hmDGo8pityHZ//2 imrn/qq32w3KJbUXeME1mq4IvYkrgi3RpmmMepX5jq2sqHXTAmc= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:38 2024 by rpki-client on console-ams.rpki-client.org