$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/S7BsKAJ8Ry-n9jDAX4N3SU4qCDw.roa File: S7BsKAJ8Ry-n9jDAX4N3SU4qCDw.roa (raw, json) Hash identifier: dFME4V/hJXpAffCL4o66K579a5bSjNfxvblUDTBaF80= Subject key identifier: 4B:B0:6C:28:02:7C:47:2F:A7:F6:30:C0:5F:83:77:49:4E:2A:08:3C Certificate issuer: /CN=63400AA6E6C68B13DDDC9C00B82586124273FA9B Certificate serial: 0B37 Authority key identifier: 63:40:0A:A6:E6:C6:8B:13:DD:DC:9C:00:B8:25:86:12:42:73:FA:9B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/S7BsKAJ8Ry-n9jDAX4N3SU4qCDw.roa Signing time: Fri 01 Sep 2023 10:19:28 +0000 ROA not before: Fri 01 Sep 2023 10:19:28 +0000 ROA not after: Sat 31 Aug 2024 03:10:53 +0000 asID: 131618 IP address blocks: 103.122.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/Y0AKpubGixPd3JwAuCWGEkJz-ps.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/Y0AKpubGixPd3JwAuCWGEkJz-ps.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 May 2024 04:26:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2871 (0xb37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63400AA6E6C68B13DDDC9C00B82586124273FA9B Validity Not Before: Sep 1 10:19:28 2023 GMT Not After : Aug 31 03:10:53 2024 GMT Subject: CN=4BB06C28027C472FA7F630C05F8377494E2A083C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:20:59:b7:77:62:0d:96:51:fc:83:2e:92:96: 45:68:43:4c:4c:3e:6f:4d:0b:5d:b7:be:a0:f8:e7: 75:8e:eb:ed:af:78:6f:3a:47:c9:a1:7e:ae:57:9e: b1:de:7d:2f:60:56:09:53:59:7e:08:56:87:00:44: 43:c9:e6:98:d7:fd:55:dc:f2:b4:27:7d:98:d1:29: 77:b6:ed:83:07:99:93:e8:19:63:08:77:fd:e8:d0: 05:9d:17:d6:d6:36:f0:c4:a8:33:d7:d7:37:42:53: f7:1c:dc:7e:9b:0b:96:ab:7f:94:79:10:93:9c:f2: fb:99:27:8b:c9:9b:f7:b6:cb:5c:cb:ad:d5:ec:5c: 31:c3:cb:16:43:bc:73:02:6f:5c:ef:d2:95:ee:04: f7:af:61:8d:43:67:09:f4:59:13:2b:db:58:35:cf: 0d:90:09:b7:fc:06:31:2b:6b:7d:7d:95:02:d3:c2: 64:ae:40:e1:47:8a:a2:be:f7:2f:b1:e4:ba:41:ef: 42:21:e5:41:ba:cb:52:d9:9c:93:2a:4b:f5:6c:12: e5:8a:f0:2d:7c:1e:59:5c:9d:cd:95:41:51:62:dd: 52:3b:8b:2e:15:0e:12:03:ac:03:b0:a2:c4:19:9a: 93:50:d7:c3:d7:cd:19:f5:ad:6a:a3:5a:21:ad:63: 7a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:B0:6C:28:02:7C:47:2F:A7:F6:30:C0:5F:83:77:49:4E:2A:08:3C X509v3 Authority Key Identifier: keyid:63:40:0A:A6:E6:C6:8B:13:DD:DC:9C:00:B8:25:86:12:42:73:FA:9B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/Y0AKpubGixPd3JwAuCWGEkJz-ps.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/S7BsKAJ8Ry-n9jDAX4N3SU4qCDw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.226.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:94:1c:fa:be:55:a6:2e:a3:ed:5e:04:e7:6b:b8:09:94:fd: a7:e0:bd:aa:75:35:95:5b:83:52:2c:de:5f:1b:65:a6:2d:71: 91:89:2f:18:80:26:e8:b8:a1:6d:f9:75:10:ed:c1:6e:d2:e2: f1:61:9f:79:d5:b4:d9:18:ee:3f:40:86:3a:7c:e4:6c:5b:cf: a9:97:67:50:f8:a5:a0:33:60:a5:6b:95:7a:a2:b1:67:bf:57: f1:6d:5d:ce:78:e2:5c:c2:1d:03:0d:7e:6a:0d:69:a9:83:72: 8c:10:93:eb:1b:02:e5:97:83:b6:10:27:c0:67:eb:27:61:8e: 75:77:10:3c:55:42:e9:bc:1a:b5:cc:0c:45:e3:e2:8d:d4:0a: 0c:1c:18:37:95:7c:24:eb:5b:05:14:44:6f:0e:ad:33:69:0a: cf:a4:7a:f0:e8:1d:f6:5c:62:0d:fa:72:ca:f2:de:a0:01:f1: 37:c1:fe:51:1d:0d:77:4c:3f:c5:6f:e2:15:73:ee:80:dc:74: fa:13:66:1f:ef:a2:cc:74:e3:44:60:15:f8:56:a0:fa:44:d4: 85:61:b2:c9:1e:bb:48:1c:a7:e3:92:49:60:3c:2f:b5:0a:0f: d2:d6:3f:c6:ef:8b:71:33:7c:f4:7b:ca:7e:9d:4e:57:92:77: c7:c3:6a:59 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICCzcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjM0 MDBBQTZFNkM2OEIxM0REREM5QzAwQjgyNTg2MTI0MjczRkE5QjAeFw0yMzA5MDEx MDE5MjhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDRCQjA2QzI4MDI3QzQ3 MkZBN0Y2MzBDMDVGODM3NzQ5NEUyQTA4M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6IFm3d2INllH8gy6SlkVoQ0xMPm9NC123vqD453WO6+2veG86 R8mhfq5XnrHefS9gVglTWX4IVocAREPJ5pjX/VXc8rQnfZjRKXe27YMHmZPoGWMI d/3o0AWdF9bWNvDEqDPX1zdCU/cc3H6bC5arf5R5EJOc8vuZJ4vJm/e2y1zLrdXs XDHDyxZDvHMCb1zv0pXuBPevYY1DZwn0WRMr21g1zw2QCbf8BjEra319lQLTwmSu QOFHiqK+9y+x5LpB70Ih5UG6y1LZnJMqS/VsEuWK8C18Hllcnc2VQVFi3VI7iy4V DhIDrAOwosQZmpNQ18PXzRn1rWqjWiGtY3qtAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUS7BsKAJ8Ry+n9jDAX4N3SU4qCDwwHwYDVR0jBBgwFoAUY0AKpubGixPd3JwA uCWGEkJz+pswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVklTSU9O NFlFUy9ZMEFLcHViR2l4UGQzSndBdUNXR0VrSnotcHMuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL1kwQUtwdWJHaXhQZDNKd0F1Q1dHRWtKei1wcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1ZJU0lPTjRZRVMvUzdCc0tBSjhS eS1uOWpEQVg0TjNTVTRxQ0R3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAGd64jANBgkqhkiG9w0BAQsFAAOCAQEAGpQc+r5Vpi6j7V4E52u4CZT9 p+C9qnU1lVuDUizeXxtlpi1xkYkvGIAm6Lihbfl1EO3BbtLi8WGfedW02RjuP0CG OnzkbFvPqZdnUPiloDNgpWuVeqKxZ79X8W1dznjiXMIdAw1+ag1pqYNyjBCT6xsC 5ZeDthAnwGfrJ2GOdXcQPFVC6bwatcwMRePijdQKDBwYN5V8JOtbBRREbw6tM2kK z6R68Ogd9lxiDfpyyvLeoAHxN8H+UR0Nd0w/xW/iFXPugNx0+hNmH++izHTjRGAV +Fag+kTUhWGyyR67SByn45JJYDwvtQoP0tY/xu+LcTN89HvKfp1OV5J3x8NqWQ== -----END CERTIFICATE-----Generated at Sun May 19 10:32:46 2024 by rpki-client on console-ams.rpki-client.org