$ rpki-client -vvf rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft File: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft (raw, json) Hash identifier: 0Gij0sA+4tODgRXDe1lYy8yw2ez59j7Wiyd1p4I3Udg= Subject key identifier: 07:9B:5F:90:6A:BC:5F:53:6C:26:93:FF:BF:12:DD:0A:D2:C4:B4:36 Authority key identifier: 9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 Certificate issuer: /CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Certificate serial: 31481F093A562041958E89358C8D813469C681DA Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject info access: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft Manifest number: 2F Signing time: Sat 13 Jun 2026 00:43:32 +0000 Manifest this update: Sat 13 Jun 2026 00:38:32 +0000 Manifest next update: Sun 14 Jun 2026 03:28:32 +0000 Files and hashes: 1: 323430363a663334303a3a2f33322d3634203d3e203338383432.roa (hash: dPU2RCL9922koNIK4EbftiZXNxbxs5ADbxLPZLggc34=) 2: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl (hash: Keyvue11jdnqpCaWT6UnAO8nZ57HEh84G4yO4s+q8RI=) 3: 3130332e3136302e3232362e302f32332d3234203d3e203338383432.roa (hash: fXBUwxrpMNifp4MO+znwtVxrCjA2c4pDgmAW0x6+dMc=) 4: 3130332e3136302e3232362e302f32332d3234203d3e20313331363539.roa (hash: E3rZgHSz1Z/QlxuFQ/uZkBfovj2HHfCX638SO+t2sg0=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 00:20:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:48:1f:09:3a:56:20:41:95:8e:89:35:8c:8d:81:34:69:c6:81:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Validity Not Before: Jun 13 00:38:32 2026 GMT Not After : Jun 14 03:28:32 2026 GMT Subject: CN=079B5F906ABC5F536C2693FFBF12DD0AD2C4B436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:71:19:30:d3:72:f5:d8:9f:63:17:f2:da:7a: b7:06:0f:a3:70:3d:af:11:a0:7f:6c:6b:50:56:59: b4:7c:3e:c2:74:a7:94:4b:d2:54:69:d0:23:05:ae: a8:a1:d4:29:b8:a6:e6:cb:a5:2b:40:85:d9:b8:ba: 97:66:40:90:44:1f:a4:03:8b:5a:ba:a3:ef:19:f8: 67:78:8e:09:49:db:17:e3:15:e9:4a:fe:20:b2:0f: 2a:75:9f:54:d3:43:d4:46:f4:4c:4a:d9:a6:85:22: 57:d3:f1:f6:6f:cc:7a:15:9f:e3:12:2f:cb:6e:15: f5:41:fe:4d:59:4d:07:9d:39:d5:25:08:b0:83:09: a7:2a:79:30:f2:85:b7:27:d3:b6:a8:b1:e3:10:4a: 0b:85:61:a2:b5:ae:8b:62:dd:0c:5a:a6:93:a3:8f: e3:ef:ce:aa:e4:cc:db:ce:d3:22:c2:56:e9:cb:5a: 5b:01:e7:40:e2:7e:99:44:cc:63:52:33:98:df:28: 9d:69:f2:02:65:8d:79:ed:f8:9c:a8:b2:c7:dd:ff: 3d:b7:4c:39:5b:d6:bd:8f:14:cf:70:47:ac:14:a6: 99:56:ba:20:3f:f7:ab:0a:51:9b:b6:55:76:c1:28: b3:be:d1:aa:06:78:16:3a:af:7f:ae:72:38:62:4a: 6c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:9B:5F:90:6A:BC:5F:53:6C:26:93:FF:BF:12:DD:0A:D2:C4:B4:36 X509v3 Authority Key Identifier: keyid:9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:27:24:4e:72:95:85:d0:1f:4b:6a:2b:1f:5f:a9:78:dc:5b: 8f:c1:14:99:66:5c:02:00:7d:00:85:14:99:ce:50:7b:73:48: 05:dc:b5:b1:86:2b:e7:f0:95:f8:0c:1c:f9:a2:bb:c6:c5:d6: 02:9d:89:ce:51:4a:58:84:ab:f1:d0:f3:ab:dc:6d:4b:a8:f4: db:96:53:c4:00:5c:91:14:c9:a8:0a:94:69:38:a7:c1:60:0a: b5:74:00:12:84:ef:10:56:31:61:c0:37:fd:7b:38:6c:81:e6: 9c:86:d2:17:e9:91:e9:9e:8a:43:17:0d:6d:3b:c0:0a:37:76: 4e:01:07:9c:ba:b0:e1:1d:0f:74:9a:da:23:c1:ca:6e:7b:48: 88:13:c9:ba:4e:b6:e9:e8:95:dd:06:59:c5:2a:6f:1a:4f:92: d4:58:f3:4d:b8:90:9b:22:35:f3:78:2a:c3:f3:7f:d3:74:c9: 1f:10:fd:0d:b1:89:f5:0f:9a:30:93:36:98:0e:0c:3f:e4:2e: 09:1a:51:0d:3f:0a:38:dc:83:41:fb:eb:0b:45:37:5d:f2:ec: 47:70:0a:ec:2a:46:86:54:5e:b9:4a:52:38:69:06:f3:29:92: 5f:1d:75:74:c2:a5:98:57:8d:0c:5b:f9:c9:ed:33:ea:b8:d8: 10:fb:86:45 -----BEGIN CERTIFICATE----- MIIE5DCCA8ygAwIBAgIUMUgfCTpWIEGVjok1jI2BNGnGgdowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdG NzJCRDVDMjAeFw0yNjA2MTMwMDM4MzJaFw0yNjA2MTQwMzI4MzJaMDMxMTAvBgNV BAMTKDA3OUI1RjkwNkFCQzVGNTM2QzI2OTNGRkJGMTJERDBBRDJDNEI0MzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmcRkw03L12J9jF/LaercGD6Nw Pa8RoH9sa1BWWbR8PsJ0p5RL0lRp0CMFrqih1Cm4pubLpStAhdm4updmQJBEH6QD i1q6o+8Z+Gd4jglJ2xfjFelK/iCyDyp1n1TTQ9RG9ExK2aaFIlfT8fZvzHoVn+MS L8tuFfVB/k1ZTQedOdUlCLCDCacqeTDyhbcn07aoseMQSguFYaK1roti3QxappOj j+PvzqrkzNvO0yLCVunLWlsB50DifplEzGNSM5jfKJ1p8gJljXnt+Jyossfd/z23 TDlb1r2PFM9wR6wUpplWuiA/96sKUZu2VXbBKLO+0aoGeBY6r3+ucjhiSmx5AgMB AAGjggHuMIIB6jAdBgNVHQ4EFgQUB5tfkGq8X1NsJpP/vxLdCtLEtDYwHwYDVR0j BBgwFoAUnQB9Nz84HMpZbs4g/Cfo1/cr1cIwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVU LzAvOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5jcmww bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p Yy50dy9ycGtpL1RXTklDQ0EvMS85RDAwN0QzNzNGMzgxQ0NBNTk2RUNFMjBGQzI3 RThEN0Y3MkJENUMyLmNlcjBuBggrBgEFBQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJz eW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVULzAvOUQwMDdEMzczRjM4 MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5tZnQwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUG CCsGAQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBABInJE5ylYXQ H0tqKx9fqXjcW4/BFJlmXAIAfQCFFJnOUHtzSAXctbGGK+fwlfgMHPmiu8bF1gKd ic5RSliEq/HQ86vcbUuo9NuWU8QAXJEUyagKlGk4p8FgCrV0ABKE7xBWMWHAN/17 OGyB5pyG0hfpkemeikMXDW07wAo3dk4BB5y6sOEdD3Sa2iPBym57SIgTybpOtuno ld0GWcUqbxpPktRY8024kJsiNfN4KsPzf9N0yR8Q/Q2xifUPmjCTNpgODD/kLgka UQ0/Cjjcg0H76wtFN13y7EdwCuwqRoZUXrlKUjhpBvMpkl8ddXTCpZhXjQxb+cnt M+q42BD7hkU= -----END CERTIFICATE-----Generated at Sat Jun 13 12:40:57 2026 by rpki-client