$ rpki-client -vvf rpkica.twnic.tw/rpki/PNI/0/9F4621BE2CEB15DD74809D52692588598490FABF.mft File: 9F4621BE2CEB15DD74809D52692588598490FABF.mft (raw, json) Hash identifier: apzQhYL/a+4r4/XEJ00HUoH9c607iC3YLl11l7g+YlE= Subject key identifier: 1A:5D:C3:3C:D6:CB:B3:28:14:9A:2E:A3:EB:F6:0B:10:4F:DD:E4:C6 Authority key identifier: 9F:46:21:BE:2C:EB:15:DD:74:80:9D:52:69:25:88:59:84:90:FA:BF Certificate issuer: /CN=9F4621BE2CEB15DD74809D52692588598490FABF Certificate serial: 40D7B2E5FEC917D2E53AF6DB08B23DFBF2FEB7A6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9F4621BE2CEB15DD74809D52692588598490FABF.cer Subject info access: rsync://rpkica.twnic.tw/rpki/PNI/0/9F4621BE2CEB15DD74809D52692588598490FABF.mft Manifest number: 33 Signing time: Fri 12 Jun 2026 14:26:58 +0000 Manifest this update: Fri 12 Jun 2026 14:21:58 +0000 Manifest next update: Sat 13 Jun 2026 16:59:58 +0000 Files and hashes: 1: 323430353a636463303a3a2f33322d313234203d3e20313331363432.roa (hash: B+rZIPiEbFPdUxH0aia2ffpZrMmBBOdtjQ5TGrFZI/g=) 2: 3230322e3134382e3232322e302f32332d3332203d3e20313331363432.roa (hash: QSozWjihGPRSxS1l+02abUaaKtc4iDRAVQB/oWLei3c=) 3: 3130332e3135372e34322e302f32332d3332203d3e20323033353438.roa (hash: nYR+Ml8lrCk7Dl21maH1wtxMxSe7KjzyLwH7FozLC7o=) 4: 3130332e3133372e36322e302f32332d3332203d3e20313331363432.roa (hash: Om14eoHT5IhomeKnYkvjKpVL1HxviUxm8BBB1REH3/4=) 5: 9F4621BE2CEB15DD74809D52692588598490FABF.crl (hash: 2Fj1/D+muvfZuRZn7JSKGUycC14/eJ5EiRuTz6dVxuU=) 6: 3130332e3133372e3234362e302f32332d3332203d3e20313331363432.roa (hash: taJQRTDQ90UxXadAvWM0GS41DZC0w4SutBUxh10g3Ls=) 7: 3130332e3134382e37322e302f32332d3332203d3e20313331363432.roa (hash: OLaMU17HmXpsMBlzaeBhODO2N7nOliRaF32TUtfckJg=) 8: 3231312e37362e3137362e302f32332d3332203d3e20313331363432.roa (hash: Neacdwz6usPvpnxdcJO7WdPsbmwrbKBYPAqd9PXlS3o=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/PNI/0/9F4621BE2CEB15DD74809D52692588598490FABF.crl rsync://rpkica.twnic.tw/rpki/PNI/0/9F4621BE2CEB15DD74809D52692588598490FABF.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9F4621BE2CEB15DD74809D52692588598490FABF.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Jun 2026 16:59:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:d7:b2:e5:fe:c9:17:d2:e5:3a:f6:db:08:b2:3d:fb:f2:fe:b7:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9F4621BE2CEB15DD74809D52692588598490FABF Validity Not Before: Jun 12 14:21:58 2026 GMT Not After : Jun 13 16:59:58 2026 GMT Subject: CN=1A5DC33CD6CBB328149A2EA3EBF60B104FDDE4C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:81:59:9d:f7:d8:52:0e:f0:e2:60:89:7e:bf: be:7f:18:c7:53:8d:00:85:76:35:9a:a3:f5:8f:e7: 09:d9:8a:45:f1:4d:ab:b1:13:e6:4c:97:78:51:e6: 99:0c:58:b5:75:53:72:44:61:e3:27:4d:b8:bc:e4: d0:a8:c1:37:99:d5:f9:17:c4:e6:9f:f4:10:b3:27: f9:6f:d3:69:ff:d0:8d:c8:f9:fd:a0:ac:3e:50:34: 9e:ce:ca:84:2f:11:6b:e6:07:3e:1b:16:e0:c5:b2: 15:6a:5e:56:f2:1c:79:01:7d:ab:79:ee:07:7a:e5: 62:62:a7:af:08:9e:80:5c:35:a4:df:48:7d:5e:65: 1f:6b:ba:7d:75:69:6e:65:ad:d3:c6:8b:52:97:0e: af:43:16:54:5c:c6:44:73:d0:0e:a8:65:06:89:c5: f7:6e:cf:be:89:b1:46:16:98:95:16:8e:eb:6e:a5: 37:6d:11:89:0a:37:31:64:ca:7d:28:62:63:78:4c: 72:09:b9:07:9c:81:80:9c:fd:27:8f:c3:e3:ad:8e: 62:a8:99:bc:d1:e5:c4:f2:2a:eb:54:80:a4:e5:62: e5:22:22:f8:c3:41:f6:31:84:49:51:d6:3f:2f:42: 30:aa:f1:f2:bd:32:5e:52:68:a1:26:df:f7:4b:bd: 39:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:5D:C3:3C:D6:CB:B3:28:14:9A:2E:A3:EB:F6:0B:10:4F:DD:E4:C6 X509v3 Authority Key Identifier: keyid:9F:46:21:BE:2C:EB:15:DD:74:80:9D:52:69:25:88:59:84:90:FA:BF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/PNI/0/9F4621BE2CEB15DD74809D52692588598490FABF.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9F4621BE2CEB15DD74809D52692588598490FABF.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/PNI/0/9F4621BE2CEB15DD74809D52692588598490FABF.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:1c:ac:d8:62:f3:7e:85:65:67:68:2b:ce:32:3b:4f:09:42: 07:a1:05:9a:cc:25:b0:4f:b7:9e:e9:20:80:cf:ea:9e:49:a9: ae:b9:bc:94:af:d3:66:4d:b7:df:70:c2:e0:91:94:26:a2:77: 44:24:18:50:af:04:d4:d5:4c:54:d3:44:61:98:a8:2d:5f:35: df:be:de:12:ab:db:d4:bc:92:2a:53:bb:ee:77:08:8f:81:81: b1:86:28:33:da:3b:04:84:db:4f:76:e0:68:b2:f4:56:01:e5: 9e:4d:45:e6:55:56:d3:96:ac:ba:ac:02:dd:02:67:0a:12:6f: b7:5f:f4:a3:d1:34:5b:f3:cd:dd:e7:6d:d7:43:7f:ec:75:6a: 74:73:a0:b9:79:b8:14:22:90:8c:cf:cb:e7:1a:63:0d:cd:d0: 84:98:2f:24:cd:ca:af:c1:e1:67:05:b8:f0:92:c7:97:f6:98: 49:5e:37:dd:05:ce:80:22:50:ff:9f:31:2e:ee:b1:04:d1:8e: 2c:07:71:e5:a4:fb:66:b1:6c:85:11:50:6d:d8:db:bd:2e:e3: b1:0a:45:aa:27:f9:6e:44:6a:fb:f1:3c:2f:5d:50:ea:c1:2a: 5d:ca:5b:e0:59:06:9b:65:00:f2:dc:fd:45:3d:2e:92:d0:15: f0:3a:7f:a3 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUQNey5f7JF9LlOvbbCLI9+/L+t6YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUY0NjIxQkUyQ0VCMTVERDc0ODA5RDUyNjkyNTg4NTk4 NDkwRkFCRjAeFw0yNjA2MTIxNDIxNThaFw0yNjA2MTMxNjU5NThaMDMxMTAvBgNV BAMTKDFBNURDMzNDRDZDQkIzMjgxNDlBMkVBM0VCRjYwQjEwNEZEREU0QzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUgVmd99hSDvDiYIl+v75/GMdT jQCFdjWao/WP5wnZikXxTauxE+ZMl3hR5pkMWLV1U3JEYeMnTbi85NCowTeZ1fkX xOaf9BCzJ/lv02n/0I3I+f2grD5QNJ7OyoQvEWvmBz4bFuDFshVqXlbyHHkBfat5 7gd65WJip68InoBcNaTfSH1eZR9run11aW5lrdPGi1KXDq9DFlRcxkRz0A6oZQaJ xfduz76JsUYWmJUWjutupTdtEYkKNzFkyn0oYmN4THIJuQecgYCc/SePw+OtjmKo mbzR5cTyKutUgKTlYuUiIvjDQfYxhElR1j8vQjCq8fK9Ml5SaKEm3/dLvTmtAgMB AAGjggHoMIIB5DAdBgNVHQ4EFgQUGl3DPNbLsygUmi6j6/YLEE/d5MYwHwYDVR0j BBgwFoAUn0YhvizrFd10gJ1SaSWIWYSQ+r8wDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUE5JLzAv OUY0NjIxQkUyQ0VCMTVERDc0ODA5RDUyNjkyNTg4NTk4NDkwRkFCRi5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMS85RjQ2MjFCRTJDRUIxNURENzQ4MDlENTI2OTI1ODg1 OTg0OTBGQUJGLmNlcjBrBggrBgEFBQcBCwRfMF0wWwYIKwYBBQUHMAuGT3JzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUE5JLzAvOUY0NjIxQkUyQ0VCMTVERDc0 ODA5RDUyNjkyNTg4NTk4NDkwRkFCRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBALYcrNhi836FZWdoK84y O08JQgehBZrMJbBPt57pIIDP6p5Jqa65vJSv02ZNt99wwuCRlCaid0QkGFCvBNTV TFTTRGGYqC1fNd++3hKr29S8kipTu+53CI+BgbGGKDPaOwSE20924Giy9FYB5Z5N ReZVVtOWrLqsAt0CZwoSb7df9KPRNFvzzd3nbddDf+x1anRzoLl5uBQikIzPy+ca Yw3N0ISYLyTNyq/B4WcFuPCSx5f2mEleN90FzoAiUP+fMS7usQTRjiwHceWk+2ax bIURUG3Y270u47EKRaon+W5EavvxPC9dUOrBKl3KW+BZBptlAPLc/UU9LpLQFfA6 f6M= -----END CERTIFICATE-----Generated at Sat Jun 13 09:05:06 2026 by rpki-client