$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft File: RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft (raw, json) Hash identifier: NgmLfNGMoTKsAiAZlb1UVDDHKONlQwEhDBxAsAr1nc0= Subject key identifier: EB:A3:97:2C:CF:2A:C1:97:E5:86:C0:AD:8B:74:0D:C3:6C:79:B1:B3 Authority key identifier: 46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B Certificate issuer: /CN=4640D988EC8146BA430596012122D1A1CFC1C36B Certificate serial: 0DB7 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft Manifest number: 0D95 Signing time: Wed 05 Nov 2025 09:59:37 +0000 Manifest this update: Wed 05 Nov 2025 09:59:37 +0000 Manifest next update: Fri 07 Nov 2025 09:59:37 +0000 Files and hashes: 1: FYcm3-BAzLarrqeCYV2whY0U-zo.roa (hash: BaTk+IlRTMk3VliwXqlPH52YkxVtp5DBAOqd4jq6OiU=) 2: RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl (hash: 69M4LYtiAvRXx8jGK6k5NTsb6+yq7yuf6tsos6x5khk=) 3: TsN0H5pD6Qm0_O0vCqm-6LmqAwg.roa (hash: QK6bO3POqwYLqN6of1UT1LdwgPFXVK0OJbizi519XWY=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 01:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3511 (0xdb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4640D988EC8146BA430596012122D1A1CFC1C36B Validity Not Before: Nov 5 09:59:37 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=EBA3972CCF2AC197E586C0AD8B740DC36C79B1B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:1c:70:15:e8:47:0b:5c:cf:90:8c:df:cd:69: 20:52:4c:f0:94:21:ba:af:0c:c8:7d:b3:9b:43:3f: a9:ba:1e:ea:bc:53:ef:72:c0:4f:fc:bb:b9:9a:63: 79:52:fb:a7:80:e8:c1:45:c6:9f:2b:43:84:a0:c5: 20:e4:5a:c2:1f:e2:2f:06:cf:d2:d6:16:05:26:af: e6:d6:76:af:7b:84:98:e9:6d:b6:84:92:6e:0b:b1: f7:2a:ab:94:42:e0:f3:c1:28:a4:7d:ce:c5:f8:f3: 9f:b6:1e:78:f0:7f:9b:f2:1d:4e:23:b0:22:0b:cf: 90:b5:e3:4f:ab:e9:1e:9b:c3:da:13:ce:3b:20:c2: 56:9c:d7:48:31:f2:1c:f3:95:6e:63:09:be:69:92: fa:07:ca:5d:c5:72:72:26:72:b5:f9:f5:4b:ac:40: b1:5a:53:c3:7b:be:8c:5e:cd:fb:81:9a:aa:3f:f3: de:98:2d:3e:77:8f:d9:20:67:13:31:1f:47:ad:a1: 87:11:a7:34:8c:72:b1:03:28:9b:b8:7d:4b:28:ed: 0c:37:e8:ea:75:bb:56:19:d8:b9:76:70:39:cc:11: 35:de:13:3d:c1:36:5b:5b:5e:7f:8f:7e:b9:4e:b7: a4:aa:a5:25:16:70:65:b2:40:fa:01:44:f0:f8:7c: 9d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:A3:97:2C:CF:2A:C1:97:E5:86:C0:AD:8B:74:0D:C3:6C:79:B1:B3 X509v3 Authority Key Identifier: keyid:46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:00:9e:c4:10:f6:03:ae:ea:75:5d:ed:64:ad:eb:76:5d:94: 69:6e:55:57:be:6d:5a:a8:4f:12:10:46:7f:2c:18:1b:02:e1: ec:d5:14:1a:8c:e3:e7:f3:c2:b4:5f:dc:9a:ae:69:92:ca:62: 84:77:5e:73:e9:4e:78:96:8a:fd:4c:6c:26:36:80:6f:df:ad: 58:31:11:cd:87:79:ed:66:ee:18:32:27:fe:b4:3b:1d:52:f9: 12:0a:de:a5:6a:ed:79:4c:aa:03:e3:af:7f:49:48:d1:5a:ba: 39:3c:ca:73:27:61:37:ee:94:a3:40:1c:ea:81:b0:0b:bc:46: ff:7a:fd:2a:7c:d5:76:be:6c:2f:ee:a5:e1:06:b2:95:b9:43: 1d:f7:d3:a5:d3:d9:5a:9e:cf:b2:fa:66:ea:cd:99:38:4d:59: 83:81:7f:1a:5e:57:b9:eb:86:ad:8a:ef:46:e8:d1:0a:8c:e1: 98:a0:f8:83:f8:50:1f:22:87:39:b5:8d:b0:08:63:f3:f2:bc: a0:99:23:d6:6e:40:95:95:82:ba:e5:90:04:fd:3a:b1:17:cc: b9:71:22:01:29:91:cc:48:da:70:c3:16:2f:58:37:da:68:b6: b4:01:95:32:2c:aa:be:06:33:82:2a:12:86:c5:69:f5:fb:64: 89:87:b0:6b -----BEGIN CERTIFICATE----- MIIE6zCCA9OgAwIBAgICDbcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDY0 MEQ5ODhFQzgxNDZCQTQzMDU5NjAxMjEyMkQxQTFDRkMxQzM2QjAeFw0yNTExMDUw OTU5MzdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEVCQTM5NzJDQ0YyQUMx OTdFNTg2QzBBRDhCNzQwREMzNkM3OUIxQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqHHAV6EcLXM+QjN/NaSBSTPCUIbqvDMh9s5tDP6m6Huq8U+9y wE/8u7maY3lS+6eA6MFFxp8rQ4SgxSDkWsIf4i8Gz9LWFgUmr+bWdq97hJjpbbaE km4Lsfcqq5RC4PPBKKR9zsX485+2Hnjwf5vyHU4jsCILz5C140+r6R6bw9oTzjsg wlac10gx8hzzlW5jCb5pkvoHyl3FcnImcrX59UusQLFaU8N7voxezfuBmqo/896Y LT53j9kgZxMxH0etoYcRpzSMcrEDKJu4fUso7Qw36Op1u1YZ2Ll2cDnMETXeEz3B NltbXn+PfrlOt6SqpSUWcGWyQPoBRPD4fJ0nAgMBAAGjggIHMIICAzAdBgNVHQ4E FgQU66OXLM8qwZflhsCti3QNw2x5sbMwHwYDVR0jBBgwFoAURkDZiOyBRrpDBZYB ISLRoc/Bw2swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVS L1JrRFppT3lCUnJwREJaWUJJU0xSb2NfQncycy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvUmtEWmlPeUJScnBEQlpZQklTTFJvY19CdzJzLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVSL1JrRFppT3lCUnJwREJaWUJJ U0xSb2NfQncycy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAy AJ7EEPYDrup1Xe1kret2XZRpblVXvm1aqE8SEEZ/LBgbAuHs1RQajOPn88K0X9ya rmmSymKEd15z6U54lor9TGwmNoBv361YMRHNh3ntZu4YMif+tDsdUvkSCt6lau15 TKoD469/SUjRWro5PMpzJ2E37pSjQBzqgbALvEb/ev0qfNV2vmwv7qXhBrKVuUMd 99Ol09lans+y+mbqzZk4TVmDgX8aXle564atiu9G6NEKjOGYoPiD+FAfIoc5tY2w CGPz8rygmSPWbkCVlYK65ZAE/TqxF8y5cSIBKZHMSNpwwxYvWDfaaLa0AZUyLKq+ BjOCKhKGxWn1+2SJh7Br -----END CERTIFICATE-----Generated at Wed Nov 5 21:13:34 2025 by rpki-client