$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft File: RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft (raw, json) Hash identifier: zy/Tc/+4Z98XE79ctWgSVwZpAieCcDLrjo2iR951Suo= Subject key identifier: EB:A3:97:2C:CF:2A:C1:97:E5:86:C0:AD:8B:74:0D:C3:6C:79:B1:B3 Authority key identifier: 46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B Certificate issuer: /CN=4640D988EC8146BA430596012122D1A1CFC1C36B Certificate serial: 0D33 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft Manifest number: 0D13 Signing time: Fri 25 Apr 2025 09:18:02 +0000 Manifest this update: Fri 25 Apr 2025 09:18:02 +0000 Manifest next update: Sun 27 Apr 2025 09:18:02 +0000 Files and hashes: 1: 6AD09RhhSlVX3Bi3hEHBNh8TnIU.roa (hash: nStEV34LU8U3gwUjfCxu9vu81FhZ+DhL680qZHG55H8=) 2: RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl (hash: /09DuX1mRhSjRvapw2wMWRykhrx6Q2LQzKC6PU/23do=) 3: sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa (hash: MG4Wy2efkvSpbc1yPWr9rKUgLUOxccXgjAD4AOXxRtc=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 21:19:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3379 (0xd33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4640D988EC8146BA430596012122D1A1CFC1C36B Validity Not Before: Apr 25 09:18:02 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=EBA3972CCF2AC197E586C0AD8B740DC36C79B1B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:1c:70:15:e8:47:0b:5c:cf:90:8c:df:cd:69: 20:52:4c:f0:94:21:ba:af:0c:c8:7d:b3:9b:43:3f: a9:ba:1e:ea:bc:53:ef:72:c0:4f:fc:bb:b9:9a:63: 79:52:fb:a7:80:e8:c1:45:c6:9f:2b:43:84:a0:c5: 20:e4:5a:c2:1f:e2:2f:06:cf:d2:d6:16:05:26:af: e6:d6:76:af:7b:84:98:e9:6d:b6:84:92:6e:0b:b1: f7:2a:ab:94:42:e0:f3:c1:28:a4:7d:ce:c5:f8:f3: 9f:b6:1e:78:f0:7f:9b:f2:1d:4e:23:b0:22:0b:cf: 90:b5:e3:4f:ab:e9:1e:9b:c3:da:13:ce:3b:20:c2: 56:9c:d7:48:31:f2:1c:f3:95:6e:63:09:be:69:92: fa:07:ca:5d:c5:72:72:26:72:b5:f9:f5:4b:ac:40: b1:5a:53:c3:7b:be:8c:5e:cd:fb:81:9a:aa:3f:f3: de:98:2d:3e:77:8f:d9:20:67:13:31:1f:47:ad:a1: 87:11:a7:34:8c:72:b1:03:28:9b:b8:7d:4b:28:ed: 0c:37:e8:ea:75:bb:56:19:d8:b9:76:70:39:cc:11: 35:de:13:3d:c1:36:5b:5b:5e:7f:8f:7e:b9:4e:b7: a4:aa:a5:25:16:70:65:b2:40:fa:01:44:f0:f8:7c: 9d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:A3:97:2C:CF:2A:C1:97:E5:86:C0:AD:8B:74:0D:C3:6C:79:B1:B3 X509v3 Authority Key Identifier: keyid:46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:eb:36:d9:7c:90:f9:ea:b6:f6:27:2a:56:5c:89:40:b7:dc: fc:05:66:02:7f:33:55:fa:7a:08:27:48:28:26:12:2b:f4:87: 67:33:2e:ec:51:66:c5:ef:70:ca:75:9c:a8:1f:54:03:0a:46: f7:47:10:d6:ee:9d:aa:42:43:5c:5a:20:1b:20:6e:65:6e:ea: 27:dd:49:6f:5e:b2:e9:0c:02:5a:29:c9:c2:cc:df:93:37:0a: b1:4e:f5:25:2b:2d:90:f9:73:b5:41:bf:3a:91:10:a9:2d:b7: b6:8c:db:04:65:a4:8d:fb:5d:ed:c8:8a:a7:7b:73:07:fe:03: b9:b3:92:ab:d3:4b:29:4a:7b:97:16:e4:11:f9:66:f8:06:8d: 87:53:77:63:b4:24:91:99:68:00:90:bd:c1:85:6a:66:14:ec: b3:06:fa:a7:d2:65:0f:2b:ef:40:6c:f9:9e:5e:1d:0b:6b:33: 72:97:1e:cb:2b:40:d9:7a:1a:67:2e:d4:d9:81:ec:41:f9:5d: 68:0d:49:a7:6b:77:35:4f:b5:b6:1f:10:bf:6e:31:3f:e8:f9: 42:40:86:24:f4:21:97:66:fb:f7:ae:da:29:00:a0:0a:05:54: 2a:fe:75:53:43:e1:c4:cc:7f:cc:88:6d:30:ef:9c:8c:21:b6: 42:0e:ad:2d -----BEGIN CERTIFICATE----- MIIE6zCCA9OgAwIBAgICDTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDY0 MEQ5ODhFQzgxNDZCQTQzMDU5NjAxMjEyMkQxQTFDRkMxQzM2QjAeFw0yNTA0MjUw OTE4MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEVCQTM5NzJDQ0YyQUMx OTdFNTg2QzBBRDhCNzQwREMzNkM3OUIxQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqHHAV6EcLXM+QjN/NaSBSTPCUIbqvDMh9s5tDP6m6Huq8U+9y wE/8u7maY3lS+6eA6MFFxp8rQ4SgxSDkWsIf4i8Gz9LWFgUmr+bWdq97hJjpbbaE km4Lsfcqq5RC4PPBKKR9zsX485+2Hnjwf5vyHU4jsCILz5C140+r6R6bw9oTzjsg wlac10gx8hzzlW5jCb5pkvoHyl3FcnImcrX59UusQLFaU8N7voxezfuBmqo/896Y LT53j9kgZxMxH0etoYcRpzSMcrEDKJu4fUso7Qw36Op1u1YZ2Ll2cDnMETXeEz3B NltbXn+PfrlOt6SqpSUWcGWyQPoBRPD4fJ0nAgMBAAGjggIHMIICAzAdBgNVHQ4E FgQU66OXLM8qwZflhsCti3QNw2x5sbMwHwYDVR0jBBgwFoAURkDZiOyBRrpDBZYB ISLRoc/Bw2swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVS L1JrRFppT3lCUnJwREJaWUJJU0xSb2NfQncycy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvUmtEWmlPeUJScnBEQlpZQklTTFJvY19CdzJzLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVSL1JrRFppT3lCUnJwREJaWUJJ U0xSb2NfQncycy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCX 6zbZfJD56rb2JypWXIlAt9z8BWYCfzNV+noIJ0goJhIr9IdnMy7sUWbF73DKdZyo H1QDCkb3RxDW7p2qQkNcWiAbIG5lbuon3UlvXrLpDAJaKcnCzN+TNwqxTvUlKy2Q +XO1Qb86kRCpLbe2jNsEZaSN+13tyIqne3MH/gO5s5Kr00spSnuXFuQR+Wb4Bo2H U3djtCSRmWgAkL3BhWpmFOyzBvqn0mUPK+9AbPmeXh0LazNylx7LK0DZehpnLtTZ gexB+V1oDUmna3c1T7W2HxC/bjE/6PlCQIYk9CGXZvv3rtopAKAKBVQq/nVTQ+HE zH/MiG0w75yMIbZCDq0t -----END CERTIFICATE-----Generated at Sat Apr 26 20:31:33 2025 by rpki-client