$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.mft File: 1PDdD0-4AQJdWG75mcXu4C18IFk.mft (raw, json) Hash identifier: joEcO0d1Kv6sDQsz4772FeddUYQwXdO0pC9pc5RVvy8= Subject key identifier: 36:66:64:52:32:0A:BA:DC:BA:A3:52:9D:6F:65:14:9C:19:94:8C:EB Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59 Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059 Certificate serial: 105B Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.mft Manifest number: 0FE7 Signing time: Tue 24 Jun 2025 11:01:14 +0000 Manifest this update: Tue 24 Jun 2025 11:01:14 +0000 Manifest next update: Thu 26 Jun 2025 11:01:14 +0000 Files and hashes: 1: -6meSA_gYHH2GNus8etfLguxJGk.roa (hash: +0huFbIe0wVe/+59cUq7MutVavOjDW2LXLUzXLo8Bp8=) 2: 0fxMZr-xSDyNKJLdAzaUs77XPI4.roa (hash: BdU4v9HZmr4ueIZLLx7/NZkw0BJY9ylFy4145joG5Jc=) 3: 1PDdD0-4AQJdWG75mcXu4C18IFk.crl (hash: QnDUVXW/hiDbY9WDjAQAsoKBrbdagE3gE2kmFZBu8Ww=) 4: Ph3LXUUCHNzQbx8ZF3Xp2jGIrao.roa (hash: zMMaRyMSxfpE19/h+9HVfhEWN4zmgzH1mVw/R7zMJ6k=) 5: PhlE3e5xCgkmsLk8nVKhvc7xN9M.roa (hash: HKLsporc2jllNgpzy4+uuOzdDbmzNvvQlIPTMrEas2M=) 6: RZt8ik18y9atnUalzHkBomxnZos.roa (hash: cvi9K4iwLTSyWudTKK57hyiopJfPzAxtgw1EEddudDU=) 7: YPdc360PEFbWhqVvEyvpCKka3nA.roa (hash: 10K5Gw/UVEhmWYYssZijTApkxWDVY4Mqc0Kk1pUWEXU=) 8: eRWE6a5vfoWCWCMJwlWwTqzGFMM.roa (hash: XihPeSndSy61JAi+Zwro9P2JuemF+3b89GbgcsvmWok=) 9: mg5Pb36Ed8Qv3k_YEqaFZvERe0I.roa (hash: Q3PKKLm+2lFbBPPWZDJx6s4Y08oGpPv83go4EVgOnM0=) 10: na900zgWs54EDVa1nBJKbOShrzI.roa (hash: 4WCjXfiXRT2W9l7U7IIGIQBxhUC8A1i9PUnnbX+kUz4=) 11: qZAnPuIsZ-wdbzdyou5tqpF40Zg.roa (hash: f2idFSznlDWbD+BndphmUxux6HJe+jn4cHvz2HPGs3g=) 12: s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa (hash: QzsbOEzyGHyu+MaVCnE6ernqsIx6bRtycwY7gv3al5A=) 13: sz4M1ZiLPSJ6UI_Ya8frER0kXjw.roa (hash: drG0UFyFBp3trqOt1dwrpRu6xOJsYl6Csm+P43n1iHs=) 14: w4giOLeJgtwZBEclKCl9L2zpNqE.roa (hash: H4LPJK8YFwv9mpRc7i2sfXu142PvmyjG/+Tfg1lsVSw=) 15: z6GfaBOgWGWFbK9dKl0T1DdFjUg.roa (hash: xDcFnVzlYrK7jZYkbZb0iOoX57VyWnP7hfKUaiAkhP0=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 02:31:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4187 (0x105b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059 Validity Not Before: Jun 24 11:01:14 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=36666452320ABADCBAA3529D6F65149C19948CEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b7:3f:e0:8a:04:50:cd:e1:bd:8f:d1:d2:18: a7:fa:59:dc:58:40:b0:51:8e:7c:c4:b9:db:b4:75: 20:9f:0b:49:4e:ba:d6:9c:77:37:78:c6:19:f8:50: 87:2d:2c:10:c3:b1:5e:29:b4:b5:b6:3d:c6:a1:f1: e3:56:05:b7:ef:d3:b2:a3:dd:c0:db:27:86:74:dd: 5b:ad:28:4a:20:75:87:63:29:28:1a:42:ee:15:b0: 44:9c:11:e3:b6:43:6b:ec:56:c5:36:d5:5a:a8:56: 5b:64:e1:2f:b9:fe:13:75:ee:5a:5b:21:86:1c:21: d4:65:cd:c4:43:ed:80:e4:88:1c:ce:1f:80:7c:29: e3:fd:9b:a1:1a:f2:95:b9:8d:ba:31:c2:24:0e:da: f2:4d:d3:51:15:cd:bc:c0:3a:89:0d:10:2f:32:86: 46:e1:1e:6f:30:96:90:f8:52:63:1e:8e:6b:b3:e0: fd:61:d3:70:30:d6:5c:d7:99:57:eb:9f:34:bf:54: 02:af:ff:b5:ff:52:ff:d9:f7:d7:02:5b:31:b2:ea: 66:61:6c:fb:90:5e:55:4e:43:0b:dd:8c:d9:aa:77: 55:16:f5:7e:a8:8a:bf:6d:dd:52:db:77:e8:1a:1e: 75:31:2a:57:a9:da:6d:c7:4f:09:28:09:35:46:40: d5:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:66:64:52:32:0A:BA:DC:BA:A3:52:9D:6F:65:14:9C:19:94:8C:EB X509v3 Authority Key Identifier: keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:28:40:24:10:9d:6f:9f:bb:24:91:7d:28:59:3d:b5:8c:67: aa:d1:9c:c7:77:5d:b2:5e:b9:58:70:30:bf:c4:63:55:9f:49: a8:10:88:b3:fb:c7:9d:a8:5f:00:82:fc:57:01:9c:e2:96:34: f9:e4:75:52:53:46:3b:ce:5b:ec:76:78:2e:08:84:bd:bc:98: fa:82:0f:f9:28:a3:8e:02:31:88:26:82:cc:bb:3f:71:d2:e2: 67:e0:84:83:99:14:13:c7:de:d0:58:07:aa:cd:2b:5d:2c:2a: 06:fa:c1:34:ab:52:92:59:31:35:3c:3b:3f:62:f0:2a:12:a9: d2:b9:1e:0a:03:d4:2c:02:27:f0:c8:83:26:cf:92:a9:59:23: e4:6d:a2:11:03:d7:d8:2f:0b:50:07:6d:20:41:80:52:a6:62: 4e:30:e1:dc:f5:cb:b4:93:2a:83:d2:c5:b6:c4:8b:6d:8d:ce: 1b:bf:8c:69:1c:50:e3:cc:42:1c:4f:fe:1e:8b:17:89:7b:8f: 98:ee:8d:1c:8c:f2:90:ca:81:66:49:ce:fe:8c:a2:63:aa:49: ff:9f:f0:0d:f9:bd:1f:82:dc:5d:45:ca:c8:86:03:07:52:e4: f4:e8:23:cb:4b:f1:75:67:ad:8a:7d:7b:cf:7e:f3:46:b5:76: 12:dd:31:3b -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgICEFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTA2MjQx MTAxMTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM2NjY2NDUyMzIwQUJB RENCQUEzNTI5RDZGNjUxNDlDMTk5NDhDRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDItz/gigRQzeG9j9HSGKf6WdxYQLBRjnzEudu0dSCfC0lOutac dzd4xhn4UIctLBDDsV4ptLW2Pcah8eNWBbfv07Kj3cDbJ4Z03VutKEogdYdjKSga Qu4VsEScEeO2Q2vsVsU21VqoVltk4S+5/hN17lpbIYYcIdRlzcRD7YDkiBzOH4B8 KeP9m6Ea8pW5jboxwiQO2vJN01EVzbzAOokNEC8yhkbhHm8wlpD4UmMejmuz4P1h 03Aw1lzXmVfrnzS/VAKv/7X/Uv/Z99cCWzGy6mZhbPuQXlVOQwvdjNmqd1UW9X6o ir9t3VLbd+gaHnUxKlep2m3HTwkoCTVGQNVzAgMBAAGjggIBMIIB/TAdBgNVHQ4E FgQUNmZkUjIKuty6o1Kdb2UUnBmUjOswHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75 mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQRGREMC00QVFKZFdHNzVtY1h1NEMx OElGay5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB /wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBiKEAkEJ1v n7skkX0oWT21jGeq0ZzHd12yXrlYcDC/xGNVn0moEIiz+8edqF8AgvxXAZziljT5 5HVSU0Y7zlvsdnguCIS9vJj6gg/5KKOOAjGIJoLMuz9x0uJn4ISDmRQTx97QWAeq zStdLCoG+sE0q1KSWTE1PDs/YvAqEqnSuR4KA9QsAifwyIMmz5KpWSPkbaIRA9fY LwtQB20gQYBSpmJOMOHc9cu0kyqD0sW2xIttjc4bv4xpHFDjzEIcT/4eixeJe4+Y 7o0cjPKQyoFmSc7+jKJjqkn/n/AN+b0fgtxdRcrIhgMHUuT06CPLS/F1Z62KfXvP fvNGtXYS3TE7 -----END CERTIFICATE-----Generated at Tue Jun 24 23:58:18 2025 by rpki-client