$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IBM/o3xu4rDtCvgyEQLjThS2qXb3mJ0.mft File: o3xu4rDtCvgyEQLjThS2qXb3mJ0.mft (raw, json) Hash identifier: 7bc2WZOa/ImZFTy+kjuwGiUOs4ENSouThRc8Fhj2Xsk= Subject key identifier: C6:47:62:16:5F:C5:DB:2F:F3:75:AB:7D:B8:5F:AA:4C:C6:FA:CA:A4 Authority key identifier: A3:7C:6E:E2:B0:ED:0A:F8:32:11:02:E3:4E:14:B6:A9:76:F7:98:9D Certificate issuer: /CN=A37C6EE2B0ED0AF8321102E34E14B6A976F7989D Certificate serial: 0D3C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/o3xu4rDtCvgyEQLjThS2qXb3mJ0.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IBM/o3xu4rDtCvgyEQLjThS2qXb3mJ0.mft Manifest number: 0D3C Signing time: Wed 05 Nov 2025 09:59:02 +0000 Manifest this update: Wed 05 Nov 2025 09:59:02 +0000 Manifest next update: Fri 07 Nov 2025 09:59:02 +0000 Files and hashes: 1: o3xu4rDtCvgyEQLjThS2qXb3mJ0.crl (hash: MWfFfWHWHv5OvgYOceUwBgJdlGF9bMW0rx89ZLwPEdk=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/IBM/o3xu4rDtCvgyEQLjThS2qXb3mJ0.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/IBM/o3xu4rDtCvgyEQLjThS2qXb3mJ0.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/o3xu4rDtCvgyEQLjThS2qXb3mJ0.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 20:59:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3388 (0xd3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A37C6EE2B0ED0AF8321102E34E14B6A976F7989D Validity Not Before: Nov 5 09:59:02 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=C64762165FC5DB2FF375AB7DB85FAA4CC6FACAA4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:e3:a5:d7:31:58:2c:8a:00:dd:62:3e:01:76: 96:df:6b:ad:d8:e6:ef:af:02:c0:9c:7e:ed:04:96: de:0d:6f:57:85:e2:17:42:93:f6:d7:fc:24:3e:a6: 79:62:7e:db:57:d1:d3:c2:8f:1e:ee:93:94:df:43: cb:4c:16:33:01:2f:d4:e9:06:7e:ff:e1:2f:70:53: 78:95:19:bc:98:ba:21:f8:bf:c1:fe:5c:90:3b:6b: 31:f6:0f:2b:07:e3:8a:79:1b:13:8f:9a:29:8e:b7: ab:66:d2:72:0c:3a:d0:87:b4:b0:31:72:ad:5c:ce: bc:a2:75:fc:5f:61:03:b9:4e:bf:6d:a6:54:e5:ac: 05:ab:2b:a2:ef:7d:27:0c:29:b8:f7:5d:bc:6e:bc: 87:54:f3:61:ad:c8:99:07:25:ee:24:e8:2a:69:77: 4d:4f:49:b2:c7:15:2b:cb:00:85:2a:1f:f9:19:08: 70:15:f2:5e:dc:fd:54:09:d7:c6:29:d5:d2:78:aa: fd:6c:e7:8b:70:13:98:d3:0a:3e:4b:19:e8:88:78: eb:4a:91:11:02:f9:aa:86:60:c4:87:ea:b2:5c:56: e0:f5:3f:07:83:23:86:e9:17:78:6e:5c:4e:3a:2c: 2e:bf:37:ac:9e:ba:13:a6:3f:c1:08:8a:be:22:f1: c0:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:47:62:16:5F:C5:DB:2F:F3:75:AB:7D:B8:5F:AA:4C:C6:FA:CA:A4 X509v3 Authority Key Identifier: keyid:A3:7C:6E:E2:B0:ED:0A:F8:32:11:02:E3:4E:14:B6:A9:76:F7:98:9D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IBM/o3xu4rDtCvgyEQLjThS2qXb3mJ0.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/o3xu4rDtCvgyEQLjThS2qXb3mJ0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IBM/o3xu4rDtCvgyEQLjThS2qXb3mJ0.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:b3:7a:e9:a6:0e:53:be:a6:ce:b8:69:e7:6f:aa:1d:7b:ed: 96:d0:93:7d:c6:a4:11:a5:31:e0:b2:55:cd:b4:9c:87:15:eb: 80:fa:6a:51:9c:29:94:5e:94:9e:06:84:62:16:9e:8e:8e:b7: b8:c3:03:b2:21:d8:c4:68:46:17:eb:76:93:61:bb:b2:7d:2e: de:f8:d3:f6:74:0c:69:47:0f:e0:d5:a8:fc:67:b3:c1:f1:27: 36:d8:ef:88:f8:99:df:7b:24:a5:05:0f:c9:21:e6:32:e1:1e: bf:b2:ab:3e:47:74:4b:8f:ee:b7:36:20:49:44:67:55:c9:7a: ed:2b:97:f7:77:68:75:44:e6:23:d8:95:1d:1b:ca:db:59:2d: 79:75:a6:be:c7:16:09:55:21:34:8d:b0:ba:7c:ec:c4:e2:c6: aa:69:0c:66:4a:cd:81:9f:f7:51:a5:c2:e6:fe:a2:1c:f9:de: f1:b5:ff:8f:06:58:be:58:e8:91:3e:fe:59:fb:66:77:ac:f7: 12:62:f9:42:e7:eb:74:44:9c:c2:39:7e:13:60:ae:09:3a:8d: a7:b4:24:c5:2d:58:05:ba:12:7f:4a:c6:88:fd:03:68:ba:0a: 06:b9:32:f4:40:2d:cb:65:14:66:9f:50:a6:aa:6f:2b:31:9c: 52:44:82:fd -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgICDTwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTM3 QzZFRTJCMEVEMEFGODMyMTEwMkUzNEUxNEI2QTk3NkY3OTg5RDAeFw0yNTExMDUw OTU5MDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEM2NDc2MjE2NUZDNURC MkZGMzc1QUI3REI4NUZBQTRDQzZGQUNBQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCj46XXMVgsigDdYj4Bdpbfa63Y5u+vAsCcfu0Elt4Nb1eF4hdC k/bX/CQ+pnlifttX0dPCjx7uk5TfQ8tMFjMBL9TpBn7/4S9wU3iVGbyYuiH4v8H+ XJA7azH2DysH44p5GxOPmimOt6tm0nIMOtCHtLAxcq1czryidfxfYQO5Tr9tplTl rAWrK6LvfScMKbj3XbxuvIdU82GtyJkHJe4k6Cppd01PSbLHFSvLAIUqH/kZCHAV 8l7c/VQJ18Yp1dJ4qv1s54twE5jTCj5LGeiIeOtKkREC+aqGYMSH6rJcVuD1PweD I4bpF3huXE46LC6/N6yeuhOmP8EIir4i8cDZAgMBAAGjggIBMIIB/TAdBgNVHQ4E FgQUxkdiFl/F2y/zdat9uF+qTMb6yqQwHwYDVR0jBBgwFoAUo3xu4rDtCvgyEQLj ThS2qXb3mJ0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUJNL28z eHU0ckR0Q3ZneUVRTGpUaFMycVhiM21KMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev bzN4dTRyRHRDdmd5RVFMalRoUzJxWGIzbUowLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSUJNL28zeHU0ckR0Q3ZneUVRTGpUaFMycVhi M21KMC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB /wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCis3rppg5T vqbOuGnnb6ode+2W0JN9xqQRpTHgslXNtJyHFeuA+mpRnCmUXpSeBoRiFp6Ojre4 wwOyIdjEaEYX63aTYbuyfS7e+NP2dAxpRw/g1aj8Z7PB8Sc22O+I+JnfeySlBQ/J IeYy4R6/sqs+R3RLj+63NiBJRGdVyXrtK5f3d2h1ROYj2JUdG8rbWS15daa+xxYJ VSE0jbC6fOzE4saqaQxmSs2Bn/dRpcLm/qIc+d7xtf+PBli+WOiRPv5Z+2Z3rPcS YvlC5+t0RJzCOX4TYK4JOo2ntCTFLVgFuhJ/SsaI/QNougoGuTL0QC3LZRRmn1Cm qm8rMZxSRIL9 -----END CERTIFICATE-----Generated at Wed Nov 5 19:16:33 2025 by rpki-client