$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KUthydo1hCdBgvogr4Ym4a6oHzI.cer File: KUthydo1hCdBgvogr4Ym4a6oHzI.cer (raw, json) Hash identifier: Y50nmoOe2JtYSM72jd8E7Hha9iYRls8cCm/U0hy/zSI= Subject key identifier: 29:4B:61:C9:DA:35:84:27:41:82:FA:20:AF:86:26:E1:AE:A8:1F:32 Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Certificate serial: 1EDF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKGAME/KUthydo1hCdBgvogr4Ym4a6oHzI.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKGAME/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Wed 08 Oct 2025 04:22:10 +0000 Certificate not after: Wed 07 Oct 2026 15:30:20 +0000 Subordinate resources: IP: 138.252.10.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 11:29:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7903 (0x1edf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Validity Not Before: Oct 8 04:22:10 2025 GMT Not After : Oct 7 15:30:20 2026 GMT Subject: CN=294B61C9DA3584274182FA20AF8626E1AEA81F32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7a:18:a3:30:ae:e5:c1:1c:51:ce:d6:43:8d: 6a:fe:67:96:ef:f0:00:0d:39:c0:f5:cc:fa:32:4b: 38:c6:94:92:98:1e:fb:ef:fa:b3:67:be:25:35:9d: 4f:b8:0c:47:70:aa:da:d6:18:8e:ad:28:a9:48:f8: 22:fb:d3:ea:ee:cd:59:3e:9e:67:97:07:29:61:b8: 09:05:f1:26:30:d0:99:78:ad:b9:22:80:8e:44:f3: 48:6c:91:79:af:3f:43:09:cb:af:af:21:ad:82:c9: 45:94:9c:12:47:39:00:4c:e7:8e:93:8a:a4:46:df: 75:f5:51:4f:b0:2d:6d:11:f9:a4:d1:f4:8d:e4:0c: 2a:4d:9f:15:86:2d:b9:cb:24:c7:96:e9:ff:98:2e: 1b:8f:6f:5f:79:53:74:13:48:9d:dd:ee:b6:a4:d9: 41:5c:4b:4f:4f:c3:b0:1d:fc:f6:2c:c4:27:16:4b: 24:95:93:6f:8e:6c:a7:6f:16:df:0d:fd:0d:09:8a: b6:ef:d1:b5:0b:ab:aa:70:7b:80:88:11:2a:4f:95: b1:9d:55:bb:dd:2d:8b:e6:36:4f:8b:4e:da:f9:a3: 50:13:4e:34:f8:04:ae:51:dd:c1:d4:1c:3e:93:cd: 88:cf:e5:f8:47:f4:e8:8a:fc:ce:ac:19:bf:4d:15: c0:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:4B:61:C9:DA:35:84:27:41:82:FA:20:AF:86:26:E1:AE:A8:1F:32 X509v3 Authority Key Identifier: keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKGAME/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKGAME/KUthydo1hCdBgvogr4Ym4a6oHzI.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 138.252.10.0/23 Signature Algorithm: sha256WithRSAEncryption 49:8a:3e:89:30:9e:8a:43:26:b9:47:1a:5d:28:f9:f8:3b:ab: 8a:8d:c9:5d:27:2b:40:4a:4c:04:cf:e3:82:eb:e3:9a:8f:be: c5:f1:16:a9:1f:82:93:40:e3:e4:fd:54:ae:6c:d1:4d:42:65: 49:7c:3e:c4:55:ca:bf:0d:15:21:d2:30:90:04:5c:93:ae:b3: ae:95:97:34:e5:b9:3f:97:f1:a1:27:8c:65:5d:49:af:c0:ef: 1f:f2:6e:9d:38:87:e8:cd:7e:8b:6d:a4:66:d2:a5:bc:38:27: d3:f3:bc:3c:97:1f:6e:09:2d:70:5d:ef:60:d5:11:12:78:40: bd:35:39:4e:94:c8:3c:72:c7:96:2a:26:82:51:0e:4c:a3:8a: ff:cd:31:2b:42:5d:29:34:17:8b:6b:7c:07:02:50:8e:31:29: 86:04:c3:bf:3a:ad:88:13:b1:49:5f:b6:45:f0:0a:28:f5:e9: 56:ae:46:91:a1:33:5d:33:d8:ef:c6:c1:2c:72:5f:23:fd:81: 96:57:44:98:d0:4b:44:0e:bc:d9:aa:cf:e9:58:d8:16:91:0e: be:b8:06:67:27:72:aa:4e:41:81:5b:c0:50:32:b8:8d:60:69: af:ae:1a:17:ea:07:6e:66:ae:eb:a0:d8:37:39:9b:84:d3:e7: dd:6a:39:ea -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgICHt8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF RUExNzgxODYxNzQzMB4XDTI1MTAwODA0MjIxMFoXDTI2MTAwNzE1MzAyMFowMzEx MC8GA1UEAxMoMjk0QjYxQzlEQTM1ODQyNzQxODJGQTIwQUY4NjI2RTFBRUE4MUYz MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM16GKMwruXBHFHO1kON av5nlu/wAA05wPXM+jJLOMaUkpge++/6s2e+JTWdT7gMR3Cq2tYYjq0oqUj4IvvT 6u7NWT6eZ5cHKWG4CQXxJjDQmXituSKAjkTzSGyRea8/QwnLr68hrYLJRZScEkc5 AEznjpOKpEbfdfVRT7AtbRH5pNH0jeQMKk2fFYYtucskx5bp/5guG49vX3lTdBNI nd3utqTZQVxLT0/DsB389izEJxZLJJWTb45sp28W3w39DQmKtu/RtQurqnB7gIgR Kk+VsZ1Vu90ti+Y2T4tO2vmjUBNONPgErlHdwdQcPpPNiM/l+Ef06Ir8zqwZv00V wCECAwEAAaOCAlAwggJMMB0GA1UdDgQWBBQpS2HJ2jWEJ0GC+iCvhibhrqgfMjAf BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdYGCCsGAQUFBwELBIHJMIHGMDgGCCsGAQUFBzAF hixyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tHQU1FLzBX BggrBgEFBQcwCoZLcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0tLR0FNRS9LVXRoeWRvMWhDZEJndm9ncjRZbTRhNm9IekkubWZ0MDEGCCsGAQUF BzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsG AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBivwKMA0GCSqGSIb3DQEBCwUAA4IBAQBJ ij6JMJ6KQya5RxpdKPn4O6uKjcldJytASkwEz+OC6+Oaj77F8RapH4KTQOPk/VSu bNFNQmVJfD7EVcq/DRUh0jCQBFyTrrOulZc05bk/l/GhJ4xlXUmvwO8f8m6dOIfo zX6LbaRm0qW8OCfT87w8lx9uCS1wXe9g1RESeEC9NTlOlMg8cseWKiaCUQ5Mo4r/ zTErQl0pNBeLa3wHAlCOMSmGBMO/Oq2IE7FJX7ZF8Aoo9elWrkaRoTNdM9jvxsEs cl8j/YGWV0SY0EtEDrzZqs/pWNgWkQ6+uAZnJ3KqTkGBW8BQMriNYGmvrhoX6gdu Zq7roNg3OZuE0+fdajnq -----END CERTIFICATE-----Generated at Wed Nov 5 09:37:49 2025 by rpki-client