$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ONMORE/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.mft File: n-dA_Qxkkv7JLz5EzmNu4YuNNRc.mft (raw, json) Hash identifier: p2/gWeJvKmJg3MpLGxSP5ruXf58wng7xQZTd/fG2x3E= Subject key identifier: 1E:C7:21:23:E4:65:34:4F:84:D2:FE:29:F9:3E:7B:F5:CF:9C:9F:4D Authority key identifier: 9F:E7:40:FD:0C:64:92:FE:C9:2F:3E:44:CE:63:6E:E1:8B:8D:35:17 Certificate issuer: /CN=9FE740FD0C6492FEC92F3E44CE636EE18B8D3517 Certificate serial: 0D28 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ONMORE/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.mft Manifest number: 0D28 Signing time: Thu 08 May 2025 21:21:25 +0000 Manifest this update: Thu 08 May 2025 21:21:25 +0000 Manifest next update: Sat 10 May 2025 21:21:25 +0000 Files and hashes: 1: n-dA_Qxkkv7JLz5EzmNu4YuNNRc.crl (hash: yjq1oJgTdIhf5IS7aR0qUG88t9yS14tEtfgiUDD7pDo=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ONMORE/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ONMORE/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 10 May 2025 11:22:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3368 (0xd28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9FE740FD0C6492FEC92F3E44CE636EE18B8D3517 Validity Not Before: May 8 21:21:25 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1EC72123E465344F84D2FE29F93E7BF5CF9C9F4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:98:fc:f4:2b:c9:3f:10:90:3c:4f:2f:e1:61: 0c:e9:0d:dc:f4:4e:2e:05:8a:5f:5b:2c:20:5a:a5: 11:10:ec:6f:5d:0e:a3:83:43:05:13:d7:cf:60:c3: 6f:d8:4f:fb:ab:f2:33:5a:09:6c:38:99:c3:81:d5: a3:7b:68:1d:e8:f9:ab:57:a2:45:ab:29:3d:a5:68: e0:c1:0f:73:42:c6:39:21:15:23:49:a2:ef:93:d5: 1e:d0:50:a2:6c:d6:0f:a4:5c:43:7f:63:dc:42:da: c7:42:df:91:b3:cc:b7:d5:1b:a4:df:8f:f9:fa:fa: 46:24:0c:fe:e6:54:ae:76:3a:3b:dd:bb:5f:b8:f3: 6e:e6:38:ed:f0:e6:bd:57:37:06:ac:f7:1c:d8:af: a9:12:c4:31:67:76:7a:6f:ad:b4:b6:b8:10:23:78: 47:96:29:61:17:0c:60:87:6e:fc:e0:83:a9:f4:d3: ed:21:5f:91:42:76:b3:9b:1b:cd:c7:7c:0e:e4:5b: 26:6e:81:58:bc:1e:99:75:ae:32:0d:4a:98:4f:aa: 04:a4:0d:e1:14:9a:fe:08:e0:c2:db:30:e5:fe:80: 92:fb:4c:7e:1b:ff:d7:e5:a7:e2:7e:ed:73:2a:bb: 17:1a:ed:1c:09:f0:9a:bb:2a:01:bc:05:80:16:0d: 18:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:C7:21:23:E4:65:34:4F:84:D2:FE:29:F9:3E:7B:F5:CF:9C:9F:4D X509v3 Authority Key Identifier: keyid:9F:E7:40:FD:0C:64:92:FE:C9:2F:3E:44:CE:63:6E:E1:8B:8D:35:17 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ONMORE/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ONMORE/n-dA_Qxkkv7JLz5EzmNu4YuNNRc.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:ea:38:b5:25:93:e6:b8:10:bb:ef:8c:be:72:bf:04:de:3a: 99:e8:1a:25:17:b3:4c:17:54:7a:fb:ce:fd:53:04:94:23:7d: b4:eb:e1:ee:53:99:3e:26:7f:b8:4a:0c:28:2e:dd:be:1c:55: 9e:c9:4e:02:c4:a1:a8:5a:6a:6a:32:77:c5:e9:9e:d7:a2:c9: b1:42:a2:7d:62:0c:1a:4f:fc:18:b3:fb:e3:3c:52:b1:dd:94: 85:86:82:7e:be:c7:4a:2f:da:db:c8:b8:06:a0:89:54:cd:c8: cd:9f:da:41:17:e5:9f:d5:a1:32:39:9e:bf:aa:3b:44:6c:58: 7c:2b:b9:85:f6:88:be:68:7c:12:5d:1f:55:88:de:e2:9a:1d: 4f:7a:46:8a:a0:8d:c4:a4:8d:0d:2b:3f:d8:c9:e5:4c:3a:8e: 37:e7:97:9a:48:16:6f:1c:dd:7d:26:b3:70:67:23:7d:e1:5b: d0:d6:6f:ab:9c:b6:5c:d7:08:83:76:27:34:9d:14:09:18:3c: f4:1c:03:b9:87:49:2a:96:e3:52:5b:66:be:3b:62:a4:78:ba: 54:f3:71:37:5f:1a:e0:9f:3f:d3:df:30:55:8d:54:0f:d2:53: 1a:d1:ce:81:7f:03:42:32:1b:b9:00:ce:0c:1f:30:da:a4:3e: 3d:fa:84:e8 -----BEGIN CERTIFICATE----- MIIE6zCCA9OgAwIBAgICDSgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUZF NzQwRkQwQzY0OTJGRUM5MkYzRTQ0Q0U2MzZFRTE4QjhEMzUxNzAeFw0yNTA1MDgy MTIxMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFQzcyMTIzRTQ2NTM0 NEY4NEQyRkUyOUY5M0U3QkY1Q0Y5QzlGNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0mPz0K8k/EJA8Ty/hYQzpDdz0Ti4Fil9bLCBapREQ7G9dDqOD QwUT189gw2/YT/ur8jNaCWw4mcOB1aN7aB3o+atXokWrKT2laODBD3NCxjkhFSNJ ou+T1R7QUKJs1g+kXEN/Y9xC2sdC35GzzLfVG6Tfj/n6+kYkDP7mVK52Ojvdu1+4 827mOO3w5r1XNwas9xzYr6kSxDFndnpvrbS2uBAjeEeWKWEXDGCHbvzgg6n00+0h X5FCdrObG83HfA7kWyZugVi8Hpl1rjINSphPqgSkDeEUmv4I4MLbMOX+gJL7TH4b /9flp+J+7XMquxca7RwJ8Jq7KgG8BYAWDRjHAgMBAAGjggIHMIICAzAdBgNVHQ4E FgQUHschI+RlNE+E0v4p+T579c+cn00wHwYDVR0jBBgwFoAUn+dA/Qxkkv7JLz5E zmNu4YuNNRcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT05NT1JF L24tZEFfUXhra3Y3Skx6NUV6bU51NFl1Tk5SYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0Evbi1kQV9ReGtrdjdKTHo1RXptTnU0WXVOTlJjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvT05NT1JFL24tZEFfUXhra3Y3Skx6NUV6 bU51NFl1Tk5SYy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQCK 6ji1JZPmuBC774y+cr8E3jqZ6BolF7NMF1R6+879UwSUI3206+HuU5k+Jn+4Sgwo Lt2+HFWeyU4CxKGoWmpqMnfF6Z7XosmxQqJ9YgwaT/wYs/vjPFKx3ZSFhoJ+vsdK L9rbyLgGoIlUzcjNn9pBF+Wf1aEyOZ6/qjtEbFh8K7mF9oi+aHwSXR9ViN7imh1P ekaKoI3EpI0NKz/YyeVMOo4355eaSBZvHN19JrNwZyN94VvQ1m+rnLZc1wiDdic0 nRQJGDz0HAO5h0kqluNSW2a+O2KkeLpU83E3Xxrgnz/T3zBVjVQP0lMa0c6BfwNC Mhu5AM4MHzDapD49+oTo -----END CERTIFICATE-----Generated at Sat May 10 09:51:20 2025 by rpki-client