$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft File: O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft (raw, json) Hash identifier: 9Qe5TS9x0h0rttkWboPrJqqmBHEDwwX+7vdNW+VMIhw= Subject key identifier: 09:E3:94:D0:E0:D6:A4:CD:B8:E9:63:53:BF:A6:5E:0B:46:4C:7E:2A Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Certificate serial: 0E4A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft Manifest number: 0D91 Signing time: Sun 10 Aug 2025 05:40:29 +0000 Manifest this update: Sun 10 Aug 2025 05:40:29 +0000 Manifest next update: Tue 12 Aug 2025 05:40:29 +0000 Files and hashes: 1: 2UAPjEWfdYV6XfKtO6FdpJTyQD4.roa (hash: /rIczceKdRVLPMIyAMLWjK8QRU+2sOTWQdUsCLGNC2w=) 2: 2WWlahOBvc9mQABYIR9qChuP6Nk.roa (hash: NbG7iG00GjS6epNTqSH9xBURnikEUvUkzNWl/FGT9wA=) 3: 3h9AhrduvQy6-JZtguDPvJXsDmU.roa (hash: my8eD21PjxwbVTBgmaxfryfhQQe3ZAldo6n/XNPUnhc=) 4: 8iFG-3Xivr4B1S8nDDzzrC-gvA4.roa (hash: kxx0lh20Al2X8TZ28qHiWvNVTTEM4ioQUugaJy1tGFo=) 5: 97E0AfMCMdrk5t95WkWmr8sk9eo.roa (hash: xDjX+J2adR+3KiFlExvKuT/BcSMUrea9Q/rxOzgvUh0=) 6: FdsellRQtbWIN2yGAmBjTCQPdZA.roa (hash: GW+VjOQZnGLolwqmi9tGksnQrEVOaA6nlnnmdtl7nFY=) 7: GDBlaIVU81HsutM3S94EGYXc0e4.roa (hash: v694n1H8lmMweS6xaELimPeEwNdmJmJeSO45xF4D9TQ=) 8: O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl (hash: 1HWMDi4HJvz5ADcKffOX9M9HQxUB09Vl84QXA3fUw1w=) 9: QKAfJxAKn1AdheRDAVtmWBh6daY.roa (hash: ci7ykUH5wFM9ICcoyPtWPnEsTbYuh3ApCufhapRRXcQ=) 10: QVvcaqFVHOwW374k_9n_yDthk4I.roa (hash: TA6ww9Ny8ZecSv1JVildNA/L32Lo8pe0NKv2uVQUMTU=) 11: R4RNvqK3zeNV1UUhvQvb6hpI-es.roa (hash: itG+2YAFAoire39NYB61+XMdWeOW50oqCY7qdIa4WwI=) 12: S2DS8qDIQbgH3m_eHwzVryTS9sE.roa (hash: qllFWUXW2kLsBDNSh5pKgEg7WzH+DrQjHeaXDoafzuo=) 13: T6H9y9Km6MH8OoRzI12CGxjtpok.roa (hash: LwCVU1JqO2GTX/MTF9xCa7lzhAvZXWGejWNNeoULPMo=) 14: gR3C8jDz194Cbxjd-U58gU_DqpM.roa (hash: vs7HAosiCl7V5+W8yUjg+jh0JsFus/GRa+VZSsAISIA=) 15: gUk-OBsEE6oDIESnknna3BS0TiA.roa (hash: uoDpdfHqIhJ4LiqtY+M19aiHHy1Hq0SGkNjWo9uOEsE=) 16: jZkof-vCKyGg9WbV9O8ukzbgveA.roa (hash: JdxJkGDfKtZRgQcWwatcyvQF6UajsHnkIh1b5Tv5xc4=) 17: jgfYg51U3e9y4asxZTdIvIAvseM.roa (hash: SD9ZDG+vY5JR9s1cVfPheKzm90+mB/SbI/nXYPe9C+c=) 18: loCtoeZABwiy1G9MTfHiqDJWSfA.roa (hash: 8G7m8McWjPyYUNV0ByWRZ7Nm+FmTd1IF/5pv5mH6tV4=) 19: lzWNhyd8XholmqsAbiYE0BWZ0hM.roa (hash: 85NoxaUF3APyB58yusEFBNgEKXYj8LHSmmmgZ8tgyEs=) 20: ojOeBq1k6DI3bkqYueCKIPkeyNg.roa (hash: mSkQdHb64Qa+FZe/Mxp3eFnCEWVKRyIOHJyN117xEF4=) 21: rlnNTfi40vQo6aLGX41Bf6yyOM8.roa (hash: al8gizMkR/ihrprlqD7p5dnbxfh8eOGY9P6JL+1gVlI=) 22: yRSx7igzyvU1Xt8n5IsAkkt7aFw.roa (hash: bo8YbhEQ+jONdPxASh8b5szJWVef+c7Y4zIzGjXvqfo=) 23: ydCdCSAFNPj9LQf5sdB3AS7NnOc.roa (hash: BC3S698icd8XutbzOglygy5skPHsOj+fw8VBbrHXJko=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 Aug 2025 14:41:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3658 (0xe4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3 Validity Not Before: Aug 10 05:40:29 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=09E394D0E0D6A4CDB8E96353BFA65E0B464C7E2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:68:21:ff:2f:7f:7e:0a:f0:22:fb:b4:01:88: dd:dc:76:b5:be:28:fc:86:b9:f8:4e:62:4e:3f:41: 47:c6:6c:01:dd:22:5a:51:ef:cc:dc:41:b3:14:c8: f4:4b:1b:6d:db:dd:10:ac:c0:12:9c:5b:de:48:ec: 19:b4:b4:ed:19:18:34:70:35:aa:93:27:63:1b:4a: ad:59:3f:6e:66:f5:44:5c:c3:4d:d2:7b:c6:38:08: 99:67:6b:fa:ac:56:fc:b1:d0:c3:9c:f7:87:86:ed: 5c:ed:7f:a4:56:1a:28:03:78:7d:3a:f6:bc:91:49: ae:fa:bd:b5:46:1d:16:bf:f0:43:89:37:fb:03:60: 83:c8:8d:4e:8b:ac:ac:99:55:9c:d3:26:3d:cf:79: d3:8c:c5:38:3f:86:d4:29:06:cf:a7:e4:1a:45:9c: a2:ea:4e:25:ab:0c:d4:f0:79:89:c8:0a:46:f5:43: 79:e8:96:4c:25:ca:54:e5:ec:ec:a2:24:11:0e:fd: 50:d6:9e:60:67:70:01:a5:13:fc:45:2f:b5:8e:1e: 2e:8b:3f:98:98:18:86:3d:53:c5:05:f4:ee:3c:55: 46:d8:14:a9:b3:d7:fe:d8:c0:5f:b9:df:3d:f2:34: a5:1a:a6:98:45:30:7b:a3:3d:f7:7b:d9:de:18:f4: bf:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:E3:94:D0:E0:D6:A4:CD:B8:E9:63:53:BF:A6:5E:0B:46:4C:7E:2A X509v3 Authority Key Identifier: keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:ed:cb:45:c7:94:cf:84:0a:e1:cb:8f:fa:bc:6a:1b:1f:64: 1b:ba:c7:c4:93:ad:b5:35:c7:27:54:19:80:81:8b:fa:9b:86: 18:64:bc:b9:cb:48:b8:48:f4:69:62:e1:c5:ca:59:1e:8a:98: cf:93:08:a2:ce:38:6f:8c:5d:ce:f0:0f:b7:f5:4a:c0:28:5e: 7b:4d:b7:49:25:7c:63:a7:46:1f:e3:4b:68:dd:86:73:1c:7f: d2:0d:a9:1c:a9:e4:54:0f:ae:40:99:6c:ca:df:ad:b2:6c:20: 11:99:c5:78:01:fd:ba:0d:b5:1c:34:1d:4b:1c:b3:b0:0e:3d: e5:ee:1a:67:01:d4:b3:58:ef:80:0b:65:77:0c:cc:04:17:08: 1e:22:39:ce:7f:1b:5c:24:7e:7d:70:af:dd:d4:56:46:0d:7a: 37:ef:10:c4:ca:65:f0:42:9c:c5:69:58:37:3c:7c:4b:4d:a6: 0c:be:80:9d:a6:37:68:ce:2d:f1:3a:eb:97:9b:a1:93:88:b2: 41:7a:6e:0f:12:16:a5:7b:e8:4c:96:27:84:a4:4e:4c:fb:28: f6:ae:3e:17:6f:e1:f7:aa:80:03:52:a3:b1:46:3a:67:cd:34: bc:ab:2b:64:d7:6d:c4:e9:67:6c:73:94:ad:71:75:c3:31:ef: 35:e7:c6:0e -----BEGIN CERTIFICATE----- MIIE6TCCA9GgAwIBAgICDkowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MTAw NTQwMjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA5RTM5NEQwRTBENkE0 Q0RCOEU5NjM1M0JGQTY1RTBCNDY0QzdFMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqaCH/L39+CvAi+7QBiN3cdrW+KPyGufhOYk4/QUfGbAHdIlpR 78zcQbMUyPRLG23b3RCswBKcW95I7Bm0tO0ZGDRwNaqTJ2MbSq1ZP25m9URcw03S e8Y4CJlna/qsVvyx0MOc94eG7Vztf6RWGigDeH069ryRSa76vbVGHRa/8EOJN/sD YIPIjU6LrKyZVZzTJj3PedOMxTg/htQpBs+n5BpFnKLqTiWrDNTweYnICkb1Q3no lkwlylTl7OyiJBEO/VDWnmBncAGlE/xFL7WOHi6LP5iYGIY9U8UF9O48VUbYFKmz 1/7YwF+53z3yNKUapphFMHujPfd72d4Y9L+LAgMBAAGjggIFMIICATAdBgNVHQ4E FgQUCeOU0ODWpM246WNTv6ZeC0ZMfiowHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+ q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9PLWJHVVRVT2o2SDhmUW8tcTgt WS1Cc3hHZE0ubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYBBQUH AQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhu3L RceUz4QK4cuP+rxqGx9kG7rHxJOttTXHJ1QZgIGL+puGGGS8uctIuEj0aWLhxcpZ HoqYz5MIos44b4xdzvAPt/VKwChee023SSV8Y6dGH+NLaN2Gcxx/0g2pHKnkVA+u QJlsyt+tsmwgEZnFeAH9ug21HDQdSxyzsA495e4aZwHUs1jvgAtldwzMBBcIHiI5 zn8bXCR+fXCv3dRWRg16N+8QxMpl8EKcxWlYNzx8S02mDL6AnaY3aM4t8Trrl5uh k4iyQXpuDxIWpXvoTJYnhKROTPso9q4+F2/h96qAA1KjsUY6Z800vKsrZNdtxOln bHOUrXF1wzHvNefGDg== -----END CERTIFICATE-----Generated at Mon Aug 11 10:37:56 2025 by rpki-client