Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft
File:                     LXIEYXNU1wUjtvZaJwcStrGdgV4.mft (raw, json)
Hash identifier:          3RGsobkez91+SeZuvY3p4ORVzInnFmoJ9jqiuLWfsxY=
Subject key identifier:   8F:B2:4E:0D:84:0F:96:0E:B9:E5:37:63:48:52:37:10:2D:DB:46:37
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Certificate issuer:       /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial:       0E6E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft
Manifest number:          0E1F
Signing time:             Thu 16 Apr 2026 17:32:40 +0000
Manifest this update:     Thu 16 Apr 2026 17:32:40 +0000
Manifest next update:     Sat 18 Apr 2026 17:32:40 +0000
Files and hashes:         1: 0Yo-A-NRvhxwfZMnNHKdkurBspY.roa (hash: RpbWtGY506zgMpKYDlfJZLVWfHe7LhJIfoSW1QYFHHM=)
                          2: 0rtrKc7d2DygJQGg2P035nk87YA.roa (hash: sS4dBmOMhTiLWLhPPAF0E3KJkpjq+UG2+r1wPdJiXHA=)
                          3: DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa (hash: M7DNC5f/ZNgNXYOcgP3RHvZDM8IuBzJhvvvGLFmDf0M=)
                          4: KvfHidfL35UNVHaj2OJ_aKbDFiA.roa (hash: u/tjCfTVMjj8elrABLjqRRjZGm8/5TsNdNsC8yCc/+8=)
                          5: LXIEYXNU1wUjtvZaJwcStrGdgV4.crl (hash: hR9T3mF2LK/Tb6QRd8ackIuoQJDF/BSwu3FnmMa1dJ0=)
                          6: lbTXhpc-PphvuF5T7_lIYOkb-58.roa (hash: JFJKz6OKwZtTyvKP6x64uAfNpsCJQdTvv9+MYDjLpsQ=)
                          7: r2choGTJGYsSXHS-Xn5Qj76Y4IE.roa (hash: kP87ivg8MG8uJed5an9d3lP+8UPSLgD4yKsotvXusBc=)
                          8: vbt-4D_wxqZhYYQXKalT3heZpj0.roa (hash: Hl9ilN5bQmICMa74omOoP/SVm33vEMFbfB8GNLU+cAY=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3694 (0xe6e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
        Validity
            Not Before: Apr 16 17:32:40 2026 GMT
            Not After : Aug 22 08:14:28 2026 GMT
        Subject: CN=8FB24E0D840F960EB9E53763485237102DDB4637
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:26:2f:a2:8e:26:81:03:aa:24:8f:e4:9f:7f:
                    81:98:f3:97:3c:da:8e:dc:ed:8f:03:07:1d:77:b1:
                    5a:49:c3:3d:f6:ef:84:88:f6:28:be:4c:43:e9:74:
                    29:fe:59:b0:99:b7:cc:21:76:35:21:ef:53:e0:4a:
                    30:6c:f6:e4:d4:44:e6:51:a9:22:17:c8:98:9d:d2:
                    87:9b:6f:fc:cf:be:23:a7:d1:97:b0:d7:fe:89:b7:
                    9b:54:a3:f5:56:00:58:23:71:00:41:67:8a:b5:1c:
                    d3:bc:97:ea:30:2f:20:a3:dc:ea:94:57:05:cd:87:
                    f1:49:35:69:a0:64:11:9c:b5:d4:09:25:22:a6:cf:
                    82:72:2a:b6:21:f1:75:01:80:0b:b2:12:0d:d6:55:
                    ca:f1:91:ac:80:bf:8d:bd:91:fa:d1:3c:8f:42:60:
                    e4:2c:05:f5:95:67:86:d7:85:a4:24:6d:9d:9a:f5:
                    fd:f5:90:c1:03:80:9a:33:8a:f6:ec:ba:d2:f5:62:
                    f9:24:e5:05:3e:f2:a9:ec:e7:5e:b9:30:d8:69:f1:
                    98:b3:30:4c:50:98:22:9c:78:ce:2f:0c:01:02:69:
                    68:f3:3a:47:47:ae:85:ed:d9:68:6f:ff:6f:ce:04:
                    ea:48:68:fd:a4:53:2c:fc:ba:fd:17:05:49:55:16:
                    32:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:B2:4E:0D:84:0F:96:0E:B9:E5:37:63:48:52:37:10:2D:DB:46:37
            X509v3 Authority Key Identifier:
                keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:c5:7a:00:6c:13:90:24:73:14:42:7c:7e:d1:5a:52:26:62:
         c2:b9:e3:1f:e6:8e:bd:88:2e:32:f1:96:02:aa:c8:dd:18:d9:
         2a:2e:5a:ef:9f:4f:2a:f0:eb:78:1a:cb:88:af:6d:2f:e4:b7:
         36:17:8e:ee:76:0b:d0:41:2a:33:5d:3a:08:b1:7d:88:80:fd:
         16:d1:7e:e8:1a:f1:53:74:ba:ce:4b:2e:b0:0c:1b:e6:44:e7:
         49:b2:ea:dc:26:af:c8:0a:b2:71:39:58:64:9b:43:f1:98:2f:
         55:f6:4c:8f:7d:e0:cd:b6:dc:c6:3e:14:fb:7a:59:a3:8e:19:
         96:36:16:51:ff:e8:87:78:9b:1c:db:f7:2e:87:83:ee:a1:08:
         f4:8c:6a:c0:19:3f:60:7c:85:51:0e:e5:42:4e:70:2e:3a:e2:
         1e:e8:42:97:c9:43:40:a8:24:6c:2b:b6:f4:e2:62:83:64:fb:
         0a:9a:d8:d4:0a:ad:d1:b8:36:1d:06:74:58:0e:50:b0:93:97:
         2d:7e:fe:ff:9b:24:7f:eb:dc:e7:28:18:4c:0c:94:ff:76:0d:
         e9:61:33:e4:b4:af:8b:cd:61:b6:45:fb:46:96:3b:d5:4b:85:
         78:30:a6:15:81:c8:99:fe:77:da:33:b7:78:5a:8c:d1:58:ba:
         82:97:8c:ce
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgICDm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNjA0MTYx
NzMyNDBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDhGQjI0RTBEODQwRjk2
MEVCOUU1Mzc2MzQ4NTIzNzEwMkREQjQ2MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzJi+ijiaBA6okj+Sff4GY85c82o7c7Y8DBx13sVpJwz3274SI
9ii+TEPpdCn+WbCZt8whdjUh71PgSjBs9uTUROZRqSIXyJid0oebb/zPviOn0Zew
1/6Jt5tUo/VWAFgjcQBBZ4q1HNO8l+owLyCj3OqUVwXNh/FJNWmgZBGctdQJJSKm
z4JyKrYh8XUBgAuyEg3WVcrxkayAv429kfrRPI9CYOQsBfWVZ4bXhaQkbZ2a9f31
kMEDgJozivbsutL1Yvkk5QU+8qns5165MNhp8ZizMExQmCKceM4vDAECaWjzOkdH
roXt2Whv/2/OBOpIaP2kUyz8uv0XBUlVFjLLAgMBAAGjggIBMIIB/TAdBgNVHQ4E
FgQUj7JODYQPlg655TdjSFI3EC3bRjcwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xYSUVZWE5VMXdVanR2WmFKd2NTdHJH
ZGdWNC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB
/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQB1xXoAbBOQ
JHMUQnx+0VpSJmLCueMf5o69iC4y8ZYCqsjdGNkqLlrvn08q8Ot4GsuIr20v5Lc2
F47udgvQQSozXToIsX2IgP0W0X7oGvFTdLrOSy6wDBvmROdJsurcJq/ICrJxOVhk
m0PxmC9V9kyPfeDNttzGPhT7elmjjhmWNhZR/+iHeJsc2/cuh4PuoQj0jGrAGT9g
fIVRDuVCTnAuOuIe6EKXyUNAqCRsK7b04mKDZPsKmtjUCq3RuDYdBnRYDlCwk5ct
fv7/myR/69znKBhMDJT/dg3pYTPktK+LzWG2RftGljvVS4V4MKYVgciZ/nfaM7d4
WozRWLqCl4zO
-----END CERTIFICATE-----