$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/x1hCDPdi5IrXyqYOs53NYisftPY.cer File: x1hCDPdi5IrXyqYOs53NYisftPY.cer (raw, json) Hash identifier: vaoThMPKg7pmpFLt5kEyU6aYDpnN/ULpjhahAgQJM44= Subject key identifier: C7:58:42:0C:F7:62:E4:8A:D7:CA:A6:0E:B3:9D:CD:62:2B:1F:B4:F6 Authority key identifier: 14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 Certificate issuer: /CN=A91BDB290000/serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Certificate serial: 19B7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/x1hCDPdi5IrXyqYOs53NYisftPY.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Mon 10 Feb 2025 14:29:26 +0000 Certificate not after: Sat 10 Jan 2026 15:30:20 +0000 Subordinate resources: IP: 161.248.160.0/23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 18:21:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6583 (0x19b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=1431392F2FA6D18F66741E2EA1AEEA1781861743 Validity Not Before: Feb 10 14:29:26 2025 GMT Not After : Jan 10 15:30:20 2026 GMT Subject: CN=C758420CF762E48AD7CAA60EB39DCD622B1FB4F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:b4:24:eb:b9:99:8b:ac:2f:15:fe:8d:a2:ae: c0:21:1f:b2:92:65:c6:45:a7:e9:73:30:32:a9:3d: bc:46:71:7a:65:dd:48:8a:7f:57:32:bf:40:40:90: 41:a2:0b:5d:ec:0d:4e:9e:c6:37:c3:52:d7:ec:56: a4:a0:73:ac:f2:bf:db:fc:35:e4:0f:64:a6:ce:f2: 81:25:54:c5:ee:2d:f6:dc:27:fa:f1:39:99:28:25: 88:01:d8:a6:a1:bf:a3:68:7f:75:99:69:b1:9c:0a: 19:1e:51:9e:f4:26:a0:44:ef:b3:73:9e:d9:4a:92: 83:7e:6a:e9:15:61:3e:e8:5b:35:e2:41:8c:2a:bf: 44:d4:4a:c4:87:2d:29:b5:1c:ad:5f:11:68:7d:37: 0f:72:b4:81:b0:87:f4:96:1e:74:ac:c7:ae:6d:2d: bc:d5:6c:b3:e1:bd:56:e5:ea:9c:a2:14:5f:47:a4: c7:91:6a:54:5e:a0:ba:6f:07:59:96:9d:e1:51:be: d2:b7:e9:9d:64:66:9c:3e:d1:84:40:b1:43:e9:b7: 4d:6f:bf:08:ba:1b:28:11:21:c8:dc:7b:ca:f9:54: d3:b4:e9:09:71:7a:bf:bf:b1:3c:a7:a7:52:0e:73: 4c:b7:f1:9d:f1:4d:d8:bd:40:fb:da:4a:c8:00:00: 28:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:58:42:0C:F7:62:E4:8A:D7:CA:A6:0E:B3:9D:CD:62:2B:1F:B4:F6 X509v3 Authority Key Identifier: keyid:14:31:39:2F:2F:A6:D1:8F:66:74:1E:2E:A1:AE:EA:17:81:86:17:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/x1hCDPdi5IrXyqYOs53NYisftPY.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 161.248.160.0/23 Signature Algorithm: sha256WithRSAEncryption 1e:16:22:36:32:5a:c1:60:06:6c:96:1b:a4:a6:9d:04:75:7a: ed:03:a0:73:0f:03:5a:78:44:4e:74:a7:81:9a:03:fb:02:0c: 4a:63:6a:2c:e1:36:04:29:5f:90:8f:c3:b7:39:29:f9:49:fe: 57:74:c1:ab:4e:98:fd:45:de:df:92:ca:09:47:f4:42:6c:fd: 5c:f6:3d:11:0a:4a:62:65:2c:f2:a6:b0:f5:1a:a0:c6:42:8f: f5:6e:1c:c0:4b:b2:f6:81:fb:97:df:8a:ed:da:ac:25:4c:09: 9b:97:5f:c4:ba:cd:bd:7b:ec:de:95:20:da:8c:40:c7:1b:cd: 3d:7c:55:ec:73:a2:61:78:93:b5:6a:7d:2d:0f:af:38:03:06: 42:54:52:c6:eb:67:b8:2d:d7:96:46:61:9b:f8:e0:94:99:5e: 46:bf:09:51:1f:65:66:43:7a:98:4d:24:15:f4:e2:1e:a3:e9: 5a:4d:10:22:b9:4a:4a:b4:51:bf:24:be:69:65:96:bd:29:b7: ee:7f:29:07:3e:3e:2a:16:e3:9b:61:40:0d:2c:f6:6f:68:01: c7:04:b8:f0:11:1d:7a:8f:2d:f1:c8:4b:37:a1:dc:22:e3:d7: cb:1c:58:5c:bd:2f:86:3b:e5:ed:fe:ad:00:eb:1f:2d:79:b9: ed:4d:e9:40 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgICGbcwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEygxNDMxMzkyRjJGQTZEMThGNjY3NDFFMkVBMUFF RUExNzgxODYxNzQzMB4XDTI1MDIxMDE0MjkyNloXDTI2MDExMDE1MzAyMFowMzEx MC8GA1UEAxMoQzc1ODQyMENGNzYyRTQ4QUQ3Q0FBNjBFQjM5RENENjIyQjFGQjRG NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO60JOu5mYusLxX+jaKu wCEfspJlxkWn6XMwMqk9vEZxemXdSIp/VzK/QECQQaILXewNTp7GN8NS1+xWpKBz rPK/2/w15A9kps7ygSVUxe4t9twn+vE5mSgliAHYpqG/o2h/dZlpsZwKGR5RnvQm oETvs3Oe2UqSg35q6RVhPuhbNeJBjCq/RNRKxIctKbUcrV8RaH03D3K0gbCH9JYe dKzHrm0tvNVss+G9VuXqnKIUX0ekx5FqVF6gum8HWZad4VG+0rfpnWRmnD7RhECx Q+m3TW+/CLobKBEhyNx7yvlU07TpCXF6v7+xPKenUg5zTLfxnfFN2L1A+9pKyAAA KGMCAwEAAaOCAkowggJGMB0GA1UdDgQWBBTHWEIM92LkitfKpg6znc1iKx+09jAf BgNVHSMEGDAWgBQUMTkvL6bRj2Z0Hi6hruoXgYYXQzAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9GREU1THktbTBZOW1kQjR1b2E3cUY0R0dGME0uY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYy L0ZERTVMeS1tMFk5bWRCNHVvYTdxRjRHR0YwTS5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdAGCCsGAQUFBwELBIHDMIHAMDUGCCsGAQUFBzAF hilyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1RXLzBUBggr BgEFBQcwCoZIcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NU Vy94MWhDRFBkaTVJclh5cVlPczUzTllpc2Z0UFkubWZ0MDEGCCsGAQUFBzANhiVo dHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEH AQH/BBAwDjAMBAIAATAGAwQBofigMA0GCSqGSIb3DQEBCwUAA4IBAQAeFiI2MlrB YAZslhukpp0EdXrtA6BzDwNaeEROdKeBmgP7AgxKY2os4TYEKV+Qj8O3OSn5Sf5X dMGrTpj9Rd7fksoJR/RCbP1c9j0RCkpiZSzyprD1GqDGQo/1bhzAS7L2gfuX34rt 2qwlTAmbl1/Eus29e+zelSDajEDHG809fFXsc6JheJO1an0tD684AwZCVFLG62e4 LdeWRmGb+OCUmV5GvwlRH2VmQ3qYTSQV9OIeo+laTRAiuUpKtFG/JL5pZZa9Kbfu fykHPj4qFuObYUANLPZvaAHHBLjwER16jy3xyEs3odwi49fLHFhcvS+GO+Xt/q0A 6x8tebntTelA -----END CERTIFICATE-----Generated at Thu May 8 14:45:08 2025 by rpki-client