Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.mft
File:                     paasOO5ow2TPeRiPBkJ-nHZtTBo.mft (raw, json)
Hash identifier:          10M0etmXV+GAeTq1bdKL33+Dgig//jWCCRSRADbASp0=
Subject key identifier:   33:32:3B:FC:44:4C:8F:10:31:AF:8A:F5:A8:65:57:05:2A:54:31:3D
Authority key identifier: A5:A6:AC:38:EE:68:C3:64:CF:79:18:8F:06:42:7E:9C:76:6D:4C:1A
Certificate issuer:       /CN=A5A6AC38EE68C364CF79188F06427E9C766D4C1A
Certificate serial:       0300
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/paasOO5ow2TPeRiPBkJ-nHZtTBo.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.mft
Manifest number:          02EF
Signing time:             Mon 21 Jul 2025 09:06:57 +0000
Manifest this update:     Mon 21 Jul 2025 09:06:57 +0000
Manifest next update:     Wed 23 Jul 2025 09:06:57 +0000
Files and hashes:         1: 0NxfwajRl_VqZWEhOAiUlAOjrLs.roa (hash: t48cSuQWkDQQ0gvpUqDQkCMKclQMOU0dhN7kGlB27Eg=)
                          2: WR6KjaUg4F2eUW5nvTRA6UDGklI.roa (hash: X95TPFkV15vZEOKgoxzo6Kq0l77Hw87saTpKsuDL0Ng=)
                          3: e4cS11r7A1qi-Z4OOuV3yI_-sr0.roa (hash: 1Qr/ghALqo14D2iZjk3DSlkitRmzR0PkMg/dgqDMHhM=)
                          4: paasOO5ow2TPeRiPBkJ-nHZtTBo.crl (hash: SpCQW1aWVfDptFS+Ox6hkmZQoyrnXBAKt/myOBip7xU=)
                          5: u6KzLPVrcE3cq_HAu1K8eMvEjFQ.roa (hash: +90+l24tJZ02R29Ud37cvx8VV4zxCNf8kAUCWjAqGYU=)
Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/paasOO5ow2TPeRiPBkJ-nHZtTBo.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 22 Jul 2025 09:36:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 768 (0x300)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5A6AC38EE68C364CF79188F06427E9C766D4C1A
        Validity
            Not Before: Jul 21 09:06:57 2025 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=33323BFC444C8F1031AF8AF5A86557052A54313D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e1:25:7e:e6:d6:f7:02:0e:63:5d:5c:72:3e:
                    23:11:dc:ee:cf:d2:be:cc:e4:52:09:90:ce:13:51:
                    50:df:b1:6d:d7:2c:8d:a5:6a:82:57:5b:f4:f3:99:
                    80:32:17:48:2f:13:55:cf:55:d3:fd:34:18:f2:21:
                    a5:cf:ff:c3:01:dc:46:db:71:d1:89:77:6d:b8:ba:
                    85:cc:a2:6d:d5:b9:29:e3:19:a8:78:72:16:2e:dd:
                    46:42:96:21:f2:05:14:5d:71:73:18:76:d9:eb:7d:
                    21:60:fd:86:c6:3f:51:8a:49:d2:46:86:9a:13:cd:
                    cd:10:43:98:d0:cb:bc:30:32:31:6b:99:a0:fd:1c:
                    c0:de:3b:a4:85:10:58:c5:76:a4:5a:cd:f2:11:e7:
                    15:69:92:68:a8:91:35:95:bf:af:5b:51:d7:2c:cf:
                    cb:9c:5f:2b:b0:06:98:b2:70:f9:ef:86:9d:70:2a:
                    dc:e5:ae:66:ac:0d:a1:e9:2b:7d:da:cf:2a:39:8f:
                    60:53:3c:75:8c:ce:b6:ca:52:11:af:1d:9b:70:54:
                    98:8e:72:4b:0b:8c:bc:bb:e5:c4:ca:e3:39:35:7e:
                    3b:d5:e0:39:b1:ea:40:40:0e:c8:fb:d4:0b:7a:b5:
                    fe:42:5e:b0:73:a8:af:8d:84:58:71:1b:65:79:3b:
                    6b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:32:3B:FC:44:4C:8F:10:31:AF:8A:F5:A8:65:57:05:2A:54:31:3D
            X509v3 Authority Key Identifier:
                keyid:A5:A6:AC:38:EE:68:C3:64:CF:79:18:8F:06:42:7E:9C:76:6D:4C:1A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/paasOO5ow2TPeRiPBkJ-nHZtTBo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:2e:69:d4:66:df:9b:d5:23:1b:57:04:f1:21:f3:5c:2a:70:
         f1:40:fa:a6:2b:68:53:b7:5c:93:43:9d:74:9e:d9:e3:f9:3d:
         30:f5:f5:2e:cb:12:7b:50:f9:f2:93:b8:fa:33:d2:75:cf:0c:
         da:25:3b:1e:2e:bf:17:0c:44:e0:f3:f9:b7:e1:8b:be:31:22:
         d6:8e:3c:b9:93:08:ab:8b:7a:6f:28:50:97:af:5d:4a:c5:0c:
         d9:9b:cd:8a:40:80:25:72:15:12:34:0f:71:e3:e5:14:21:5b:
         b1:81:8e:9f:56:e6:87:92:d3:63:1c:0a:3c:5f:32:f9:94:0c:
         7f:65:5e:b9:0c:84:6c:fb:46:32:f8:4f:71:0d:a4:5a:58:ab:
         ec:41:29:87:b2:4d:b2:0c:9b:b4:0d:2b:e1:1b:7a:39:06:4f:
         fb:d3:a5:6b:50:7b:98:99:de:e0:1f:a0:1d:07:47:75:39:4a:
         f3:b8:98:17:11:23:c6:e6:08:97:d0:90:50:46:47:45:c2:2c:
         b5:0b:74:f5:58:79:e2:46:90:92:67:3d:01:bc:bb:c6:7c:bc:
         f5:86:29:eb:b6:0e:5c:58:e2:8a:ff:0b:90:c2:32:f7:2c:5e:
         42:dc:4b:f2:54:61:dd:d9:e1:ad:b7:dc:be:60:45:db:72:46:
         83:f2:be:6b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgICAwAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTVB
NkFDMzhFRTY4QzM2NENGNzkxODhGMDY0MjdFOUM3NjZENEMxQTAeFw0yNTA3MjEw
OTA2NTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMzMzIzQkZDNDQ0QzhG
MTAzMUFGOEFGNUE4NjU1NzA1MkE1NDMxM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ4SV+5tb3Ag5jXVxyPiMR3O7P0r7M5FIJkM4TUVDfsW3XLI2l
aoJXW/TzmYAyF0gvE1XPVdP9NBjyIaXP/8MB3EbbcdGJd224uoXMom3VuSnjGah4
chYu3UZCliHyBRRdcXMYdtnrfSFg/YbGP1GKSdJGhpoTzc0QQ5jQy7wwMjFrmaD9
HMDeO6SFEFjFdqRazfIR5xVpkmiokTWVv69bUdcsz8ucXyuwBpiycPnvhp1wKtzl
rmasDaHpK33azyo5j2BTPHWMzrbKUhGvHZtwVJiOcksLjLy75cTK4zk1fjvV4Dmx
6kBADsj71At6tf5CXrBzqK+NhFhxG2V5O2v9AgMBAAGjggINMIICCTAdBgNVHQ4E
FgQUMzI7/ERMjxAxr4r1qGVXBSpUMT0wHwYDVR0jBBgwFoAUpaasOO5ow2TPeRiP
BkJ+nHZtTBowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQlJJQ0tT
SU5DL3BhYXNPTzVvdzJUUGVSaVBCa0otbkhadFRCby5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvcGFhc09PNW93MlRQZVJpUEJrSi1uSFp0VEJvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQlJJQ0tTSU5DL3BhYXNPTzVvdzJU
UGVSaVBCa0otbkhadFRCby5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAh
BggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCULmnUZt+b1SMbVwTxIfNcKnDxQPqmK2hTt1yTQ510ntnj+T0w9fUuyxJ7
UPnyk7j6M9J1zwzaJTseLr8XDETg8/m34Yu+MSLWjjy5kwiri3pvKFCXr11KxQzZ
m82KQIAlchUSNA9x4+UUIVuxgY6fVuaHktNjHAo8XzL5lAx/ZV65DIRs+0Yy+E9x
DaRaWKvsQSmHsk2yDJu0DSvhG3o5Bk/706VrUHuYmd7gH6AdB0d1OUrzuJgXESPG
5giX0JBQRkdFwiy1C3T1WHniRpCSZz0BvLvGfLz1hinrtg5cWOKK/wuQwjL3LF5C
3EvyVGHd2eGtt9y+YEXbckaD8r5r
-----END CERTIFICATE-----
Generated at Tue Jul 22 06:03:01 2025 by rpki-client