$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KINGNET/NZe5GdSmUub2ef4Tipc0BP8AT2U.mft File: NZe5GdSmUub2ef4Tipc0BP8AT2U.mft (raw, json) Hash identifier: f3ChSNH4RKtvsd/j4WlbhSZ1FJdLZKPwH8NaseyxztU= Subject key identifier: 8B:8E:C6:45:00:93:D9:CE:01:EB:B1:E5:06:24:3A:84:58:41:09:52 Authority key identifier: 35:97:B9:19:D4:A6:52:E6:F6:79:FE:13:8A:97:34:04:FF:00:4F:65 Certificate issuer: /CN=3597B919D4A652E6F679FE138A973404FF004F65 Certificate serial: 0CB5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NZe5GdSmUub2ef4Tipc0BP8AT2U.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KINGNET/NZe5GdSmUub2ef4Tipc0BP8AT2U.mft Manifest number: 0CB5 Signing time: Sat 19 Apr 2025 09:49:41 +0000 Manifest this update: Sat 19 Apr 2025 09:49:41 +0000 Manifest next update: Mon 21 Apr 2025 09:49:41 +0000 Files and hashes: 1: NZe5GdSmUub2ef4Tipc0BP8AT2U.crl (hash: JowQkIqSvSIWbrM8JfMMVKZMyoo13P40+JePgmULdIE=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KINGNET/NZe5GdSmUub2ef4Tipc0BP8AT2U.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KINGNET/NZe5GdSmUub2ef4Tipc0BP8AT2U.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/NZe5GdSmUub2ef4Tipc0BP8AT2U.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 00:18:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3253 (0xcb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3597B919D4A652E6F679FE138A973404FF004F65 Validity Not Before: Apr 19 09:49:41 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=8B8EC6450093D9CE01EBB1E506243A8458410952 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ca:b8:83:ed:54:a0:21:ea:d7:5f:49:8d:54: f8:29:5b:cf:19:4d:91:7a:c4:a1:ab:53:99:89:a0: 22:89:be:2e:00:13:93:15:80:0d:eb:26:0d:96:f0: 84:d8:a3:02:90:c6:a7:72:e1:f1:a8:63:d2:7f:e0: f9:bd:cc:b3:e4:0a:f3:55:12:4c:77:df:22:62:03: 51:38:03:39:24:23:f7:bc:b3:4d:75:89:93:d6:94: 76:24:39:da:cd:4a:76:c3:9b:f6:c1:50:ac:05:c6: 94:28:80:0f:ae:29:21:ce:f4:54:33:6d:68:92:2c: c4:4a:37:f5:5a:51:89:28:f0:7e:ab:3a:60:d5:f3: e8:55:05:9f:85:9b:9f:ea:81:c2:ee:18:1d:9c:07: de:4c:57:1f:97:01:30:cf:79:6d:07:71:53:41:15: 40:2f:5d:ac:2d:09:bb:29:c5:c6:2e:e0:a6:8d:31: 10:16:8c:d2:c3:96:34:17:5d:81:a7:66:0c:5b:97: ac:62:35:41:88:cd:eb:60:b3:3d:b8:70:36:89:d9: 2a:68:9e:47:8f:11:4c:88:ff:f1:d9:3b:15:2b:16: 66:26:ef:c5:06:33:ba:40:27:5d:44:f9:0a:15:03: d1:4e:2a:b3:f1:91:6c:6b:9b:39:24:21:24:da:e8: b8:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:8E:C6:45:00:93:D9:CE:01:EB:B1:E5:06:24:3A:84:58:41:09:52 X509v3 Authority Key Identifier: keyid:35:97:B9:19:D4:A6:52:E6:F6:79:FE:13:8A:97:34:04:FF:00:4F:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KINGNET/NZe5GdSmUub2ef4Tipc0BP8AT2U.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NZe5GdSmUub2ef4Tipc0BP8AT2U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KINGNET/NZe5GdSmUub2ef4Tipc0BP8AT2U.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:8b:6d:f0:ab:aa:ce:e0:11:a2:c6:32:4f:55:fd:e8:7f:02: 04:c0:1b:07:69:a7:94:d3:a3:06:bd:55:e2:6b:05:07:31:12: 45:97:98:d9:3e:91:2f:2d:a9:bd:91:16:3f:c7:33:c2:eb:70: f8:c2:14:89:6e:3a:7c:a9:8c:d6:8e:05:6b:0f:16:14:46:c7: b1:bb:c4:aa:c7:6d:ea:d7:7a:81:ba:c8:4c:95:fb:df:bd:c5: 68:0f:76:cb:f4:b0:42:76:c0:69:df:08:fb:fc:ef:ac:87:ce: 72:b7:dd:5f:48:73:a9:5e:26:c2:da:b7:cb:6a:5c:64:00:cc: 80:5d:06:7a:b2:ca:62:11:69:55:5f:51:51:4e:e4:55:57:57: d3:94:c4:c8:f2:d9:e9:b1:60:1e:5c:24:4a:22:37:0f:bc:37: 84:55:ac:67:b3:fb:9f:ad:24:57:63:ec:1d:1f:ad:5a:81:ec: 9d:80:38:c8:5c:3b:0c:dd:33:ce:32:58:e5:e9:e6:75:70:4b: c1:5b:b5:ff:79:47:9e:b1:3d:4f:0f:68:00:af:1d:43:c0:2e: 65:b6:f3:ac:5b:52:aa:e8:eb:87:e6:e7:ff:97:87:bf:f5:0f: 0a:f1:77:4b:83:15:50:cc:c8:4f:ab:fe:33:60:ce:c4:6f:19: 5d:47:5b:89 -----BEGIN CERTIFICATE----- MIIE7TCCA9WgAwIBAgICDLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzU5 N0I5MTlENEE2NTJFNkY2NzlGRTEzOEE5NzM0MDRGRjAwNEY2NTAeFw0yNTA0MTkw OTQ5NDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhCOEVDNjQ1MDA5M0Q5 Q0UwMUVCQjFFNTA2MjQzQTg0NTg0MTA5NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmyriD7VSgIerXX0mNVPgpW88ZTZF6xKGrU5mJoCKJvi4AE5MV gA3rJg2W8ITYowKQxqdy4fGoY9J/4Pm9zLPkCvNVEkx33yJiA1E4AzkkI/e8s011 iZPWlHYkOdrNSnbDm/bBUKwFxpQogA+uKSHO9FQzbWiSLMRKN/VaUYko8H6rOmDV 8+hVBZ+Fm5/qgcLuGB2cB95MVx+XATDPeW0HcVNBFUAvXawtCbspxcYu4KaNMRAW jNLDljQXXYGnZgxbl6xiNUGIzetgsz24cDaJ2SponkePEUyI//HZOxUrFmYm78UG M7pAJ11E+QoVA9FOKrPxkWxrmzkkISTa6LgjAgMBAAGjggIJMIICBTAdBgNVHQ4E FgQUi47GRQCT2c4B67HlBiQ6hFhBCVIwHwYDVR0jBBgwFoAUNZe5GdSmUub2ef4T ipc0BP8AT2UwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0lOR05F VC9OWmU1R2RTbVV1YjJlZjRUaXBjMEJQOEFUMlUuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL05aZTVHZFNtVXViMmVmNFRpcGMwQlA4QVQyVS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0tJTkdORVQvTlplNUdkU21VdWIyZWY0 VGlwYzBCUDhBVDJVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsG AQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEB AJyLbfCrqs7gEaLGMk9V/eh/AgTAGwdpp5TTowa9VeJrBQcxEkWXmNk+kS8tqb2R Fj/HM8LrcPjCFIluOnypjNaOBWsPFhRGx7G7xKrHberXeoG6yEyV+9+9xWgPdsv0 sEJ2wGnfCPv876yHznK33V9Ic6leJsLat8tqXGQAzIBdBnqyymIRaVVfUVFO5FVX V9OUxMjy2emxYB5cJEoiNw+8N4RVrGez+5+tJFdj7B0frVqB7J2AOMhcOwzdM84y WOXp5nVwS8Fbtf95R56xPU8PaACvHUPALmW286xbUqro64fm5/+Xh7/1Dwrxd0uD FVDMyE+r/jNgzsRvGV1HW4k= -----END CERTIFICATE-----Generated at Sun Apr 20 21:18:17 2025 by rpki-client