$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.mft File: YCy84y3XbQuzn1pwYyQkiGkRlDU.mft (raw, json) Hash identifier: aa4skXPM2bfBTrahbU+xXxoxryOzielqJGRLvIS0Bco= Subject key identifier: 1E:2B:4B:A2:9E:53:32:34:E9:60:93:4A:15:48:A8:BA:60:A2:BC:2F Authority key identifier: 60:2C:BC:E3:2D:D7:6D:0B:B3:9F:5A:70:63:24:24:88:69:11:94:35 Certificate issuer: /CN=602CBCE32DD76D0BB39F5A706324248869119435 Certificate serial: 0D30 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YCy84y3XbQuzn1pwYyQkiGkRlDU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.mft Manifest number: 0D1C Signing time: Tue 22 Apr 2025 09:48:06 +0000 Manifest this update: Tue 22 Apr 2025 09:48:06 +0000 Manifest next update: Thu 24 Apr 2025 09:48:06 +0000 Files and hashes: 1: YCy84y3XbQuzn1pwYyQkiGkRlDU.crl (hash: qlqc3v5zRN6ScbHlXHsZNWqDLR4yyScK7zf2qocl/HA=) 2: cPXxuhOdvwQPXXbR1Wv8iPc55Kg.roa (hash: 4AHCu1yQuQh+Dm5YkasjNoRstu+XKu7pAnxZv4dfcwU=) 3: flzLDX0XTBwV1EDDQlivvODYLW0.roa (hash: qMYYCb6jkjkxcl1R+jxMJAExVzMCCf0ZX65wsYAxMB0=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/YCy84y3XbQuzn1pwYyQkiGkRlDU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 16:48:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3376 (0xd30) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=602CBCE32DD76D0BB39F5A706324248869119435 Validity Not Before: Apr 22 09:48:06 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=1E2B4BA29E533234E960934A1548A8BA60A2BC2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ea:e8:4b:58:f6:93:80:b3:4d:d0:4f:69:02: 6c:fa:fe:5f:d2:1f:20:a8:9f:9c:82:39:94:72:9e: 26:47:d2:77:6a:16:b1:df:f5:45:72:03:50:2d:1e: e7:23:0e:08:3f:b2:f1:2d:c6:05:5c:82:5f:35:5e: 67:bc:c9:47:16:37:1a:77:d4:50:89:64:70:fd:17: 68:27:25:a2:a3:f7:2b:79:60:9a:b5:f6:e6:5d:a7: 83:17:52:b5:7e:fb:23:95:9e:10:fc:80:91:47:f1: ab:2c:e4:27:9a:0a:1e:e1:67:58:cb:ac:1c:60:b3: 2a:f5:ed:9a:e6:0f:14:c7:94:81:cd:82:20:48:0f: 0c:b3:0b:45:d3:18:12:2e:26:11:e1:61:f4:2e:92: c5:4d:fa:6f:8e:9a:0f:10:c0:3b:99:db:59:03:5b: b2:a5:47:71:78:1f:e3:75:23:0e:35:f1:87:f5:06: f7:98:fa:35:c1:5b:67:30:8f:1b:89:75:75:a3:85: bc:f1:9c:1b:ac:e1:3f:a7:1f:1a:9a:ec:f6:e7:87: fe:0e:e2:68:a4:ab:e1:ac:97:69:f1:36:0d:7c:ca: df:c5:67:ac:90:81:78:7c:a6:56:c9:f0:ad:0d:8d: af:61:4a:cf:08:79:aa:62:cd:d0:06:8b:f6:c3:a0: c9:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:2B:4B:A2:9E:53:32:34:E9:60:93:4A:15:48:A8:BA:60:A2:BC:2F X509v3 Authority Key Identifier: keyid:60:2C:BC:E3:2D:D7:6D:0B:B3:9F:5A:70:63:24:24:88:69:11:94:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YCy84y3XbQuzn1pwYyQkiGkRlDU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MEGAICBC/YCy84y3XbQuzn1pwYyQkiGkRlDU.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:ee:e7:77:3e:fe:3d:e4:04:bf:15:a4:81:a7:07:4a:3a:b1: 16:80:c5:02:90:25:1b:85:2e:37:ea:27:84:d7:75:fb:6e:c6: 7b:ce:56:16:ed:91:d8:97:6f:6c:0f:b8:27:3b:a7:f9:2b:ca: b5:d8:8f:d6:9e:db:48:99:ec:59:0f:ca:b4:d7:6d:2a:6a:0f: 82:3d:ff:bb:4e:fe:07:6e:0b:9a:6c:30:f0:da:d2:32:07:86: 1f:d4:6f:3c:36:23:fb:c9:30:65:d4:a8:11:14:d0:d0:f4:92: 5b:c9:a7:78:7e:1a:28:ca:86:d6:de:3c:9c:c5:52:69:fd:bd: 37:3b:bf:5a:a9:fa:69:eb:94:af:89:d1:cf:56:ed:6c:85:e1: 96:cc:d1:b7:6c:ed:ca:56:f4:a4:38:18:ea:95:fb:fc:d5:cb: 89:73:aa:d1:46:0c:2e:bd:a4:b8:4b:6e:05:9d:25:bb:b9:7e: b7:f0:18:1c:7e:b1:18:dd:1b:e6:b9:da:66:f5:27:d1:e1:59: 2e:66:11:58:77:cc:6b:53:ac:0d:73:cc:32:f3:ac:fc:e6:bf: ab:f2:5c:36:d9:22:ce:12:b8:f3:f0:aa:91:57:47:0b:7d:4c: 8c:33:4a:4f:05:63:46:e8:ea:b4:72:09:fd:72:94:39:f9:1d: 0a:51:e4:95 -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgICDTAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjAy Q0JDRTMyREQ3NkQwQkIzOUY1QTcwNjMyNDI0ODg2OTExOTQzNTAeFw0yNTA0MjIw OTQ4MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFMkI0QkEyOUU1MzMy MzRFOTYwOTM0QTE1NDhBOEJBNjBBMkJDMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCh6uhLWPaTgLNN0E9pAmz6/l/SHyCon5yCOZRyniZH0ndqFrHf 9UVyA1AtHucjDgg/svEtxgVcgl81Xme8yUcWNxp31FCJZHD9F2gnJaKj9yt5YJq1 9uZdp4MXUrV++yOVnhD8gJFH8ass5CeaCh7hZ1jLrBxgsyr17ZrmDxTHlIHNgiBI DwyzC0XTGBIuJhHhYfQuksVN+m+Omg8QwDuZ21kDW7KlR3F4H+N1Iw418Yf1BveY +jXBW2cwjxuJdXWjhbzxnBus4T+nHxqa7Pbnh/4O4mikq+Gsl2nxNg18yt/FZ6yQ gXh8plbJ8K0Nja9hSs8IeapizdAGi/bDoMnlAgMBAAGjggILMIICBzAdBgNVHQ4E FgQUHitLop5TMjTpYJNKFUioumCivC8wHwYDVR0jBBgwFoAUYCy84y3XbQuzn1pw YyQkiGkRlDUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVHQUlD QkMvWUN5ODR5M1hiUXV6bjFwd1l5UWtpR2tSbERVLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ZQ3k4NHkzWGJRdXpuMXB3WXlRa2lHa1JsRFUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRUdBSUNCQy9ZQ3k4NHkzWGJRdXpu MXB3WXlRa2lHa1JsRFUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAUu7ndz7+PeQEvxWkgacHSjqxFoDFApAlG4UuN+onhNd1+27Ge85WFu2R2Jdv bA+4Jzun+SvKtdiP1p7bSJnsWQ/KtNdtKmoPgj3/u07+B24Lmmww8NrSMgeGH9Rv PDYj+8kwZdSoERTQ0PSSW8mneH4aKMqG1t48nMVSaf29Nzu/Wqn6aeuUr4nRz1bt bIXhlszRt2ztylb0pDgY6pX7/NXLiXOq0UYMLr2kuEtuBZ0lu7l+t/AYHH6xGN0b 5rnaZvUn0eFZLmYRWHfMa1OsDXPMMvOs/Oa/q/JcNtkizhK48/CqkVdHC31MjDNK TwVjRujqtHIJ/XKUOfkdClHklQ== -----END CERTIFICATE-----Generated at Tue Apr 22 14:59:37 2025 by rpki-client