Manifest

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/RfMLTF7ObhLm2QiJ15QNjhhxBys.mft
File:                     RfMLTF7ObhLm2QiJ15QNjhhxBys.mft (raw, json)
Hash identifier:          ZXnv/etMVctGcHP+b256V28kf8KnKJEseUgGrTaCly0=
Subject key identifier:   3C:D6:46:90:69:C6:DB:A2:9F:32:42:0C:F1:07:60:D4:C4:92:61:0E
Authority key identifier: 45:F3:0B:4C:5E:CE:6E:12:E6:D9:08:89:D7:94:0D:8E:18:71:07:2B
Certificate issuer:       /CN=45F30B4C5ECE6E12E6D90889D7940D8E1871072B
Certificate serial:       018D
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/RfMLTF7ObhLm2QiJ15QNjhhxBys.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/RfMLTF7ObhLm2QiJ15QNjhhxBys.mft
Manifest number:          018A
Signing time:             Tue 18 Jun 2024 09:02:54 +0000
Manifest this update:     Tue 18 Jun 2024 09:02:54 +0000
Manifest next update:     Thu 20 Jun 2024 09:02:54 +0000
Files and hashes:         1: RfMLTF7ObhLm2QiJ15QNjhhxBys.crl (hash: 7L+1R9H2oDtBHXQ71uelSVtht21bqgZ7REO82PCE6nA=)
                          2: UOoW5IvWYtf7a3radBHqn8K7oq0.roa (hash: 1k6o1/HbTcYwr1sSEx3vd9JdiMxQs8amE1cQyuLYNfY=)
                          3: z6Uc3_HFG68oAXsCHq-f8Lks0WI.roa (hash: q4V0oMpO/yBAQGUFUQzoK6e2dToxdrBV9P6NvQWOhrM=)

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/RfMLTF7ObhLm2QiJ15QNjhhxBys.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/RfMLTF7ObhLm2QiJ15QNjhhxBys.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/RfMLTF7ObhLm2QiJ15QNjhhxBys.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 09:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 397 (0x18d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45F30B4C5ECE6E12E6D90889D7940D8E1871072B
        Validity
            Not Before: Jun 18 09:02:54 2024 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=3CD6469069C6DBA29F32420CF10760D4C492610E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0e:9e:37:bd:b4:86:96:42:be:41:85:d8:6e:
                    ce:58:1c:10:e0:88:d6:42:22:ab:c3:15:62:3f:9f:
                    f4:23:a6:2a:57:ff:a7:17:c9:e8:13:72:1b:34:aa:
                    c3:e3:2f:8b:40:40:0b:28:d6:59:53:8a:39:67:8c:
                    7d:d0:c5:f8:c7:4e:fe:d9:1f:49:f3:ee:28:4d:53:
                    7f:3d:f1:ab:6c:54:aa:0d:8f:d0:df:51:0c:42:e9:
                    bc:ee:c1:aa:9a:26:ef:cf:ef:20:c8:36:fc:8f:22:
                    8f:7d:05:f0:9f:63:80:84:6a:9d:4f:84:52:55:ab:
                    70:ea:41:e3:7b:71:3a:d8:8c:8d:11:d6:3a:8a:2b:
                    9e:1e:ef:f2:25:d8:a0:25:ba:6e:c8:ec:14:5a:b7:
                    be:fa:54:89:27:51:61:1c:3a:f1:20:ca:ae:cc:ae:
                    fa:cb:1f:c6:c4:7d:26:fe:a4:ac:0e:1d:82:cd:5a:
                    5e:c8:4a:6c:de:c3:04:8f:12:4d:23:de:8c:06:35:
                    ba:2d:60:70:e3:d8:bc:2f:0b:f2:14:08:f9:07:66:
                    c9:d3:2f:48:20:d7:d9:8d:77:3c:70:29:2b:de:56:
                    70:8e:c3:b8:95:16:4a:94:cf:04:0b:a1:7d:24:07:
                    fe:10:d6:7d:b0:f9:81:b9:38:8c:36:9a:d0:31:04:
                    77:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:D6:46:90:69:C6:DB:A2:9F:32:42:0C:F1:07:60:D4:C4:92:61:0E
            X509v3 Authority Key Identifier:
                keyid:45:F3:0B:4C:5E:CE:6E:12:E6:D9:08:89:D7:94:0D:8E:18:71:07:2B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/RfMLTF7ObhLm2QiJ15QNjhhxBys.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RfMLTF7ObhLm2QiJ15QNjhhxBys.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/RfMLTF7ObhLm2QiJ15QNjhhxBys.mft
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:ad:37:12:4d:c3:fe:83:74:5c:57:2c:f9:1d:6d:01:d1:8c:
         f9:1f:cc:07:d7:eb:6b:39:ca:04:c3:85:90:77:6c:7b:7d:94:
         df:62:49:58:09:26:ad:75:67:84:a0:0c:72:13:c1:bc:d6:09:
         5a:b7:f8:e2:dd:8b:8f:e9:c9:47:bd:b9:8a:1b:28:ef:3c:11:
         d3:b8:29:c7:79:7d:39:0c:3f:35:a2:be:cf:ae:75:fb:05:26:
         e6:f9:1d:f1:d8:ea:ab:1e:4b:7c:ee:a6:ef:13:3c:e1:8c:b0:
         69:b4:52:a0:02:b8:98:c5:e2:54:a4:2f:09:63:b5:82:3e:79:
         23:51:e0:74:50:80:d1:07:1c:84:43:84:6b:f2:16:a2:45:87:
         6b:fb:b1:e2:07:a1:5a:ab:82:64:bb:2b:f5:5a:c0:97:f8:32:
         17:3a:f0:28:49:47:3a:20:b8:d3:e9:c5:69:41:b0:60:78:cb:
         4b:17:94:9d:e0:6e:ef:2f:0a:20:3e:e1:b7:d6:e4:c1:3e:55:
         71:d3:bb:10:42:ef:73:56:41:4c:ae:12:a8:df:6a:19:ca:a5:
         b7:43:f0:13:88:af:7e:40:17:87:16:f5:75:d0:4e:bc:c4:12:
         4b:4e:fb:9b:d9:83:72:b8:1b:5d:89:01:85:d6:bc:33:96:8a:
         e5:03:bf:f6
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICAY0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDVG
MzBCNEM1RUNFNkUxMkU2RDkwODg5RDc5NDBEOEUxODcxMDcyQjAeFw0yNDA2MTgw
OTAyNTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNDRDY0NjkwNjlDNkRC
QTI5RjMyNDIwQ0YxMDc2MEQ0QzQ5MjYxMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEDp43vbSGlkK+QYXYbs5YHBDgiNZCIqvDFWI/n/QjpipX/6cX
yegTchs0qsPjL4tAQAso1llTijlnjH3QxfjHTv7ZH0nz7ihNU3898atsVKoNj9Df
UQxC6bzuwaqaJu/P7yDINvyPIo99BfCfY4CEap1PhFJVq3DqQeN7cTrYjI0R1jqK
K54e7/Il2KAlum7I7BRat776VIknUWEcOvEgyq7MrvrLH8bEfSb+pKwOHYLNWl7I
SmzewwSPEk0j3owGNbotYHDj2LwvC/IUCPkHZsnTL0gg19mNdzxwKSveVnCOw7iV
FkqUzwQLoX0kB/4Q1n2w+YG5OIw2mtAxBHc7AgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUPNZGkGnG26KfMkIM8Qdg1MSSYQ4wHwYDVR0jBBgwFoAURfMLTF7ObhLm2QiJ
15QNjhhxByswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU01UUlRD
SC9SZk1MVEY3T2JoTG0yUWlKMTVRTmpoaHhCeXMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1JmTUxURjdPYmhMbTJRaUoxNVFOamhoeEJ5cy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NNVFJUQ0gvUmZNTFRGN09iaExtMlFp
SjE1UU5qaGh4QnlzLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsG
AQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEB
AIetNxJNw/6DdFxXLPkdbQHRjPkfzAfX62s5ygTDhZB3bHt9lN9iSVgJJq11Z4Sg
DHITwbzWCVq3+OLdi4/pyUe9uYobKO88EdO4Kcd5fTkMPzWivs+udfsFJub5HfHY
6qseS3zupu8TPOGMsGm0UqACuJjF4lSkLwljtYI+eSNR4HRQgNEHHIRDhGvyFqJF
h2v7seIHoVqrgmS7K/VawJf4Mhc68ChJRzoguNPpxWlBsGB4y0sXlJ3gbu8vCiA+
4bfW5ME+VXHTuxBC73NWQUyuEqjfahnKpbdD8BOIr35AF4cW9XXQTrzEEktO+5vZ
g3K4G12JAYXWvDOWiuUDv/Y=
-----END CERTIFICATE-----
Generated at Wed Jun 19 00:29:54 2024 by rpki-client on console-ams.rpki-client.org