$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/m9yQDEijVhPeB12MOTYZI3261RU.cer File: m9yQDEijVhPeB12MOTYZI3261RU.cer (raw, json) Hash identifier: 666w5cFc7WEVjyK6DkvMSRQ7Dmj5K2vn0kcDGjYtqSo= Subject key identifier: 9B:DC:90:0C:48:A3:56:13:DE:07:5D:8C:39:36:19:23:7D:BA:D5:15 Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Certificate serial: 34DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/OBANK/m9yQDEijVhPeB12MOTYZI3261RU.mft caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/OBANK/ Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml Certificate not before: Mon 10 Feb 2025 14:29:07 +0000 Certificate not after: Tue 26 Aug 2025 01:57:03 +0000 Subordinate resources: IP: 103.125.64.0/22 IP: 2403:edc0::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 17:37:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13535 (0x34df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E Validity Not Before: Feb 10 14:29:07 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=9BDC900C48A35613DE075D8C393619237DBAD515 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b2:6b:58:4a:8b:85:0e:07:ef:c6:3f:b0:11: b9:aa:89:29:ae:1e:1a:d6:92:e8:93:48:b9:0f:b7: 0e:31:41:ca:27:5f:b0:f1:36:06:9a:df:31:ac:bb: d3:43:f6:be:1a:ae:52:03:0e:de:66:68:55:d1:3c: 0a:66:53:a0:e7:61:eb:04:43:4f:05:6b:fb:6f:2f: 0d:b0:2d:46:15:d7:0f:b8:c9:28:f5:c2:84:2f:93: d6:58:50:6c:e1:3e:ac:4e:60:0f:05:6d:7d:0f:2b: e2:52:39:b6:4a:ce:6a:06:46:49:4d:3a:d4:c8:1f: c5:3f:55:c7:16:78:69:a7:5b:fa:d3:5a:42:64:69: a3:2d:20:a6:9c:61:21:04:da:34:d9:d2:28:7f:5d: 93:17:a3:2c:54:77:25:a5:18:9a:c1:fd:6f:a9:9f: b3:ba:db:9e:2f:ac:dc:e5:23:28:d2:d8:25:da:24: 8d:10:52:5a:37:fa:46:dc:d8:4f:ea:a8:10:01:de: a8:32:95:9a:51:b1:7a:9a:2d:1b:45:cb:4a:50:c1: 50:cb:4c:3e:f6:2a:96:12:49:cc:d8:99:4d:10:88: 80:a9:9d:3e:58:68:07:7d:9a:d0:36:e1:ae:4a:4e: f3:51:1c:31:54:2a:31:bf:de:22:dd:00:16:5a:ff: 6e:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:DC:90:0C:48:A3:56:13:DE:07:5D:8C:39:36:19:23:7D:BA:D5:15 X509v3 Authority Key Identifier: keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OBANK/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OBANK/m9yQDEijVhPeB12MOTYZI3261RU.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.125.64.0/22 IPv6: 2403:edc0::/32 Signature Algorithm: sha256WithRSAEncryption 49:8a:f7:a3:31:6f:c3:86:21:72:f7:ed:62:d4:bb:f0:e1:6e: 02:e1:bf:3d:a8:e5:ad:91:fc:3d:62:1f:19:9e:04:d7:33:9c: 65:ca:8e:65:83:b8:e1:12:8c:64:11:29:8b:f8:9d:90:b0:a1: c4:9d:6f:09:34:e3:51:1e:9b:a9:98:c8:5f:14:31:4f:17:b1: d1:59:09:c5:06:11:2b:68:ba:7d:ef:a7:e8:7f:71:01:d2:65: 27:00:5a:fc:ff:0f:81:37:7b:e6:ab:6f:f9:df:59:a9:d8:e5: 3c:79:dc:4f:ac:07:f9:c0:a0:1c:d5:dc:33:a1:98:ca:cb:6e: 68:6b:5b:68:7a:77:b3:5f:26:93:7c:6f:80:d2:52:c8:b7:5e: 09:d0:36:eb:15:a6:01:87:3e:fd:a1:4b:23:55:59:c1:b5:20: 87:b9:f9:6a:6d:ae:c7:b0:c8:b6:1b:11:61:ea:1b:8f:f1:72: 7b:33:33:1d:9a:59:bd:3f:7b:50:93:d8:92:f7:85:73:6d:f7: 9d:f3:42:35:6c:33:9c:99:b1:d8:e5:4d:2b:f4:d9:2f:77:b8: b0:18:f4:bc:f2:4b:45:8b:e0:f3:98:4f:d5:8d:e3:f6:25:61: 1c:6d:ef:fe:82:d9:5c:e4:0d:49:d1:b7:97:14:04:16:3e:6f: 76:10:b4:80 -----BEGIN CERTIFICATE----- MIIFWDCCBECgAwIBAgICNN8wDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy MUM5NkFCMzQ1NDdFMB4XDTI1MDIxMDE0MjkwN1oXDTI1MDgyNjAxNTcwM1owMzEx MC8GA1UEAxMoOUJEQzkwMEM0OEEzNTYxM0RFMDc1RDhDMzkzNjE5MjM3REJBRDUx NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCya1hKi4UOB+/GP7AR uaqJKa4eGtaS6JNIuQ+3DjFByidfsPE2BprfMay700P2vhquUgMO3mZoVdE8CmZT oOdh6wRDTwVr+28vDbAtRhXXD7jJKPXChC+T1lhQbOE+rE5gDwVtfQ8r4lI5tkrO agZGSU061MgfxT9VxxZ4aadb+tNaQmRpoy0gppxhIQTaNNnSKH9dkxejLFR3JaUY msH9b6mfs7rbni+s3OUjKNLYJdokjRBSWjf6RtzYT+qoEAHeqDKVmlGxepotG0XL SlDBUMtMPvYqlhJJzNiZTRCIgKmdPlhoB32a0DbhrkpO81EcMVQqMb/eIt0AFlr/ bhsCAwEAAaOCAl0wggJZMB0GA1UdDgQWBBSb3JAMSKNWE94HXYw5NhkjfbrVFTAf BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB /zAOBgNVHQ8BAf8EBAMCAQYwgdQGCCsGAQUFBwELBIHHMIHEMDcGCCsGAQUFBzAF hityc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT0JBTksvMFYG CCsGAQUFBzAKhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev T0JBTksvbTl5UURFaWpWaFBlQjEyTU9UWVpJMzI2MVJVLm1mdDAxBggrBgEFBQcw DYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAuBggrBgEF BQcBBwEB/wQfMB0wDAQCAAEwBgMEAmd9QDANBAIAAjAHAwUAJAPtwDANBgkqhkiG 9w0BAQsFAAOCAQEASYr3ozFvw4YhcvftYtS78OFuAuG/PajlrZH8PWIfGZ4E1zOc ZcqOZYO44RKMZBEpi/idkLChxJ1vCTTjUR6bqZjIXxQxTxex0VkJxQYRK2i6fe+n 6H9xAdJlJwBa/P8PgTd75qtv+d9ZqdjlPHncT6wH+cCgHNXcM6GYystuaGtbaHp3 s18mk3xvgNJSyLdeCdA26xWmAYc+/aFLI1VZwbUgh7n5am2ux7DIthsRYeobj/Fy ezMzHZpZvT97UJPYkveFc233nfNCNWwznJmx2OVNK/TZL3e4sBj0vPJLRYvg85hP 1Y3j9iVhHG3v/oLZXOQNSdG3lxQEFj5vdhC0gA== -----END CERTIFICATE-----Generated at Sat Apr 12 14:39:11 2025 by rpki-client