$ rpki-client -vvf rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft File: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft (raw, json) Hash identifier: k/iiyVZfm2OkhC3Q8WeZ7nmh40Tj1sUDlKk5JHq8PBc= Subject key identifier: 00:76:1F:15:2B:34:1F:48:26:96:A6:B8:02:93:CC:2C:99:02:0C:D5 Authority key identifier: 9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 Certificate issuer: /CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Certificate serial: 4B313F68F3F54215AACD446AE4329AB614BBE236 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject info access: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft Manifest number: 06 Signing time: Wed 13 May 2026 06:57:28 +0000 Manifest this update: Wed 13 May 2026 06:52:28 +0000 Manifest next update: Thu 14 May 2026 09:24:28 +0000 Files and hashes: 1: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl (hash: UE+ne+smh5suPWCW6a5Dt0fDlJ9Z7NOR0T7ECtnL/Kc=) 2: 3130332e3136302e3232362e302f32332d3234203d3e20313331363539.roa (hash: E3rZgHSz1Z/QlxuFQ/uZkBfovj2HHfCX638SO+t2sg0=) 3: 3130332e3136302e3232362e302f32332d3234203d3e203338383432.roa (hash: fXBUwxrpMNifp4MO+znwtVxrCjA2c4pDgmAW0x6+dMc=) 4: 323430363a663334303a3a2f33322d3634203d3e203338383432.roa (hash: dPU2RCL9922koNIK4EbftiZXNxbxs5ADbxLPZLggc34=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 09:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:31:3f:68:f3:f5:42:15:aa:cd:44:6a:e4:32:9a:b6:14:bb:e2:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Validity Not Before: May 13 06:52:28 2026 GMT Not After : May 14 09:24:28 2026 GMT Subject: CN=00761F152B341F482696A6B80293CC2C99020CD5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:64:ab:f4:8c:45:a6:2b:d5:cb:54:23:1a:c9: 30:2b:b6:c7:18:f6:b9:b8:a6:0e:09:4d:28:05:8e: 55:43:78:65:71:7f:29:24:47:82:ca:14:da:a4:23: 05:08:82:e8:8f:76:e6:e8:ba:cb:64:2d:3c:6f:e6: 1a:bb:79:b7:c8:9f:6d:1b:21:21:e5:05:a3:6e:98: 31:9a:b1:4e:ca:22:96:81:49:c8:45:10:54:a8:f1: 35:56:d5:e9:d8:e8:70:c5:bd:38:b9:69:52:58:a3: 9c:44:b2:98:03:ec:f4:7f:d8:4d:84:53:9e:5b:ce: e0:17:6a:0a:94:fb:66:5c:04:41:22:2a:a1:46:ed: 18:91:e8:84:ee:96:7d:b4:51:a6:ac:1b:09:37:f5: af:36:a7:9c:ec:3a:4d:91:ff:50:49:66:4a:e5:e3: 84:ab:e8:a0:6e:9f:7d:f7:92:03:e0:d1:ab:13:a9: 68:6f:c5:90:22:9b:77:ad:94:93:c7:40:4e:88:4f: 60:82:76:03:b5:73:04:fd:37:d0:f6:33:2d:60:b6: df:de:8a:85:db:25:fe:cd:5e:92:44:14:20:6d:5a: 08:81:12:0a:81:3b:f2:42:7d:2d:74:11:71:58:01: e8:99:1b:69:d4:73:1e:47:7d:78:9b:8d:a6:68:15: d3:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:76:1F:15:2B:34:1F:48:26:96:A6:B8:02:93:CC:2C:99:02:0C:D5 X509v3 Authority Key Identifier: keyid:9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:7f:a9:d3:fe:0e:b0:3e:fe:89:65:3d:9f:af:2e:56:cc:72: 83:44:de:1b:be:10:22:ed:99:3a:f2:6f:40:94:7e:01:bd:85: 37:08:c8:36:b2:92:92:79:ed:08:78:45:df:40:56:02:16:52: f7:ff:39:00:a2:84:15:fc:c5:c8:15:db:0a:90:8e:bc:d2:dc: 78:2b:fc:aa:2e:47:43:6e:b5:9f:5d:75:a5:54:dd:06:ce:fd: ab:85:ae:25:f5:64:77:1a:06:ea:8e:50:93:29:96:8e:d3:b3: 1f:c8:1a:9f:38:0c:39:3d:b8:88:98:57:28:59:ce:bc:8d:32: c6:cb:b0:17:6f:37:33:79:a1:af:6a:ac:3a:ba:02:88:0e:b7: 66:79:b4:16:84:52:61:32:06:cf:c3:9e:5a:12:6b:5c:16:b3: 4d:0f:eb:01:f5:60:40:ab:84:2d:3e:28:59:bb:20:f7:9b:38: e1:51:68:0c:4a:6f:57:36:2a:94:c6:6b:1e:52:87:05:e4:4e: 42:06:e7:7e:14:cf:96:00:c5:7a:c3:82:62:b5:01:e0:62:cf: e4:22:9b:0b:f2:5e:ac:2f:87:79:8c:08:0d:6c:9e:80:7a:f9: 5c:62:c8:d1:44:75:8c:ea:ef:11:0d:ea:dd:0f:49:fd:01:44: fb:b4:04:37 -----BEGIN CERTIFICATE----- MIIE5DCCA8ygAwIBAgIUSzE/aPP1QhWqzURq5DKathS74jYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdG NzJCRDVDMjAeFw0yNjA1MTMwNjUyMjhaFw0yNjA1MTQwOTI0MjhaMDMxMTAvBgNV BAMTKDAwNzYxRjE1MkIzNDFGNDgyNjk2QTZCODAyOTNDQzJDOTkwMjBDRDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtZKv0jEWmK9XLVCMayTArtscY 9rm4pg4JTSgFjlVDeGVxfykkR4LKFNqkIwUIguiPduboustkLTxv5hq7ebfIn20b ISHlBaNumDGasU7KIpaBSchFEFSo8TVW1enY6HDFvTi5aVJYo5xEspgD7PR/2E2E U55bzuAXagqU+2ZcBEEiKqFG7RiR6ITuln20UaasGwk39a82p5zsOk2R/1BJZkrl 44Sr6KBun333kgPg0asTqWhvxZAim3etlJPHQE6IT2CCdgO1cwT9N9D2My1gtt/e ioXbJf7NXpJEFCBtWgiBEgqBO/JCfS10EXFYAeiZG2nUcx5HfXibjaZoFdOfAgMB AAGjggHuMIIB6jAdBgNVHQ4EFgQUAHYfFSs0H0gmlqa4ApPMLJkCDNUwHwYDVR0j BBgwFoAUnQB9Nz84HMpZbs4g/Cfo1/cr1cIwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVU LzAvOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5jcmww bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p Yy50dy9ycGtpL1RXTklDQ0EvMS85RDAwN0QzNzNGMzgxQ0NBNTk2RUNFMjBGQzI3 RThEN0Y3MkJENUMyLmNlcjBuBggrBgEFBQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJz eW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVULzAvOUQwMDdEMzczRjM4 MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5tZnQwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUG CCsGAQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAIF/qdP+DrA+ /ollPZ+vLlbMcoNE3hu+ECLtmTryb0CUfgG9hTcIyDaykpJ57Qh4Rd9AVgIWUvf/ OQCihBX8xcgV2wqQjrzS3Hgr/KouR0NutZ9ddaVU3QbO/auFriX1ZHcaBuqOUJMp lo7Tsx/IGp84DDk9uIiYVyhZzryNMsbLsBdvNzN5oa9qrDq6AogOt2Z5tBaEUmEy Bs/DnloSa1wWs00P6wH1YECrhC0+KFm7IPebOOFRaAxKb1c2KpTGax5ShwXkTkIG 534Uz5YAxXrDgmK1AeBiz+QimwvyXqwvh3mMCA1snoB6+VxiyNFEdYzq7xEN6t0P Sf0BRPu0BDc= -----END CERTIFICATE-----Generated at Wed May 13 20:33:06 2026 by rpki-client