$ rpki-client -vvf rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft File: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft (raw, json) Hash identifier: 56rASkDi9sXCeKMfe2kY3/pfBefzXqxIgXSMtnY+s9o= Subject key identifier: E5:63:85:CD:0E:26:95:A5:E8:8C:FC:0A:0C:D8:DB:3F:23:23:10:ED Authority key identifier: 9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 Certificate issuer: /CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Certificate serial: 2C00F9B1EF0F937EEAE5884D1139BAECBE24A547 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject info access: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft Manifest number: 46 Signing time: Tue 30 Jun 2026 06:28:17 +0000 Manifest this update: Tue 30 Jun 2026 06:23:17 +0000 Manifest next update: Wed 01 Jul 2026 08:20:17 +0000 Files and hashes: 1: 323430363a663334303a3a2f33322d3634203d3e203338383432.roa (hash: dPU2RCL9922koNIK4EbftiZXNxbxs5ADbxLPZLggc34=) 2: 9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl (hash: kvVSGCfjtQTRCp3u6yezzeGY0cirsYI5zvMo4Lh5h3g=) 3: 3130332e3136302e3232362e302f32332d3234203d3e203338383432.roa (hash: fXBUwxrpMNifp4MO+znwtVxrCjA2c4pDgmAW0x6+dMc=) 4: 3130332e3136302e3232362e302f32332d3234203d3e20313331363539.roa (hash: E3rZgHSz1Z/QlxuFQ/uZkBfovj2HHfCX638SO+t2sg0=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 01 Jul 2026 08:20:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:00:f9:b1:ef:0f:93:7e:ea:e5:88:4d:11:39:ba:ec:be:24:a5:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9D007D373F381CCA596ECE20FC27E8D7F72BD5C2 Validity Not Before: Jun 30 06:23:17 2026 GMT Not After : Jul 1 08:20:17 2026 GMT Subject: CN=E56385CD0E2695A5E88CFC0A0CD8DB3F232310ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:74:2a:14:12:40:e8:a8:aa:e1:52:c7:3e:a3: ae:49:ae:46:c5:d4:b6:ba:02:96:93:45:64:d6:dc: 82:56:eb:b8:12:dc:f5:73:2a:a0:7f:d9:48:e4:3a: a9:c9:d5:07:4c:8e:a2:0a:65:ef:11:45:d5:3a:ba: fa:60:83:04:01:3b:42:a0:6d:11:e1:c1:62:c0:63: 5d:19:69:91:cd:cc:c3:73:97:16:77:2f:23:88:db: fa:1b:72:a4:65:d7:c8:ed:02:89:6e:db:c0:49:99: 50:ca:5d:4b:a0:0e:a2:c0:f1:ea:a2:50:a9:ed:df: 67:77:e7:46:04:d1:c4:7c:f6:58:ba:dc:05:92:45: da:2f:25:1c:c0:5f:2f:28:15:49:5d:48:c0:a4:89: 9c:b5:4c:f5:1a:c4:0b:c9:f3:fa:f4:aa:b6:da:7a: 73:b4:35:be:ee:24:15:dd:e0:64:09:d6:aa:2f:d5: 5e:47:66:17:d3:82:99:a7:ac:3c:f0:ac:85:59:82: ca:7f:c8:3c:d2:ba:0c:6a:8e:d3:61:f3:c2:55:6a: 99:6e:10:a9:e6:d9:60:f6:d3:0e:f4:ab:71:3f:4d: be:df:d8:b2:4c:f3:b3:24:bc:ff:26:e0:db:5f:11: 35:df:3f:1d:e4:82:7c:71:1a:58:63:3f:64:b2:98: 89:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:63:85:CD:0E:26:95:A5:E8:8C:FC:0A:0C:D8:DB:3F:23:23:10:ED X509v3 Authority Key Identifier: keyid:9D:00:7D:37:3F:38:1C:CA:59:6E:CE:20:FC:27:E8:D7:F7:2B:D5:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DNSNET/0/9D007D373F381CCA596ECE20FC27E8D7F72BD5C2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:f1:a8:5b:c5:26:10:c5:d0:3c:bd:df:74:be:b2:78:e0:6b: d1:3d:de:79:87:8d:7e:2f:13:0f:8d:33:6e:34:f5:1e:46:a8: 45:a6:ec:a9:00:77:6a:52:7c:41:d4:0e:49:31:1b:6d:98:5a: 0d:3e:f3:ee:0d:1e:dc:c6:25:b2:9e:cb:d4:35:06:0f:5f:60: ef:18:92:eb:c3:78:34:63:d3:f7:c4:ea:02:b8:40:3d:70:ec: c6:36:79:3a:ae:7e:b9:be:6d:55:82:33:f4:46:15:68:2c:47: 69:be:ea:b3:7c:dd:91:72:ee:0b:ab:6f:8f:ca:cd:e1:cc:c1: f3:f6:a0:a9:e4:14:50:09:78:c5:f5:b4:89:b1:2d:c4:4c:6f: 63:38:f1:de:bb:fe:92:51:ca:18:01:c9:8e:53:31:dc:e1:15: bc:64:58:23:69:29:c0:a3:ae:6c:f1:f7:62:9f:56:fd:8d:20: 30:c8:9e:ac:cc:52:5e:e5:64:3f:b8:7e:fa:b0:4f:68:53:25: 7a:5c:6c:46:60:b0:16:03:c2:9b:bd:bb:22:e6:dc:b4:91:3d: 7f:99:90:39:e7:48:c4:7a:01:43:38:ad:29:e1:ba:47:f3:fb: 78:f9:08:60:8d:e0:7b:c4:c4:bf:16:d1:07:13:05:d7:91:c4: e8:45:3b:13 -----BEGIN CERTIFICATE----- MIIE5DCCA8ygAwIBAgIULAD5se8Pk37q5YhNETm67L4kpUcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdG NzJCRDVDMjAeFw0yNjA2MzAwNjIzMTdaFw0yNjA3MDEwODIwMTdaMDMxMTAvBgNV BAMTKEU1NjM4NUNEMEUyNjk1QTVFODhDRkMwQTBDRDhEQjNGMjMyMzEwRUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDedCoUEkDoqKrhUsc+o65JrkbF 1La6ApaTRWTW3IJW67gS3PVzKqB/2UjkOqnJ1QdMjqIKZe8RRdU6uvpggwQBO0Kg bRHhwWLAY10ZaZHNzMNzlxZ3LyOI2/obcqRl18jtAolu28BJmVDKXUugDqLA8eqi UKnt32d350YE0cR89li63AWSRdovJRzAXy8oFUldSMCkiZy1TPUaxAvJ8/r0qrba enO0Nb7uJBXd4GQJ1qov1V5HZhfTgpmnrDzwrIVZgsp/yDzSugxqjtNh88JVaplu EKnm2WD20w70q3E/Tb7f2LJM87MkvP8m4NtfETXfPx3kgnxxGlhjP2SymInrAgMB AAGjggHuMIIB6jAdBgNVHQ4EFgQU5WOFzQ4mlaXojPwKDNjbPyMjEO0wHwYDVR0j BBgwFoAUnQB9Nz84HMpZbs4g/Cfo1/cr1cIwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVU LzAvOUQwMDdEMzczRjM4MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5jcmww bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p Yy50dy9ycGtpL1RXTklDQ0EvMS85RDAwN0QzNzNGMzgxQ0NBNTk2RUNFMjBGQzI3 RThEN0Y3MkJENUMyLmNlcjBuBggrBgEFBQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJz eW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE5TTkVULzAvOUQwMDdEMzczRjM4 MUNDQTU5NkVDRTIwRkMyN0U4RDdGNzJCRDVDMi5tZnQwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUG CCsGAQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAF/xqFvFJhDF 0Dy933S+snjga9E93nmHjX4vEw+NM2409R5GqEWm7KkAd2pSfEHUDkkxG22YWg0+ 8+4NHtzGJbKey9Q1Bg9fYO8YkuvDeDRj0/fE6gK4QD1w7MY2eTqufrm+bVWCM/RG FWgsR2m+6rN83ZFy7gurb4/KzeHMwfP2oKnkFFAJeMX1tImxLcRMb2M48d67/pJR yhgByY5TMdzhFbxkWCNpKcCjrmzx92KfVv2NIDDInqzMUl7lZD+4fvqwT2hTJXpc bEZgsBYDwpu9uyLm3LSRPX+ZkDnnSMR6AUM4rSnhukfz+3j5CGCN4HvExL8W0QcT BdeRxOhFOxM= -----END CERTIFICATE-----Generated at Tue Jun 30 19:07:01 2026 by rpki-client