$ rpki-client -vvf rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft File: 589DA145B1A822538BB2E68D892E6742B34F0701.mft (raw, json) Hash identifier: 0XLmg7QS0T3C+DoWtcJbHa6dAyh+2dXEbabvu0Ks32o= Subject key identifier: B4:13:C3:AD:BE:25:A5:18:EC:A3:74:40:71:8F:0B:52:8C:26:B6:EB Authority key identifier: 58:9D:A1:45:B1:A8:22:53:8B:B2:E6:8D:89:2E:67:42:B3:4F:07:01 Certificate issuer: /CN=589DA145B1A822538BB2E68D892E6742B34F0701 Certificate serial: 1C9995B95031572345BCCA572E1E0DFF1648B678 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0/589DA145B1A822538BB2E68D892E6742B34F0701.cer Subject info access: rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft Manifest number: 08 Signing time: Fri 15 May 2026 10:11:38 +0000 Manifest this update: Fri 15 May 2026 10:06:38 +0000 Manifest next update: Sat 16 May 2026 13:16:38 +0000 Files and hashes: 1: 3136312e3234382e3132382e302f32332d3234203d3e20313331363435.roa (hash: A2tEu7HgD7mnKwNZUDnZPRv7DPPNtScV1zkEjUfoaE8=) 2: 589DA145B1A822538BB2E68D892E6742B34F0701.crl (hash: xGL3EzVS1Qft3mS7uxjIfoo1ydVteArRyu3/Jm6rcJM=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.crl rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/0/589DA145B1A822538BB2E68D892E6742B34F0701.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/0/C3F27ABBA40D0C146E6599E319B2F8B79656A6F3.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/w_J6u6QNDBRuZZnjGbL4t5ZWpvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 13:16:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:99:95:b9:50:31:57:23:45:bc:ca:57:2e:1e:0d:ff:16:48:b6:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=589DA145B1A822538BB2E68D892E6742B34F0701 Validity Not Before: May 15 10:06:38 2026 GMT Not After : May 16 13:16:38 2026 GMT Subject: CN=B413C3ADBE25A518ECA37440718F0B528C26B6EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c1:9c:4f:fa:15:2a:1b:d8:d3:c4:ad:5e:1d: 62:98:db:8c:b1:3b:0a:c9:ca:c5:e1:4e:da:29:64: b7:11:be:0a:b4:74:46:46:8c:7b:d8:b6:87:f0:37: a7:34:cd:71:05:7c:2d:b9:79:34:53:43:b8:2f:21: 4b:4c:12:df:b7:5c:f4:ed:5c:6b:9a:69:9e:d9:fc: d5:ec:6e:63:a0:63:4b:11:ab:dd:ea:c5:47:ed:4c: 67:52:9c:9a:72:4b:b6:7f:c0:bd:5e:c8:2f:14:51: f3:64:87:45:d4:70:a0:b8:37:9d:d2:81:0a:fa:f5: 67:46:5d:26:89:b1:cc:55:98:7c:3f:0c:1c:2f:88: 58:53:1c:d3:a7:7f:51:29:48:7d:2c:d9:9d:f5:60: 66:d3:75:be:32:4d:1f:9b:04:fe:cd:23:05:2a:21: e1:91:6b:28:74:b6:a2:89:97:8d:fc:42:8c:7b:97: 8b:a7:cc:8b:10:1d:f1:68:0f:b2:2b:48:7b:76:7c: f5:c6:cb:c1:16:2e:8d:f2:ee:d7:30:14:5f:0d:dd: b0:3e:be:51:5a:34:d5:af:1f:34:bb:36:db:9d:2f: 11:5f:8b:c2:3e:ea:cd:ba:1c:37:58:24:9b:de:48: e2:c8:15:c7:e8:06:c1:cf:c7:0f:9f:a6:81:dc:a8: 86:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:13:C3:AD:BE:25:A5:18:EC:A3:74:40:71:8F:0B:52:8C:26:B6:EB X509v3 Authority Key Identifier: keyid:58:9D:A1:45:B1:A8:22:53:8B:B2:E6:8D:89:2E:67:42:B3:4F:07:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0/589DA145B1A822538BB2E68D892E6742B34F0701.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/KKH/1/589DA145B1A822538BB2E68D892E6742B34F0701.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:bb:61:10:b9:2f:a4:86:26:7f:ab:01:53:e3:fe:8b:f1:85: ff:5d:80:e8:46:cc:36:c7:d6:78:ae:45:1b:60:d7:29:83:4b: cf:51:e2:4d:1b:95:41:ed:cb:28:59:2f:eb:e3:e4:74:28:8d: a0:88:ca:9f:78:8b:3e:71:d9:8c:9f:66:1d:b5:c1:8e:84:42: 3c:c3:97:59:39:cd:79:8c:38:80:21:08:d8:d1:2a:b4:cf:19: 1c:4c:c6:06:af:ba:cc:87:6c:09:67:04:7f:63:b9:1c:42:dd: 57:25:66:fd:36:ab:0e:2c:84:14:eb:03:72:c9:b4:45:91:71: 5d:1a:11:4d:7a:5c:42:78:72:c3:79:c6:be:74:7e:22:fa:b3: 7a:8d:88:6d:72:26:16:4e:65:7c:cc:bf:63:b1:6d:c1:3c:af: 07:ec:6c:31:cc:12:78:f7:5f:ca:a7:90:6a:16:11:b9:40:45: 0f:62:e2:2e:79:63:8c:c2:0c:a7:bf:33:45:52:9d:fd:73:17: 7b:56:15:e9:41:85:11:f0:31:0c:60:3b:f4:c8:a9:e4:43:3d: 4d:bd:33:e0:ee:3a:76:0d:c8:fe:45:f3:3f:d2:29:95:3d:59: 5e:ea:92:ae:af:07:ff:c3:e5:db:a5:61:05:1c:f6:19:d4:b0: 95:cd:37:29 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUHJmVuVAxVyNFvMpXLh4N/xZItngwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg5REExNDVCMUE4MjI1MzhCQjJFNjhEODkyRTY3NDJC MzRGMDcwMTAeFw0yNjA1MTUxMDA2MzhaFw0yNjA1MTYxMzE2MzhaMDMxMTAvBgNV BAMTKEI0MTNDM0FEQkUyNUE1MThFQ0EzNzQ0MDcxOEYwQjUyOEMyNkI2RUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6wZxP+hUqG9jTxK1eHWKY24yx OwrJysXhTtopZLcRvgq0dEZGjHvYtofwN6c0zXEFfC25eTRTQ7gvIUtMEt+3XPTt XGuaaZ7Z/NXsbmOgY0sRq93qxUftTGdSnJpyS7Z/wL1eyC8UUfNkh0XUcKC4N53S gQr69WdGXSaJscxVmHw/DBwviFhTHNOnf1EpSH0s2Z31YGbTdb4yTR+bBP7NIwUq IeGRayh0tqKJl438Qox7l4unzIsQHfFoD7IrSHt2fPXGy8EWLo3y7tcwFF8N3bA+ vlFaNNWvHzS7NtudLxFfi8I+6s26HDdYJJveSOLIFcfoBsHPxw+fpoHcqIanAgMB AAGjggHoMIIB5DAdBgNVHQ4EFgQUtBPDrb4lpRjso3RAcY8LUowmtuswHwYDVR0j BBgwFoAUWJ2hRbGoIlOLsuaNiS5nQrNPBwEwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0tILzEv NTg5REExNDVCMUE4MjI1MzhCQjJFNjhEODkyRTY3NDJCMzRGMDcwMS5jcmwwbwYI KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50 dy9ycGtpL1RXTklDQ0EvMC81ODlEQTE0NUIxQTgyMjUzOEJCMkU2OEQ4OTJFNjc0 MkIzNEYwNzAxLmNlcjBrBggrBgEFBQcBCwRfMF0wWwYIKwYBBQUHMAuGT3JzeW5j Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvS0tILzEvNTg5REExNDVCMUE4MjI1MzhC QjJFNjhEODkyRTY3NDJCMzRGMDcwMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAFS7YRC5L6SGJn+rAVPj /ovxhf9dgOhGzDbH1niuRRtg1ymDS89R4k0blUHtyyhZL+vj5HQojaCIyp94iz5x 2YyfZh21wY6EQjzDl1k5zXmMOIAhCNjRKrTPGRxMxgavusyHbAlnBH9juRxC3Vcl Zv02qw4shBTrA3LJtEWRcV0aEU16XEJ4csN5xr50fiL6s3qNiG1yJhZOZXzMv2Ox bcE8rwfsbDHMEnj3X8qnkGoWEblARQ9i4i55Y4zCDKe/M0VSnf1zF3tWFelBhRHw MQxgO/TIqeRDPU29M+DuOnYNyP5F8z/SKZU9WV7qkq6vB//D5dulYQUc9hnUsJXN Nyk= -----END CERTIFICATE-----Generated at Sat May 16 04:55:04 2026 by rpki-client