$ rpki-client -vvf rpkica.twnic.tw/rpki/LAZCO/0/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.mft File: 3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.mft (raw, json) Hash identifier: bLePXMUY9LqaaDaM7z1eMWV8Hf4Im/ZRw5G/yqdyQjE= Subject key identifier: 84:5C:36:AC:91:3E:84:BE:30:6D:13:6D:CD:AC:ED:2E:8B:97:D1:B4 Authority key identifier: 3F:2F:A0:E9:A9:B7:A3:64:D4:9A:2E:A6:1E:F3:89:67:09:C4:AD:AE Certificate issuer: /CN=3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE Certificate serial: 0F8A919ADC75EAC9CF4CBC84945C9C8818B19703 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/LAZCO/0/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.mft Manifest number: 0D Signing time: Wed 13 May 2026 05:37:09 +0000 Manifest this update: Wed 13 May 2026 05:32:09 +0000 Manifest next update: Thu 14 May 2026 06:25:09 +0000 Files and hashes: 1: 323430323a346632303a333a3a2f34382d3438203d3e20313331363330.roa (hash: ozfaF6UNRXIJr4rje21YQkFsoy4ZzNiP2wPtA0erUeY=) 2: 323430323a346632303a353a3a2f34382d3438203d3e20313331363330.roa (hash: bU1HQDuT0IRVu34E/RZMoTgSImGbDCROI5x6EQPDfzA=) 3: 323430323a346632303a313a3a2f34382d3438203d3e20313331363330.roa (hash: Oh96VvwrLrCqa8vzhQmqU/GuluZDVdXi8dtZT8NxrMk=) 4: 323430323a346632303a343a3a2f34382d3438203d3e20313331363330.roa (hash: K1744UKAf+z71qZv3nHhgAju8M4LXcw6dU0movyAPhI=) 5: 323430323a346632303a3a2f33322d3332203d3e20313331363330.roa (hash: 1HkzZ8xzmy/OZUVsiQY7oTz8Rgw5reF3WYzze2HTWVI=) 6: 3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.crl (hash: r9YrYsgtTcjjI2SieB9XYMKI+fOavFyHrYHxiAi1fJM=) 7: 323430323a346632303a3a2f34382d3438203d3e20313331363330.roa (hash: KzekJ1FxCbwk5Zs9JehhAtPibWkOWnoBzdyUiRP/X0w=) 8: 323430323a346632303a323a3a2f34382d3438203d3e20323133343238.roa (hash: s9oKXRbmyMlcGoDwcLYZ0mRlXD27VylhFpYrWppG6Cs=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/LAZCO/0/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.crl rsync://rpkica.twnic.tw/rpki/LAZCO/0/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 06:25:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:8a:91:9a:dc:75:ea:c9:cf:4c:bc:84:94:5c:9c:88:18:b1:97:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE Validity Not Before: May 13 05:32:09 2026 GMT Not After : May 14 06:25:09 2026 GMT Subject: CN=845C36AC913E84BE306D136DCDACED2E8B97D1B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:b7:a7:d6:f4:ae:02:3f:a7:dd:8b:3e:02:50: c2:d3:bd:53:11:76:bb:2a:d5:d2:8d:7f:a3:c8:df: f7:31:2c:ce:6f:38:2b:20:d0:85:8d:2c:67:40:25: 5b:1e:e1:11:b2:50:06:7e:13:20:15:20:35:18:7c: d1:cc:f9:cd:eb:37:c0:c8:07:66:bc:52:d1:a6:f9: d7:c5:bf:58:32:42:dc:d4:e2:cb:ee:a2:cd:24:09: 23:47:2c:9f:4c:e0:c8:37:a8:1f:18:9b:06:f4:59: 03:b2:fa:54:53:52:82:1e:75:24:9a:96:a5:bf:e5: 14:77:b2:7b:df:57:a6:3b:da:fa:1c:34:e0:a1:45: 41:7e:ec:05:3a:b9:e8:13:de:67:08:c1:5b:79:20: 1d:71:6b:9f:19:87:b1:d7:93:b2:1d:b4:0a:48:74: 1e:d8:97:14:ea:3c:b0:cb:b7:5a:a6:c6:61:4c:1c: a4:63:dc:56:4e:7e:72:9b:77:07:74:21:be:bc:6e: b2:ff:03:a6:24:11:41:69:b7:61:dd:e6:b8:16:7a: f3:f3:1f:57:8e:73:a6:78:fe:c2:14:aa:16:08:56: d2:4a:ed:9a:eb:9b:a5:ba:1e:c4:22:bc:e6:7c:ec: ba:47:18:e7:a8:e9:1a:28:9a:62:e8:fe:f2:72:93: b0:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:5C:36:AC:91:3E:84:BE:30:6D:13:6D:CD:AC:ED:2E:8B:97:D1:B4 X509v3 Authority Key Identifier: keyid:3F:2F:A0:E9:A9:B7:A3:64:D4:9A:2E:A6:1E:F3:89:67:09:C4:AD:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/LAZCO/0/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/LAZCO/0/3F2FA0E9A9B7A364D49A2EA61EF3896709C4ADAE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e2:8a:f8:b9:6d:84:e8:e1:f8:83:32:f2:42:b6:5b:40:b0:54: df:9b:d9:4b:b3:fe:fd:47:8e:c9:73:bf:71:9d:18:57:d5:85: 1b:99:ae:6b:24:eb:ea:45:fa:aa:6d:03:17:e6:91:37:91:ea: 74:16:bd:21:a4:e9:ec:32:b8:15:0b:71:43:df:da:9e:f8:2c: f6:23:ca:8a:91:dd:ea:22:36:4a:a9:21:1b:f2:ce:64:f8:d8: d8:27:c0:55:a8:60:38:15:a0:59:63:eb:13:48:61:41:c7:b6: 5c:84:79:d6:f2:68:9c:1a:d7:1d:93:21:a2:f2:17:2c:ed:55: b8:a0:b1:96:a7:cc:1a:7c:c3:55:68:dd:44:e2:a9:cf:e4:3e: 37:c3:45:ae:12:ca:cf:34:9e:63:a4:1c:08:1b:0e:9c:57:a8: 40:7d:05:ac:4b:da:b7:0f:f7:83:58:fc:71:13:5b:52:8a:39: 8e:50:03:1d:9c:f5:de:86:dd:0f:a5:6c:95:11:2a:fa:20:af: 7b:86:01:92:62:54:81:99:6b:b8:7f:bb:4f:f0:10:c9:0c:05: 08:b4:2d:e8:de:b0:83:ab:0f:71:bf:87:e0:6a:ab:2c:d7:e2: ef:1c:e4:03:30:8c:9b:6e:4b:3a:e0:7d:04:44:fd:6e:b3:a2: 48:22:ee:fa -----BEGIN CERTIFICATE----- MIIE4jCCA8qgAwIBAgIUD4qRmtx16snPTLyElFyciBixlwMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0YyRkEwRTlBOUI3QTM2NEQ0OUEyRUE2MUVGMzg5Njcw OUM0QURBRTAeFw0yNjA1MTMwNTMyMDlaFw0yNjA1MTQwNjI1MDlaMDMxMTAvBgNV BAMTKDg0NUMzNkFDOTEzRTg0QkUzMDZEMTM2RENEQUNFRDJFOEI5N0QxQjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+t6fW9K4CP6fdiz4CUMLTvVMR drsq1dKNf6PI3/cxLM5vOCsg0IWNLGdAJVse4RGyUAZ+EyAVIDUYfNHM+c3rN8DI B2a8UtGm+dfFv1gyQtzU4svuos0kCSNHLJ9M4Mg3qB8Ymwb0WQOy+lRTUoIedSSa lqW/5RR3snvfV6Y72vocNOChRUF+7AU6uegT3mcIwVt5IB1xa58Zh7HXk7IdtApI dB7YlxTqPLDLt1qmxmFMHKRj3FZOfnKbdwd0Ib68brL/A6YkEUFpt2Hd5rgWevPz H1eOc6Z4/sIUqhYIVtJK7Zrrm6W6HsQivOZ87LpHGOeo6RoommLo/vJyk7CpAgMB AAGjggHsMIIB6DAdBgNVHQ4EFgQUhFw2rJE+hL4wbRNtzaztLouX0bQwHwYDVR0j BBgwFoAUPy+g6am3o2TUmi6mHvOJZwnEra4wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTEFaQ08v MC8zRjJGQTBFOUE5QjdBMzY0RDQ5QTJFQTYxRUYzODk2NzA5QzRBREFFLmNybDBv BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS8xLzNGMkZBMEU5QTlCN0EzNjRENDlBMkVBNjFFRjM4 OTY3MDlDNEFEQUUuY2VyMG0GCCsGAQUFBwELBGEwXzBdBggrBgEFBQcwC4ZRcnN5 bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9MQVpDTy8wLzNGMkZBMEU5QTlCN0Ez NjRENDlBMkVBNjFFRjM4OTY3MDlDNEFEQUUubWZ0MBgGA1UdIAEB/wQOMAwwCgYI KwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADAVBggr BgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDiivi5bYTo4fiD MvJCtltAsFTfm9lLs/79R47Jc79xnRhX1YUbma5rJOvqRfqqbQMX5pE3kep0Fr0h pOnsMrgVC3FD39qe+Cz2I8qKkd3qIjZKqSEb8s5k+NjYJ8BVqGA4FaBZY+sTSGFB x7ZchHnW8micGtcdkyGi8hcs7VW4oLGWp8wafMNVaN1E4qnP5D43w0WuEsrPNJ5j pBwIGw6cV6hAfQWsS9q3D/eDWPxxE1tSijmOUAMdnPXeht0PpWyVESr6IK97hgGS YlSBmWu4f7tP8BDJDAUItC3o3rCDqw9xv4fgaqss1+LvHOQDMIybbks64H0ERP1u s6JIIu76 -----END CERTIFICATE-----Generated at Wed May 13 20:33:57 2026 by rpki-client