$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/1/8A19BD36D6C712FC09A46A1C0CF51816135AFEF4.cer File: 8A19BD36D6C712FC09A46A1C0CF51816135AFEF4.cer (raw, json) Hash identifier: Fpa2NRSwrK4pD3/Id2N8e+2aKTRHchkSgk2CauOAKQQ= Subject key identifier: 8A:19:BD:36:D6:C7:12:FC:09:A4:6A:1C:0C:F5:18:16:13:5A:FE:F4 Authority key identifier: DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D Certificate issuer: /CN=A91BDB290000/serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Certificate serial: 28116F0F5FB426FBF0887D2C78423E9566041E05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Manifest: rsync://rpkica.twnic.tw/rpki/WELLSERVE/0/8A19BD36D6C712FC09A46A1C0CF51816135AFEF4.mft caRepository: rsync://rpkica.twnic.tw/rpki/WELLSERVE/0/ Notify URL: https://rrdp.twnic.tw/rrdp/notification.xml Certificate not before: Mon 11 May 2026 16:00:50 +0000 Certificate not after: Mon 10 May 2027 16:05:50 +0000 Subordinate resources: AS: 131670 IP: 103.122.196.0/22 IP: 2403:93c0::/32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 15:26:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:11:6f:0f:5f:b4:26:fb:f0:88:7d:2c:78:42:3e:95:66:04:1e:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDB290000, serialNumber=DA632505767413A1409A3E33B99D256CDFB1901D Validity Not Before: May 11 16:00:50 2026 GMT Not After : May 10 16:05:50 2027 GMT Subject: CN=8A19BD36D6C712FC09A46A1C0CF51816135AFEF4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ed:88:d3:8a:3b:63:e8:22:60:df:eb:24:41: 36:f8:b9:a2:92:c7:8c:4a:10:e3:a9:57:b6:2e:b3: e6:4b:7a:0e:bc:14:84:5e:ea:24:c0:21:ee:c4:05: bb:06:97:15:17:35:44:f7:ac:d3:64:7f:aa:16:06: b5:7e:21:a6:b8:ed:e0:24:3d:b2:55:fa:ea:93:42: 76:3e:b6:cd:5e:eb:b6:fa:32:83:77:e1:2e:63:3a: c6:d0:74:b7:66:90:91:84:92:c1:26:92:25:50:e6: 6a:2d:f3:5a:fd:46:19:6b:44:07:97:b4:d3:16:09: fe:f1:8f:95:1e:01:b4:4c:38:99:d5:8c:4b:42:6b: f4:ea:f8:26:19:c1:9e:e5:eb:18:93:02:fb:9c:e6: d3:e8:fe:0e:6b:3e:1c:73:3c:df:d7:6e:70:e7:74: ce:bc:9b:75:fd:99:23:4d:cb:43:2f:45:69:ce:7f: e8:91:6b:9e:32:b4:55:6d:db:af:6c:14:f5:38:7d: d0:df:ac:d2:7f:a4:52:a8:22:1d:44:9b:6d:53:1b: 21:ce:46:63:9f:f0:2b:72:e8:60:86:8f:03:e0:68: 33:b1:ce:79:77:3f:c2:a9:df:f9:e6:82:7d:70:d9: 52:e1:d3:69:03:8d:c7:47:da:cf:2e:9d:03:61:ca: 7b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8A:19:BD:36:D6:C7:12:FC:09:A4:6A:1C:0C:F5:18:16:13:5A:FE:F4 X509v3 Authority Key Identifier: keyid:DA:63:25:05:76:74:13:A1:40:9A:3E:33:B9:9D:25:6C:DF:B1:90:1D X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer Subject Information Access: CA Repository - URI:rsync://rpkica.twnic.tw/rpki/WELLSERVE/0/ RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/WELLSERVE/0/8A19BD36D6C712FC09A46A1C0CF51816135AFEF4.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.122.196.0/22 IPv6: 2403:93c0::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 131670 Signature Algorithm: sha256WithRSAEncryption 9a:d6:35:40:25:07:86:7c:0a:88:23:d3:cc:fa:7e:9f:5e:a6: e1:e8:b2:3c:cb:87:25:38:f1:28:7c:7b:39:47:9c:e3:c8:5e: fd:24:1b:c4:d9:52:20:55:e0:55:c8:83:d9:e4:c6:7a:c1:73: 98:cd:df:b0:a3:98:f1:72:31:62:24:cd:67:cb:d3:3e:30:ad: 77:cd:cc:55:35:13:c8:bc:2e:0a:6b:22:cf:10:7a:67:08:31: 7a:4b:99:10:e7:6e:44:83:f6:fc:65:45:1d:56:22:9e:b5:75: b5:b5:94:bb:c5:61:ce:d6:b5:9c:3e:4f:b4:f6:76:79:cd:85: 11:bb:7f:85:6b:80:47:9a:1b:82:91:4f:0b:2b:bc:22:c7:ff: db:24:62:15:a6:fa:fd:19:29:b2:39:c9:5f:7c:84:fd:45:18: a0:7d:ed:5a:a5:dd:fe:9d:3f:22:ae:9d:6e:88:f5:ed:7c:13: fe:87:96:53:c3:2e:46:76:36:4d:08:93:bd:86:ad:8e:11:22: 39:74:19:4a:8a:29:8b:cc:ce:c8:6f:65:ca:85:b7:34:1a:a7: 55:58:31:6d:5b:7f:35:c9:7a:96:eb:43:16:e7:3c:c8:43:af: 47:84:b1:68:2e:ee:d2:64:58:b7:14:29:d2:9f:5a:4b:c8:6d: a4:66:98:15 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgIUKBFvD1+0JvvwiH0seEI+lWYEHgUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQkRCMjkwMDAwMTEwLwYDVQQFEyhEQTYzMjUwNTc2 NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFEMB4XDTI2MDUxMTE2MDA1MFoX DTI3MDUxMDE2MDU1MFowMzExMC8GA1UEAxMoOEExOUJEMzZENkM3MTJGQzA5QTQ2 QTFDMENGNTE4MTYxMzVBRkVGNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANHtiNOKO2PoImDf6yRBNvi5opLHjEoQ46lXti6z5kt6DrwUhF7qJMAh7sQF uwaXFRc1RPes02R/qhYGtX4hprjt4CQ9slX66pNCdj62zV7rtvoyg3fhLmM6xtB0 t2aQkYSSwSaSJVDmai3zWv1GGWtEB5e00xYJ/vGPlR4BtEw4mdWMS0Jr9Or4JhnB nuXrGJMC+5zm0+j+Dms+HHM839ducOd0zrybdf2ZI03LQy9Fac5/6JFrnjK0VW3b r2wU9Th90N+s0n+kUqgiHUSbbVMbIc5GY5/wK3LoYIaPA+BoM7HOeXc/wqnf+eaC fXDZUuHTaQONx0fazy6dA2HKe+MCAwEAAaOCApcwggKTMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIoZvTbWxxL8CaRqHAz1GBYTWv70MB8GA1UdIwQYMBaAFNpj JQV2dBOhQJo+M7mdJWzfsZAdMA4GA1UdDwEB/wQEAwIBBjBkBgNVHR8EXTBbMFmg V6BVhlNyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvMS9EQTYz MjUwNTc2NzQxM0ExNDA5QTNFMzNCOTlEMjU2Q0RGQjE5MDFELmNybDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi8ybU1sQlha MEU2RkFtajR6dVowbGJOLXhrQjAuY2VyMIHjBggrBgEFBQcBCwSB1jCB0zA1Bggr BgEFBQcwBYYpcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9XRUxMU0VSVkUv MC8wYQYIKwYBBQUHMAqGVXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvV0VM TFNFUlZFLzAvOEExOUJEMzZENkM3MTJGQzA5QTQ2QTFDMENGNTE4MTYxMzVBRkVG NC5tZnQwNwYIKwYBBQUHMA2GK2h0dHBzOi8vcnJkcC50d25pYy50dy9ycmRwL25v dGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEF BQcBBwEB/wQfMB0wDAQCAAEwBgMEAmd6xDANBAIAAjAHAwUAJAOTwDAaBggrBgEF BQcBCAEB/wQLMAmgBzAFAgMCAlYwDQYJKoZIhvcNAQELBQADggEBAJrWNUAlB4Z8 Cogj08z6fp9epuHosjzLhyU48Sh8ezlHnOPIXv0kG8TZUiBV4FXIg9nkxnrBc5jN 37CjmPFyMWIkzWfL0z4wrXfNzFU1E8i8LgprIs8QemcIMXpLmRDnbkSD9vxlRR1W Ip61dbW1lLvFYc7WtZw+T7T2dnnNhRG7f4VrgEeaG4KRTwsrvCLH/9skYhWm+v0Z KbI5yV98hP1FGKB97Vql3f6dPyKunW6I9e18E/6HllPDLkZ2Nk0Ik72GrY4RIjl0 GUqKKYvMzshvZcqFtzQap1VYMW1bfzXJepbrQxbnPMhDr0eEsWgu7tJkWLcUKdKf WkvIbaRmmBU= -----END CERTIFICATE-----Generated at Wed May 13 19:58:12 2026 by rpki-client