$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/0zC8ThN7FRLi5FBoBrhwpOqoYNc.mft File: 0zC8ThN7FRLi5FBoBrhwpOqoYNc.mft (raw, json) Hash identifier: kYgNTVU5Ka4yKrhxqt1WWjlzE5yt49WX2aqtRPgvupQ= Subject key identifier: 77:07:07:B2:FD:D8:7D:CE:E7:49:7A:C6:82:96:42:43:F8:98:38:9A Authority key identifier: D3:30:BC:4E:13:7B:15:12:E2:E4:50:68:06:B8:70:A4:EA:A8:60:D7 Certificate issuer: /CN=D330BC4E137B1512E2E4506806B870A4EAA860D7 Certificate serial: 013C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0zC8ThN7FRLi5FBoBrhwpOqoYNc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/0zC8ThN7FRLi5FBoBrhwpOqoYNc.mft Manifest number: 0138 Signing time: Mon 25 Nov 2024 18:24:58 +0000 Manifest this update: Mon 25 Nov 2024 18:24:58 +0000 Manifest next update: Wed 27 Nov 2024 18:24:58 +0000 Files and hashes: 1: 0zC8ThN7FRLi5FBoBrhwpOqoYNc.crl (hash: HKPGChhesty78sewrjv7p7d2J/3MoO/ZCITx52DWr5I=) 2: _yOUUfL2sWefXH1pZgVPXHWRoEw.roa (hash: QRTQJdzhBAAYh8RsMp3gJl0yer3P8lXksvLPuiTu9CQ=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/0zC8ThN7FRLi5FBoBrhwpOqoYNc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/0zC8ThN7FRLi5FBoBrhwpOqoYNc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/0zC8ThN7FRLi5FBoBrhwpOqoYNc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:55:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 316 (0x13c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D330BC4E137B1512E2E4506806B870A4EAA860D7 Validity Not Before: Nov 25 18:24:58 2024 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=770707B2FDD87DCEE7497AC682964243F898389A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:28:b9:82:cf:c5:d4:72:69:c6:f5:70:48:14: 0a:c1:74:e9:f2:9a:34:17:2b:3b:04:30:4a:0c:da: 27:91:c6:e5:6f:35:35:03:da:31:3c:e1:53:24:31: c5:97:ee:50:f9:02:71:04:88:08:11:9c:6e:b8:e8: d9:e6:8c:93:54:a2:d9:0a:3e:ed:37:ca:07:85:14: 3a:90:de:5b:6a:0f:21:d3:f8:a0:22:02:51:c5:58: f2:35:7a:16:0f:b0:c3:4d:ed:2f:41:9b:ec:b0:30: 47:14:ad:f6:0f:ac:97:42:6f:f7:6c:c0:60:56:2b: 7a:0b:91:e0:a2:6f:82:6d:4d:59:02:59:88:01:50: b2:28:e5:97:cd:a3:8c:09:68:0d:84:d7:b4:30:2b: 82:3b:68:5e:13:3d:c9:6f:6d:bd:c3:8c:0d:3e:6f: bd:61:6c:7e:97:65:0a:5e:01:7d:66:47:26:37:af: 1a:44:61:0c:43:93:00:e2:38:1f:c5:d6:37:42:49: a9:cd:bb:30:1e:a8:1c:b5:3a:f7:96:bb:e2:07:fc: a9:0b:e0:01:de:9f:e3:51:dd:57:71:bd:15:81:71: da:60:5b:a7:2e:0e:e5:2d:04:60:d7:c6:39:44:95: 84:a1:47:85:7c:dd:08:2c:5c:9d:93:45:78:7e:e1: 2e:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:07:07:B2:FD:D8:7D:CE:E7:49:7A:C6:82:96:42:43:F8:98:38:9A X509v3 Authority Key Identifier: keyid:D3:30:BC:4E:13:7B:15:12:E2:E4:50:68:06:B8:70:A4:EA:A8:60:D7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/0zC8ThN7FRLi5FBoBrhwpOqoYNc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0zC8ThN7FRLi5FBoBrhwpOqoYNc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BESTBASIS/0zC8ThN7FRLi5FBoBrhwpOqoYNc.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ca:fe:11:b7:4c:aa:6e:e0:43:84:c0:f3:d6:77:ff:5c:e6:e7: e3:37:42:be:79:54:87:71:bd:65:91:71:d7:9a:0b:b2:c9:78: 8f:15:4a:ab:de:ce:e9:ed:55:55:ac:26:b9:b6:be:ca:a0:c7: aa:89:8f:e2:1c:82:a9:f6:de:30:f8:d2:6f:90:df:50:80:c7: 52:f0:5a:e7:d4:e5:55:06:53:81:61:22:03:16:54:0f:5f:6a: d2:81:fa:8e:9f:c9:c1:78:64:8a:f8:72:9b:50:4e:50:6e:d0: 4a:cb:e2:27:73:9d:cd:b5:37:63:47:33:cf:78:18:43:49:e8: 64:3b:21:79:9e:3e:46:64:a2:78:6c:18:82:4b:65:26:98:41: cf:bd:43:90:40:0c:87:98:93:da:a3:ed:74:83:ad:ae:7e:b3: af:7a:06:9c:b7:6d:2a:cf:50:c7:47:ff:81:cf:ab:c8:2d:eb: 24:6d:92:f8:36:6e:c2:6f:14:40:d2:33:ac:b1:8c:d3:80:e3: b9:3a:cb:de:bb:0d:74:12:e9:13:51:db:52:bb:57:c0:53:d6: 62:fc:db:90:71:52:48:0e:96:f1:cd:c8:f8:48:45:e0:c6:60: ef:39:5f:65:5e:28:aa:22:bc:1f:1c:46:02:b9:db:41:6f:e8: cc:b0:1c:f1 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgICATwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDMz MEJDNEUxMzdCMTUxMkUyRTQ1MDY4MDZCODcwQTRFQUE4NjBENzAeFw0yNDExMjUx ODI0NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc3MDcwN0IyRkREODdE Q0VFNzQ5N0FDNjgyOTY0MjQzRjg5ODM4OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIKLmCz8XUcmnG9XBIFArBdOnymjQXKzsEMEoM2ieRxuVvNTUD 2jE84VMkMcWX7lD5AnEEiAgRnG646NnmjJNUotkKPu03ygeFFDqQ3ltqDyHT+KAi AlHFWPI1ehYPsMNN7S9Bm+ywMEcUrfYPrJdCb/dswGBWK3oLkeCib4JtTVkCWYgB ULIo5ZfNo4wJaA2E17QwK4I7aF4TPclvbb3DjA0+b71hbH6XZQpeAX1mRyY3rxpE YQxDkwDiOB/F1jdCSanNuzAeqBy1OveWu+IH/KkL4AHen+NR3VdxvRWBcdpgW6cu DuUtBGDXxjlElYShR4V83QgsXJ2TRXh+4S6hAgMBAAGjggINMIICCTAdBgNVHQ4E FgQUdwcHsv3Yfc7nSXrGgpZCQ/iYOJowHwYDVR0jBBgwFoAU0zC8ThN7FRLi5FBo BrhwpOqoYNcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQkVTVEJB U0lTLzB6QzhUaE43RlJMaTVGQm9Ccmh3cE9xb1lOYy5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvMHpDOFRoTjdGUkxpNUZCb0JyaHdwT3FvWU5jLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQkVTVEJBU0lTLzB6QzhUaE43RlJM aTVGQm9Ccmh3cE9xb1lOYy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAh BggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQDK/hG3TKpu4EOEwPPWd/9c5ufjN0K+eVSHcb1lkXHXmguyyXiPFUqr3s7p 7VVVrCa5tr7KoMeqiY/iHIKp9t4w+NJvkN9QgMdS8Frn1OVVBlOBYSIDFlQPX2rS gfqOn8nBeGSK+HKbUE5QbtBKy+Inc53NtTdjRzPPeBhDSehkOyF5nj5GZKJ4bBiC S2UmmEHPvUOQQAyHmJPao+10g62ufrOvegact20qz1DHR/+Bz6vILeskbZL4Nm7C bxRA0jOssYzTgOO5Osveuw10EukTUdtSu1fAU9Zi/NuQcVJIDpbxzcj4SEXgxmDv OV9lXiiqIrwfHEYCudtBb+jMsBzx -----END CERTIFICATE-----Generated at Mon Nov 25 20:56:25 2024 by rpki-client on console-fra.rpki-client.org