$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CLOUDBASE/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.mft File: Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.mft (raw, json) Hash identifier: jp11OOa4bRD5R7Bdz12Qcq/YPIKqTiupLzAKoWl1Mm8= Subject key identifier: 20:1D:7B:C2:8F:A7:DF:B7:19:29:5B:68:F0:DF:D7:92:6A:AE:4E:1C Authority key identifier: 49:FD:81:9B:DA:C0:16:62:B7:3E:AC:90:05:08:8C:D6:A3:B8:87:62 Certificate issuer: /CN=49FD819BDAC01662B73EAC9005088CD6A3B88762 Certificate serial: 59 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLOUDBASE/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.mft Manifest number: 58 Signing time: Sat 05 Jul 2025 01:32:07 +0000 Manifest this update: Sat 05 Jul 2025 01:32:07 +0000 Manifest next update: Sat 05 Jul 2025 07:32:07 +0000 Files and hashes: 1: GXThOm3WsYWPw4XJT1uwQydg9VE.roa (hash: B+dy3K2VPuQ9bWcxhUhgeRbJcSbZlFtxURogvW0vsBw=) 2: Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.crl (hash: Tl504rgfnXy5TLclcfgkqwBPcdDSR+it5Yf/40Xerio=) Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLOUDBASE/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CLOUDBASE/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 07:32:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 89 (0x59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49FD819BDAC01662B73EAC9005088CD6A3B88762 Validity Not Before: Jul 5 01:32:07 2025 GMT Not After : Jun 18 15:30:18 2026 GMT Subject: CN=201D7BC28FA7DFB719295B68F0DFD7926AAE4E1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:56:73:59:2d:b8:86:04:e8:1c:0b:0b:82:88: 3c:b9:4e:d2:4b:c2:cd:c9:d6:9a:11:63:a5:ed:94: 34:93:47:d1:47:14:e9:bb:a9:30:99:55:f2:16:78: 72:60:5b:33:f4:b8:88:75:4c:78:68:86:e9:e6:c6: c4:9c:32:e4:91:f5:7a:4f:ea:48:c4:bf:86:1c:ec: b3:41:1a:b7:05:ee:0d:fd:5c:51:4d:a3:33:c6:0b: f0:c2:e5:c9:80:de:79:d8:dd:e8:e5:4b:d6:e8:07: 58:34:b6:e0:6a:78:04:56:91:ef:4d:32:cd:b3:43: 35:7b:ae:1b:a9:7e:a9:6e:c1:2f:e2:ac:46:7a:6f: 7a:4e:93:85:c7:19:2f:ce:d5:b8:ee:ac:c0:36:48: b9:d0:ac:8f:96:c5:55:d6:c6:22:c0:6c:d6:e3:6f: d4:cc:a4:d1:7e:cc:bb:be:b9:f0:f0:84:1b:59:b5: 42:f2:02:38:5b:c9:9c:43:5e:e6:76:97:16:13:ee: df:3a:be:11:ea:4b:7e:2b:c6:99:bc:e3:90:75:e5: 66:09:7c:77:1d:2b:1d:48:b6:69:58:10:2d:e6:c5: 5b:28:d2:97:f0:e7:d2:bc:69:c4:73:65:42:79:bf: 2d:26:af:ce:40:c2:c7:92:5c:c4:9c:b3:de:b6:61: f8:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:1D:7B:C2:8F:A7:DF:B7:19:29:5B:68:F0:DF:D7:92:6A:AE:4E:1C X509v3 Authority Key Identifier: keyid:49:FD:81:9B:DA:C0:16:62:B7:3E:AC:90:05:08:8C:D6:A3:B8:87:62 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLOUDBASE/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLOUDBASE/Sf2Bm9rAFmK3PqyQBQiM1qO4h2I.mft RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b8:83:30:df:00:6f:8c:0c:ba:5b:b3:14:e3:d9:a0:04:eb:8e: 0d:a1:74:18:51:8b:f0:a9:4f:c2:22:2e:dc:95:c6:0a:1d:d4: d6:3f:1e:83:97:37:d9:f3:0a:ba:f9:ef:3c:94:d8:36:23:4f: 8d:5d:02:f0:d8:09:64:89:3a:3a:c3:93:bc:b1:4c:3b:c2:19: 1b:1a:3a:28:32:7c:82:57:97:42:ae:9a:3c:f5:a2:56:97:69: 4b:99:0e:b2:fa:06:39:5d:e9:a3:54:65:1f:fe:35:86:91:89: 1b:67:98:0f:a9:20:41:18:52:7a:2b:a1:01:96:8b:51:c2:94: a2:5c:2f:2d:8e:da:99:31:0c:ea:b3:6e:d0:80:8e:af:be:25: dc:bf:b9:62:c4:78:92:53:1c:71:10:4f:ca:1b:8d:a0:9c:c5: ca:12:60:e0:06:63:37:4b:37:9e:27:e3:d0:b5:1d:b5:62:1c: b3:d4:7f:03:52:1f:43:e5:4c:20:40:ba:94:b3:17:33:cb:c6: 54:8e:7f:ba:23:4d:b8:87:3a:fa:1b:d5:01:df:d4:92:2c:8f: b6:8c:01:5b:8d:05:a8:42:5e:46:d0:6e:1a:73:20:68:93:ac: 0d:d1:67:03:73:ee:90:18:5d:ae:08:65:a6:cf:f7:15:a8:85: a1:6d:ee:ce -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIBWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0OUZE ODE5QkRBQzAxNjYyQjczRUFDOTAwNTA4OENENkEzQjg4NzYyMB4XDTI1MDcwNTAx MzIwN1oXDTI2MDYxODE1MzAxOFowMzExMC8GA1UEAxMoMjAxRDdCQzI4RkE3REZC NzE5Mjk1QjY4RjBERkQ3OTI2QUFFNEUxQzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALFWc1ktuIYE6BwLC4KIPLlO0kvCzcnWmhFjpe2UNJNH0UcU6bup MJlV8hZ4cmBbM/S4iHVMeGiG6ebGxJwy5JH1ek/qSMS/hhzss0EatwXuDf1cUU2j M8YL8MLlyYDeedjd6OVL1ugHWDS24Gp4BFaR700yzbNDNXuuG6l+qW7BL+KsRnpv ek6ThccZL87VuO6swDZIudCsj5bFVdbGIsBs1uNv1Myk0X7Mu7658PCEG1m1QvIC OFvJnENe5naXFhPu3zq+EepLfivGmbzjkHXlZgl8dx0rHUi2aVgQLebFWyjSl/Dn 0rxpxHNlQnm/LSavzkDCx5JcxJyz3rZh+IsCAwEAAaOCAg0wggIJMB0GA1UdDgQW BBQgHXvCj6fftxkpW2jw39eSaq5OHDAfBgNVHSMEGDAWgBRJ/YGb2sAWYrc+rJAF CIzWo7iHYjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GA1UdHwRYMFYwVKBS oFCGTnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DTE9VREJB U0UvU2YyQm05ckFGbUszUHF5UUJRaU0xcU80aDJJLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9TZjJCbTlyQUZtSzNQcXlRQlFpTTFxTzRoMkkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBnwYIKwYBBQUHAQsEgZIwgY8wWgYIKwYBBQUHMAuGTnJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DTE9VREJBU0UvU2YyQm05ckFGbUsz UHF5UUJRaU0xcU80aDJJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3 bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBALiDMN8Ab4wMuluzFOPZoATrjg2hdBhRi/CpT8IiLtyVxgod1NY/HoOXN9nz Crr57zyU2DYjT41dAvDYCWSJOjrDk7yxTDvCGRsaOigyfIJXl0Kumjz1olaXaUuZ DrL6Bjld6aNUZR/+NYaRiRtnmA+pIEEYUnoroQGWi1HClKJcLy2O2pkxDOqzbtCA jq++Jdy/uWLEeJJTHHEQT8objaCcxcoSYOAGYzdLN54n49C1HbViHLPUfwNSH0Pl TCBAupSzFzPLxlSOf7ojTbiHOvob1QHf1JIsj7aMAVuNBahCXkbQbhpzIGiTrA3R ZwNz7pAYXa4IZabP9xWohaFt7s4= -----END CERTIFICATE-----Generated at Sat Jul 5 05:24:19 2025 by rpki-client